Category: Mail / Communication / Groupware

what if – instead of security – Google wants mass surveillance and a direct uplink to the US-Pentagon to blow all “terrorists” (basically anyone who is against Google) to hell? What if? as long as EVIL pays off (incentive) this […]

second take on trying to get a xmpp server (OpenFire, Java) client (Pidgin, C (C#, Perl, Python, Tcl are used for plugins)) up and running. at least this time with partial luck (was able to login via pidgin) but it […]

1984 mass surveillance: for a better world? as people might have noticed: privacy is survival critical when a state becomes tyranny. WARNING! violent and disturbing! but highly recommend to anyone to watch it – at least once – the “middle […]

https://theintercept.com/2020/04/03/zooms-encryption-is-not-suited-for-secrets-and-has-surprising-links-to-china-researchers-discover/ hm…. let me think where one has seen this before: TELEGRAM! Zoom’s service is “not suited for secrets” “The researchers also found that Zoom protects video and audio content using a home-grown encryption scheme, that there is a vulnerability […]

  update: Emotet trying to spread by WIFI since 2018 https://thehackernews.com/2020/02/emotet-malware-wifi-hacking.html BUT ALSO VIA PDF! on the heise security conference last year was said: Virus Scanners since around 10 years are not sufficient anymore. (heise a computer focused news outlet […]

what IT can learn from nature: (src) mostly US users affected. Big Business: Big Companies and Big Money can afford Big Staff to maintain and secure their products, but they also provide Big Infrastructure (AWS, Office) and thus a single […]

Mail Server (MTA) Market share: Server Type Number of Servers Percent Exim 507,200 57.13% Postfix 308,036 34.70% Sendmail 34,948 3.94% MailEnable 18,921 2.13% MDaemon 7,464 0.84% Microsoft 4,706 0.53% IMail 1,375 0.15% CommuniGate Pro 1,263 0.14% XMail 783 0.09% Qmail […]

TLS v1.1 is labeled insecure, TLS v1.2 is current, TLS v1.3 is about to become current. the (e)mail system from 1972 (slightly modified) is still the #1 communication channel, if one believes one’s surveys. The current approved version of TLS […]

Warum VoIP? Viele Anbieter von LTE z.B. bieten gar keine Festnetz-Telefonie an, sondern nur Internet. (das zum Teil (nicht günstiger) aber schneller (und schnurloser via Handy-Netz) als die Telekom (4G/LTE/UMTS)). D.h. man braucht dann noch einen weiteren Anbieter der die […]

don’t be evil “Google controls about 62% of mobile browsers, 69% of desktop browsers, and the operating systems on 71% of mobile devices in the world. 92% of internet searches go through Google and 73% of American adults use YouTube. […]

Pwn2Own 2020: opening a pdf can be enough to compromise system! https://youtu.be/u1udr7j9MQA?t=359 thank you ccc you are doing a lovely work – make this planet more interesting by creativity and more informed about security 🙂 keep it up 🙂 https://cdn.media.ccc.de/events/gpn/gpn19/h264-hd/gpn19-45-eng-BADPDF_-_Stealing_Windows_Credentials_via_PDF_Files_hd.mp4 […]

What is the problem? Microsoft just came up with another closed standard file format…  Microsoft’s proprietary TNEF (Transport Neutral Encapsulation Format) often named winmail.dat or win.dat, and has a MIME type of Application/MS-TNEF is a proprietary email attachment format used […]

google’s security lab “project zero“ has made itself a name. (you can subscribe to their rss feed with thunderbird.) Posted by Ben Hawkes, Project Zero (team lead) (2019-05-15) Project Zero’s team mission is to “make zero-day hard”, i.e. to make […]

one week downtime – they got backups and are not planing on paying the ransome. “Norwegian oil and gas and metallurgical Corporation Norsk Hydro was hit by the encoder LockerGoga — to stop the spread of malware, IT-specialists had to […]

RSS-Feeds are files.xml, which are auto-generated by CMS like WordPress. It can be subscribed to with an RSS-Client Software. Thunderbird (the Mail program) for example (tested on version 60.6.4 and above) has a pretty convenient functionality to stay up to […]

  this mail looks so convincing… i bet it gets a high “return” rate. mail is fundamentally broken system – that’s why Google keeps cranking up requirements to send mail to Google and one day it will probably deny ALL […]

Firefox: einfach auf die Links klicken, dann auf “Add” to Firefox… und nochmal mit “OK” bestätigen. Neue Rechtschreibung: https://addons.mozilla.org/en-US/firefox/addon/german-dictionary/ Alte Rechtschreibung: https://addons.mozilla.org/en-US/firefox/addon/german-dictionary-de_de-for-sp/ … jetzt kann man(n)/Frau auf jeden beliebigen Text eines Formulares R-Click und … sich nie wieder vertippen X-D […]

please see: https://dwaves.de/2019/01/08/fail2ban-manually-ban-and-unban-ip/

you COULD use imapsync actually… but it failed me with some obscure error. rsync is NOT a good idea… because dovecot/thunderbird/icedove does not rebuild index files/folder structure. the solution is actually simple: use thunderbird/icedove your mail client! create same mail […]

check the logs: i can highly recommend a colorful log output: yum install ccze; # rpm based apt install ccze; # apt based and this script that will “follow” all changes to all logfiles on your system… vim /scripts/mon_all_logs.sh #!/bin/bash […]

“server has disconnected The server may have gone down or there may be a network problem” is shown – but the mail is send anyway. strange enough: the error message is misleading – this is not a server problem – […]

THERE IS NO PGP ATTACK VECTOR! PGP IS SANE! the problem is the mail client: so mail clients SHOULD disable loading of external or embedded content for encrypted mails. “Email clients are usually configured to automatically decrypt the content of […]

https://dwaves.de/2014/01/27/send-encrypted-e-mail-with-thunderbird-and-enigmail-and-pgp-in-5-minutes/ Great work guys! https://enigmail.net/ Was gibt es Neues in Enigmail v2.0? Willkommen bei der neuen Enigmail-Version 2.0! Die Version enthält viele neue und geänderte Funktionen. Bitte nehmen Sie sich eine Minute Zeit, um zu erfahren, was es Neues gibt: […]

When you reserve a new domain – and the registrar asks you for your (personal?) mail to be published in the whois database. You better give it a mail address designated for spam. I just received a spam letter at […]

first of all – thanks for this cool mail client 🙂 i really love icedove / thunderbird. A very cool feature that i am missing – it’s nice that imap can syn mail accounts – and i really love that […]

the mail system is a very broken and corrupted system. sending-addresses can be forged – spam from all over the world is flooding the mailboxes – viruses get attached… nobody trusts attachments anymore. it’s a completely newly C++ developed mailserver […]

exim is one of the most used MTAs on mail-enabled servers on the internet and default on Debian/Ubuntu(?). Original author(s) Philip Hazel (started 1995) Developer(s) The Exim Maintainers Thus you can expect hackers, crackers and NSA to target it. Exim […]

sending a mail with fake “from:” to existing.com telnet existing.com 25 Trying 78.46.249.71… Connected to existing.com. Escape character is ‘^]’. 220 existing.com ESMTP Exim 4.84_2 Mon, 31 Jul 2017 11:41:29 +0200 EHLO SMTP.example.net 250-existing.com Hello hsi-kbw-5-158-158-169.hsi19.kabel-badenwuerttemberg.de [5.158.158.169] 250-SIZE 52428800 250-8BITMIME […]

install firefox app and test it for free here: https://appr.tc/ When Browsers start to talk to each other – Open Source HTML5 based Web Video Audio Conferencing WebCam ScreenSharing – Collaboration over internet WebRTC (“Web Real-Time Communication“) enables applications such […]

a hacked e-mail account is a catastrophe – look at Hillary. telnet dwaves.de 25; # a simple telnet tells you that this server is running Trying 78.46.249.71… Connected to dwaves.de. Escape character is ‘^]’. 220 dwaves.de ESMTP Exim 4.XX_X Tue, […]