Web Mail's Malicious Exploitation
Free Web-based email allows others to send email that can be traced to you. But is this threat really frightening? No. Read why.
"Let me have men about me that are fat,
Sleek-headed men, and such as sleep o' nights:
Yond Cassius has a lean and hungry look;
He thinks too much: such men are dangerous."
C|net has reported that a "Web email bug bites the Net".
Bennett Haselton, founder of PEACEFIRE and fighting Internet censorship, demonstrated how Web based email can be exploited to send email that appears to originate from somebody else (who need not even have an account at the email provider).
Haselton did not give any details to prevent exploitation of the "bug". A closer look at the way sending messages at Hotmail -- or any other Web-based email service -- works is most probably how Haselton found out and chances are some others would (did?) so, too. But wait! Hotmail has implemented patch and the other service providers will certainly follow shortly.
Hotmail keeps track of its users by their IP address. Every computer on the Internet -- even you logging on through your modem -- has a unique IP number by which it can be addressed -- and identified. This is how you can assign a message sent through Hotmail to somebody. Just make her computer, her IP address press the send button.