Offensive e-mail from Plusnet

Just got an e-mail from Plusnet about their security issue on webmail.

It included an offensive paragraph attempting to lecture to me on security issues:

"This incident has highlighted the importance of keeping systems as secure as possible. It is important to ensure that you always have the latest operating system updates and patches installed. Windows users can obtain these by visiting Windows Update, which is linked to from the Tools menu of Internet Explorer. We always recommend the use of fully up-to-date third-party anti-virus, firewall and Internet security software, particularly for Microsoft Windows users."

When will Plusnet stop trying to upset its customers???

seems like reasonable advice put over in balanced tones to me.

You, I and I would hope most of the posters here take security very seriously.

Plusnet will see the consequences of people who do not on a daily basis from the problems of people with compromised PCs which start spewing out spam or trying to attack other users in the same subnet.

That paragraph was aimed at them.

Correct me if I am wrong but this whole issued stemmed from Plusnet and flaws in their security.

Now while I agree with the paragraph in the email i think the circumstances in which it was sent is a little ironic and to me is trying to absolve Plusnet of responsibility.

People in glass house and all that....

Edited by deleted (Thu 17-May-07 09:45:22)

" that you always have the latest operating system updates and patches installed."

No sense these people, they could have used inclusive stuff, like 'that we always' rather than 'that you always', which gives the sermon type feel to these comments. 6foot above contradiction as used to be said about preachers.

Hi,

While I understand where you're coming from... but...users, where possible should alway help themselves by at least having patched installed and anti-virus software.

The blame game doesn't always help and usually isn't the whole story.

For example, say the issue is with the atmail software plusnet use and that's how "they" got in to the system. Who's fault is that? PlusNet or atmail? PlusNet bought the product and no-doubt assume it's secure. atmail write their code and make it as secure as they can, *at the time*.

But look:
http://terra.calacode.com/mail/docs/changelog.html

"5.03 Release - 16th May 2007"
Added session check to xxxxx.xxx when redirecting URL's, validate a user session is logged in to prevent spam abuse via URL redirects.

Now, if plusnet don't upgrade to this version... yep, they'd be at fault but as you can see, the above was only released yesterday!

Users have to really take some resposabilty here, myself included and I do.

What's important is that both ISP and users learn from this and not just pull each other to pieces about it.

... and perhaps that patch is as a result of the attack on Plusnet.

In reply to:

---

and perhaps that patch is as a result of the attack on Plusnet

---

Make sense. So, not really PlusNet's fault... coding error possibly.. but more likely some malware group just tried to do something un-expected, found a hole in the software and had a field day.

For interest, atmail seems pretty secure really:
http://secunia.com/search/?search=atmail&sort_by=title

Internet Explorer:
http://secunia.com/search/?search=internet+explorer&w=0

FireFox:
http://secunia.com/search/?search=firefox&w=0

Windows XP:
http://secunia.com/search/?search=windows+xp&w=0

Keeping software up-do-date sounds good

Cheers,

Steve

It could be, but this wasn't spam abuse via redirects. They compromised the backend database.

I agree with the sentiment, but it is a good time to remind users of security, especially as the previous Trojan would not impact anyone who had Windows up to date.