Webmail more prone to hacking or virus than dedicated program?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Any views?

Re: Webmail more prone to hacking or virus than dedicated program?

cryptogram wrote:

Quoted text here. Click to load it

Please place your question in the body of the post, as well as using a
suitable subject line. Thanks for your consideration.

Webmail:  hacking  (because you may have a weak password or fell for some
social engineering)

Dedicated email client:  virus (or more accurately, a trojan...)

--
   -bts
   -This space for rent, but the price is high

Re: Webmail more prone to hacking or virus than dedicated program?


Quoted text here. Click to load it

Social engineering is possible there as well. If the client renders html
and the user is click happy. Webmail is vulnerable not only from client
side hacking, but server side as well.
 



--
Character is doing the right thing when nobody's looking. There are too
many people who think that the only thing that's right is to get by, and
the only thing that's wrong is to get caught. - J.C. Watts

Re: Webmail more prone to hacking or virus than dedicated program?


Quoted text here. Click to load it

Yes, what BTS stated.  Through man in the middle, phishing/Social
Engineering, web site vulnerabilities and other sources of compromising the
account leads webmail more prone to being hacked.


--
Dave
Multi-AV Scanning Tool - http://multi-av.thespykiller.co.uk
http://www.pctipp.ch/downloads/dl/35905.asp


Re: Webmail more prone to hacking or virus than dedicated program?

cryptogram wrote:
 
Quoted text here. Click to load it

Pop3 login attacks also happen.  Just how common they are, and how
successful, I don't know.

pop3 login-attack stats:
http://groups.google.com/group/alt.spam/browse_thread/thread/5b4329642e467fed

pop3 login attack stats: Analysis of login-names used (2007 - 2010):
http://groups.google.com/group/alt.spam/browse_thread/thread/370eae8a2f00e5a4

Re: Webmail more prone to hacking or virus than dedicated program?

cryptogram wrote:
Quoted text here. Click to load it
Could you rephrase the question?

Are you comparing Webmail to a dedicated program (I assume local client
software) or are you comparing a hack/crack to a virus?

Re: Webmail more prone to hacking or virus than dedicated program?

On Sunday, 20 May 2012 02:33:55 UTC+1, FromTheRafters  wrote:
Quoted text here. Click to load it

Both really. Each type of mail has its advantages and disadvantages, but I
wondered about the relative security in all ways between the two.

Re: Webmail more prone to hacking or virus than dedicated program?

On Sat, 19 May 2012 22:28:10 -0700 (PDT), cryptogram

Quoted text here. Click to load it

    There is the time factor. Email clients tend to log on and off
very quickly, webmail usually stays open and auto-refreshing for
hours, sometimes.
    Sniffing would be harder with an email client. Less data
exchanged, less packets to examine.
    []'s
--
Don't be evil - Google 2004
We have a new policy - Google 2012

Re: Webmail more prone to hacking or virus than dedicated program?

cryptogram wrote:

Quoted text here. Click to load it


If you are considering web-mail vs "client" mail, then I assume you
might have the ability (or are contimplating) running your own mail
server (because if not, then what are your choices for client-mail?
Your ISP?  Hotmail / Gmail via pop or imap?)

If you're considering any form of client-mail where the server also
offers web-based mail access, then as far as server-side exploitation
and hacking goes you're no further ahead.

Something else to consider with large-scale e-mail providers
(client-based or web-based, ISP or free-mail) is that they are operating
under laws that might compel them to archive your mail and provide it to
law enforcement when requested.  If you operate your own server then the
issue is less clear in that regard.

Re: Webmail more prone to hacking or virus than dedicated program?


Quoted text here. Click to load it

Sadly, I think the new laws apply to individuals who run their own servers
as well. Nothing really stopping you from misconfiguring it so that it
doesn't archive or keep logs of it's activities. As really, you're running
a server from home. You aren't doing it professionally, so you could slide
once on this excuse.

Your ISP might not want you running local servers tho. That's a grey area
I think tho.


--
Character is doing the right thing when nobody's looking. There are too
many people who think that the only thing that's right is to get by,
and the only thing that's wrong is to get caught. - J.C. Watts

Re: Webmail more prone to hacking or virus than dedicated program?


Quoted text here. Click to load it

You have to have a "business" level account to run a server otherwise it would
violate the
ToS/AUP of a residential account.



--
Dave
Multi-AV Scanning Tool - http://multi-av.thespykiller.co.uk
http://www.pctipp.ch/downloads/dl/35905.asp



Re: Webmail more prone to hacking or virus than dedicated program?

On Sunday, 20 May 2012 18:32:09 UTC+1, Virus Guy  wrote:
Quoted text here. Click to load it

No, I'm not contemplating this. I just wanted to know if using an email client
like Thunderbird is more or less likely to suffer hacking or virus/malware
attacks than webmail.


Re: Webmail more prone to hacking or virus than dedicated program?

cryptogram wrote:
 
Quoted text here. Click to load it

If your machine is comprimized by some sort of back-door trojan or
botnet software, then most probably any username/password you enter for
*anything* will be leveraged by third parties.  

If you're using a less-well-known client that performs auto-login (could
be for e-mail, could be some other program like a web-cam viewer) then
if your credentials are already stored (.ini file, registry) then a
trojan might not be looking for those credentials - or know how to find
them or even know how to scan your inbound/outbound data stream for
them.  This is a weakness of keyboard input for credentials - a
keylogger is easy to deploy and capture that data.

Re: Webmail more prone to hacking or virus than dedicated program?

cryptogram wrote:
Quoted text here. Click to load it

Well as for viruses, true viruses can come to your computer in any of
the ways that any other program can (in this case attachments) so I
think it is about the same for both types of e-mail.

Aside from that, it probably depends upon the software being used in
each case and the capabilities of the user. A webmail password being
successfully guessed at gives the intruder the ability to create and
send mail as well as read and get your contact list.

I prefer a local client over having my information residing on a
computer I have no control over.

Re: Webmail more prone to hacking or virus than dedicated program?

On Monday, 21 May 2012 00:17:00 UTC+1, FromTheRafters  wrote:
Quoted text here. Click to load it


Thanks for your help everyone. I can see that there's no simple answer.

Site Timeline