Xiaxue’s Blog Got Hacked
From the last post : “I need your help, my smart blog readers. This hacker deleted all 3,000 emails of mine, as well as all my blog entries of 2 years. This is very serious. He could have copies of all my emails, which contain private and sometimes classified information about companies as well as individuals”, Singapore’s popular blogger Wendy Cheng reports.
“I want to file a police report, and I want to catch him.” [Read what happened]
“3 years of painstaking effort wiped out, just like this.”
I think one way or the other there should be backups from servers. And I think you should be able to get that info back, in cases like these.
After all, Xiaxue has written the info during two years on her blog. Could anyone at Blogspot try to recover this?
[See Google’s Cache of Xiaxue’s blog]
The problem with the GMail account is pretty serious too. There’s something we didn’t see before. People are ‘urged’ to stock their emails, to never delete them. That makes a pretty large collection over time and with no backups… your faith lies in the hands of Google. If somebody hacks the account, you lose your entire mail history.
I haven’t found it myself, but is there a backup function in GMail? Are there mirrors of the mailservers? Probably not, because it would increase the needed serverspace exponentially. Still. It’d be a great feature for GMail.
Is there a way to export, without having to forward mail by mail?
Wow, good points mentioned. This is a very scary wake-up call…
Comment by Devin | July 21, 2005
actually you can use the pop3 function to download the mails to your local computer. Dont forget to select the option “Keep Gmail’s copy in the inbox” in “When messages are accessed with POP” property under POP3 in the gmail settings. .
Comment by Saravanan | July 21, 2005
Good point, I overlooked the pop3 function.
However that only solves part of the problem.
A lot of people use GMail only, for the purpose of comfort. Having all those users set up local clients that mirror GMail is perhaps a bit too farfetched. I don’t know.
Also, what about people who have office jobs and use GMail with personal intentions? Suppose they prefer not to keep data at their home pc to protect their privacy from other family-members.
Separating GMail’s forwarded mail from the regular-family account requires already some configuration knowledge.
What if you live in a student home? If the computer’s ’shared’, you can’t expect everyone to download their mails, that too would require some organizing.
Perhaps it’s wrong to expect the provider of a service to keep backups, but I wonder if they do. And if they have backups, would they be used for cases like Xiaxue’s?
Comment by Coolz0r | July 21, 2005
All the more reason people should use harder to crack passwords and change them more often.
Your “read what happened” link is broken, but it would appear you’re saying her blogspot and gmail accounts were compromised. I doubt it’s due to fault in the security system on either service, more likely a weak password … than some ‘evil hax0r’ breaking in.
I’m not saying it’s the case here necessarily, but I’m not going to feel bad when someone uses “god” as their password for 5 years then wonders where all their data is.
Comment by matt | July 22, 2005
Indeed it’s broken. Weird, because the old blog also seems to be restored.
Yesterday, there was no blog at all, but some post stating the blog was hacked, and now all entries until the 19th are back to view. The archive doesn’t show the posts about the hacking anymore.
http://xiaxue.blogspot.com/
I wonder if the e-mails came back too…
Comment by Coolz0r | July 22, 2005
i agree with matt on this. Security is as weak as its weakest link. so user is also have to be careful while choosing the passwords. even a weak password can break a secure system. it seems she had a weak password for her email and her passwords for gmail and hotmail are same. if a evil google or microsoft employee or any hacker finds out her password then they can log into other accounts also.
>>Also, what about people who have office jobs and use GMail with personal intentions? Suppose they prefer not to keep data at their home pc to protect their privacy from other family-members.
Separating GMail’s forwarded mail from the regular-family account requires already some configuration knowledge. What if you live in a student home? If the computer’s ’shared’, you can’t expect everyone to download their mails, that too would require some organizing.
One has to spend some effort in protectind their data if they dont/cant trust anybody. One easything to do is download the mails and burn it into a CD and lock it in a locker. if they cant do that, then there is no use in complaining service providers or others.
>>Perhaps it’s wrong to expect the provider of a service to keep backups, but I wonder if they do. And if they have backups, would they be used for cases like Xiaxue’s?
Most of the big service providers will do a backup regularly. They can restore the database in case of a crash or h/w failure.
Her blog has been restored with the deleted posts. visit her blog
http://xiaxue.blogspot.com/
Comment by Saravanan | July 22, 2005