• Welcome to Peterborough Linux User Group (Canada) Forum.
 

China accused of hacking into Microsoft Exchange email service

Started by ssfc72, July 20, 2021, 08:36:36 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

ssfc72

https://www.bbc.com/news/world-asia-china-57898147

I had to change my password on my Microsoft Hotmail email account because I was getting dozens of bounced emails showing up in my email account and they had my Hotmail address as the sender.
Once I changed my password, this problem stopped.
I never did get a notice from Microsoft, saying that their email service had been hacked and to change my password.

Quote from the article.
"Microsoft's Exchange system powers the email of major corporations, small businesses and public bodies worldwide. The hack affected at least 30,000 organisations."

Maybe it is time for me to move my email account, to the ProtonMail email service, with their encryption feature.
Mint 20.3 on a Dell 14" Inspiron notebook, HP Pavilion X360, 11" k120ca notebook (Linux Lubuntu), Dell 13" XPS notebook computer (MXLinux)
Cellphone Samsung A50, Koodo pre paid service

Jason

Your experience is disturbing. I don't know if Hotmail is done through Exchange servers but it certainly seems too coincidental in this case.

In any case, I'd prefer more people use encrypted mail services, some of which are free for limited uses or fairly cheap. But of course, the encryption only works (at least, easily) if both users are using encryption. There is a way for most encrypted email services to send an encrypted email but it requires the receiver to click o a URL that takes them to a website where they enter a password you've already given them.

It's not as pretty as Protonmail, but Tutanota gives you fewer limitations on their free account. You get 1 GB of storage and no per-day limit. Protonmal has 500 MB storage and 150 messages per day limit which might be fine depending on what you need it for. Tutanota's paid accounts are much cheaper. So the interface is alright, Tutanota is better. I have a paid account which is 1 euro a month (paid annually).
* Zorin OS 17.1 Core and Windows 11 Pro on a Dell Precision 3630 Tower with an
i5-8600 3.1 GHz 6-core processor, dual 22" displays, 16 GB of RAM, 512 GB Nvme and a Geforce 1060 6 GB card
* Motorola Edge (2022) phone with Android 13

Jason

Did you want to use an encrypted email to protect your emails or because you think it's less likely to be broken into like your Hotmail likely was?
* Zorin OS 17.1 Core and Windows 11 Pro on a Dell Precision 3630 Tower with an
i5-8600 3.1 GHz 6-core processor, dual 22" displays, 16 GB of RAM, 512 GB Nvme and a Geforce 1060 6 GB card
* Motorola Edge (2022) phone with Android 13

ssfc72

I was interested in the Protonmail email service due to the encrypt feature, with the thought that all email on their servers would be encrypted. That would be good in the event someone/foreign state hack was successful of the email service.
However, you said the encryption only happens if the email sender and receiver both use Protonmail, so that would not be of much use to me, other than the Protonmail service is quite small compared to Gmail or Outlook/Hotmail and the hackers would target the larger email services.
Mint 20.3 on a Dell 14" Inspiron notebook, HP Pavilion X360, 11" k120ca notebook (Linux Lubuntu), Dell 13" XPS notebook computer (MXLinux)
Cellphone Samsung A50, Koodo pre paid service

Jason

Quote from: ssfc72 on July 22, 2021, 02:10:24 AM
However, you said the encryption only happens if the email sender and receiver both use Protonmail, so that would not be of much use to me, other than the Protonmail service is quite small compared to Gmail or Outlook/Hotmail and the hackers would target the larger email services.

Sorry, I should have been more clear. The email messages that are stored on the server are encrypted.

What I meant was that if you want to send an encrypted message to someone, they also need to be using the Protonmail server unless you agree on a password that you use and then it sends a link they click on and enter that password to read the message.

So, to reiterate, all your email on the server is encrypted regardless of if you send or receive an encrypted or non-encrypted email. So, if that's what you're looking for, Protonmail or Tutanota would be great. Tutanota just gives you more messages and a cheaper Premium account if you went that way. Tutanota also has an encrypted calendar but I think Protonmail has that, too. Both also use Open Source code.
* Zorin OS 17.1 Core and Windows 11 Pro on a Dell Precision 3630 Tower with an
i5-8600 3.1 GHz 6-core processor, dual 22" displays, 16 GB of RAM, 512 GB Nvme and a Geforce 1060 6 GB card
* Motorola Edge (2022) phone with Android 13

ssfc72

Mint 20.3 on a Dell 14" Inspiron notebook, HP Pavilion X360, 11" k120ca notebook (Linux Lubuntu), Dell 13" XPS notebook computer (MXLinux)
Cellphone Samsung A50, Koodo pre paid service