top
International
International
Indybay
Indybay
protest cheer
indybay menu
category menu
publish menu
Indybay
Regions
Indybay Regions North Coast Central Valley North Bay East Bay South Bay San Francisco Peninsula Santa Cruz IMC - Independent Media Center for the Monterey Bay Area North Coast Central Valley North Bay East Bay South Bay San Francisco Peninsula Santa Cruz IMC - Independent Media Center for the Monterey Bay Area California United States International Americas Haiti Iraq Palestine Afghanistan
Topics
Newswire
Features
Home
About
Contact
Subscribe
Calendar
Publish
Donate
From the Open-Publishing Calendar
From the Open-Publishing Newswire
Indybay Feature

HIDDEN

The following post may have been a test post, a duplicate, or could have been hidden if it violated this site's Points of Unity. If you think this item should not have been hidden, first make sure it wasn't posted twice and you were just unable to find the other copy of the post. If that was not the case, you can contact the editorial collective by e-mailing indybay@lists.riseup.net.

Riseup Failing To Close Security Loophole

by eLBe Sat, Sep 29, 2018 12:49PM
Riseup Management is currently failing to close a security loophole enabling an attacker to manipulate Riseup user´s emails while they are being composed. The problem is concerning the multiple login feature, which does not only allows users to pursue more than one login at the same time, for whatever purpose this may be useful, but also enables a certain type of attacker to interfere with email composition in ways which do not immediately stand out as third party abuse. With multiple login possibility, a tbtfbf attacker with the capability to steal passwords could produce communication lapses which would instead appear as a lack of awareness by the user, causing disturbances and disruptions on both sender and recipient sides, and in the worst case loss of vital content without clear evidence what caused it. For example, in an email to a barrister a court document might get lost, and the order would not be fulfilled in time; and in the worst case a Riseup user might imagine it had been its own fault.
https://tinyurl.com/lb-artikel
Support Independent Media
We are 100% volunteer and depend on your participation to sustain our efforts!

Donate

$35.00 donated
in the past month

Get Involved

If you'd like to help with maintaining or developing the website, contact us.

Publish

Publish your stories and upcoming events on Indybay.

Regions
North Coast
Central Valley
North Bay
East Bay
South Bay
San Francisco
Peninsula
Santa Cruz
California
US
Topics
Animal Lib
Anti-War
Arts + Action
Drug War
Education
En Español
Environment
Global Justice
Government
Health/Housing
Immigrant
Labor
LGBTI / Queer
Police State
Racial Justice
Womyn
International
Americas
Haiti
Iraq
Palestine
Afghanistan
More
FAQ
Make Media
Get Involved
Photo Gallery
Feature Archives
Fault Lines
Links
Search Indybay's Archives
Advanced Search
IMC Network
© 2000–2024 San Francisco Bay Area Independent Media Center. Unless otherwise stated by the author, all content is free for non-commercial reuse, reprint, and rebroadcast, on the net and elsewhere. Opinions are those of the contributors and are not necessarily endorsed by the SF Bay Area IMC.
Disclaimer | Copyright Policy | Privacy | Contact | Source Code