German infosec agency urges security review after Yahoo! flensing
Germany's Bundesamt für Sicherheit in der Informationstechnik (Federal Office for Information Security or BSI) has warned users to reconsider the security chops of their email providers and plugged local services in response to news a billion credentials were stolen from Yahoo! The oft-raided web concern revealed yesterday …
COMMENTS
-
Friday 16th December 2016 08:50 GMT Anonymous Coward
Then, just install an app...
... and your phonebook will be raided. It should become clear that those practices are not welcome and should be forbidden. Especially since you may be as careful as you like, but just give your phone number and address to a naive friend, and it will become part of some online database... which one day will be raided as well.
-
Friday 16th December 2016 10:01 GMT VinceH
Re: Then, just install an app...
Quite so - but at least your friends won't have your passwords in their address book! :)
But seriously, this:
"Schönbohm says users should only fill out their real personal information such as address and phone numbers when it is essential."
... means that it may be harder to collate data from a friend's harvested address book with you, if key information doesn't match - so that's one thing. Using different email addresses across different services helps here, too.
-
-
Friday 16th December 2016 11:51 GMT big_D
German E-Mail
Services like GMX, Web.de. Telekom and a few others have set up their mail servers, so that all mail addressed to German servers stay within the country and, when the recipient is part of the "E-Mail made in Germany" initiative, the email traffic is encrypted from end to end.
Obviously, if you send an email outside of Germany or to a recipient who is using a mail server not in the EmiG initiave, then the email will be sent the "old fashioned" way.
-
Monday 19th December 2016 08:30 GMT Anonymous Coward
Re: German E-Mail
Yes, there are quite a few e-mail providers in Germany that seem to care about privacy: https://posteo.de , https://mailbox.org and https://tutanota.com
Maybe German people should support their local e-mail providers. But also use OpenPGP or S/MIME end-to-end, so that not even if e-mail providers receive valid court orders to intercept communications, no one can see anything really private... without at least one of the parts in the communication have idea (malware infiltration still possible, but preventing is also possible in the correct setups and following best practices).
-