Simon Willison’s Weblog

6 items tagged “hotmail”

The Anatomy Of The Twitter Attack. Long-winded explanation of the recent Twitter break-in, but you can scroll to the bottom for a numbered list summary. The attacker first broke in to a Twitter employee’s personal Gmail account by “recovering” it against an expired Hotmail account (which the attacker could hence register themselves). They gained access to more passwords by searching for e-mails from badly implemented sites that send you your password in the clear. # 20th July 2009, 12:55 am

Google wants your Hotmail, Yahoo and AOL contacts. And they’re using the password anti-pattern to get them! Despite both Yahoo! and Hotmail (and Google themselves; not sure about AOL) offering a safe, OAuth-style API for retrieving contacts without asking for a password. This HAS to be a communications failure somewhere within Google. Big internet companies stand to lose the most from widespread abuse of the anti-pattern, because they’re the ones most likely to be targetted by phishers. Shameful. # 15th September 2008, 10:39 am

Why I can’t put Tibet in my Hotmail address. Apparently it’s because “TIB” is name of a bank in Florida, and Microsoft are trying to prevent phishers from creating e-mail addresses that include the names of financial institutions. # 10th August 2008, 10:41 pm

Find Your Friends. Flickr have added a characteristically classy friend import feature, pulling from Gmail, Yahoo! and Hotmail address books without any unhygienic password sharing. It’s a crying shame that the Yahoo! contacts API they are using isn’t available outside the company. # 1st April 2008, 1:01 am

Windows Live Contacts API (via) I didn’t realise Microsoft already have a contacts API for Live (which presumably covers hotmail as well). # 7th March 2008, 5:57 pm

Migrating Microsoft Hotmail from FreeBSD to Microsoft Windows 2000. I’d like to see them try that with Yahoo!’s 100+ properties. # 4th May 2007, 5:54 pm