Path: csiph.com!usenet.pasdenom.info!weretis.net!feeder1.news.weretis.net!feeder.erje.net!eu.feeder.erje.net!newsfeed.kamp.net!newsfeed.kamp.net!feeder1.cambriumusenet.nl!feed.tweaknews.nl!85.12.40.130.MISMATCH!xlned.com!feeder1.xlned.com!newsfeed.xs4all.nl!newsfeed1.news.xs4all.nl!xs4all!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail
Return-Path: <kwpolska@gmail.com>
X-Original-To: python-list@python.org
Delivered-To: python-list@mail.python.org
X-Spam-Status: OK 0.093
X-Spam-Evidence: '*H*': 0.81; '*S*': 0.00; 'encoding': 0.05; 'utf-8': 0.07; 'lawrence': 0.09; 'python': 0.11; 'anyways,': 0.16; 'hacked': 0.16; 'i\xe2\x80\x99m': 0.16; 'lawsuit': 0.16; 'mad,': 0.16; 'password,': 0.16; 'posting,': 0.16; 'ssh': 0.16; 'unlikely': 0.16; 'hire': 0.16; 'language': 0.16; 'wrote:': 0.18; '>>>': 0.22; 'appears': 0.22; 'looks': 0.24; "i've": 0.25; 'source': 0.25; 'script': 0.25; 'long,': 0.26; '----------': 0.26; 'somewhere': 0.26; 'header:In-Reply-To:1': 0.27; 'wondering': 0.29; 'chris': 0.29; '(c)': 0.29; 'characters': 0.30; 'message- id:@mail.gmail.com': 0.30; 'url:mailman': 0.30; 'code': 0.31; '>>>>': 0.31; 'option.': 0.31; 'question:': 0.31; 'reply-to': 0.31; 'file': 0.32; 'this.': 0.32; 'url:python': 0.33; 'running': 0.33; 'not.': 0.33; 'date:': 0.34; 'sense': 0.34; 'something': 0.35; 'but': 0.35; 'received:google.com': 0.35; 'doubt': 0.36; 'in.': 0.36; 'passwords': 0.36; 'url:listinfo': 0.36; 'doing': 0.36; "i'll": 0.36; 'url:org': 0.36; 'should': 0.36; 'list': 0.37; 'server': 0.38; 'to:addr:python-list': 0.38; 'pm,': 0.38; 'forwarded': 0.39; 'does': 0.39; 'subject:': 0.39; 'to:addr:python.org': 0.39; 'url:mail': 0.40; 'how': 0.40; 'even': 0.60; 'logged': 0.60; 'most': 0.60; 'hope': 0.61; 'subject:Fwd': 0.61; 'from:charset:utf-8': 0.61; 're:': 0.63; 'skip:\xe2 10': 0.65; 'due': 0.66; 'account?': 0.68; 'lowered': 0.68; '8bit%:92': 0.71; '8bit%:43': 0.74; 'saw': 0.77; 'again?': 0.84; 'can:': 0.84; 'greek': 0.84; 'it\xe2\x80\x99s': 0.84; 'locked': 0.84; 'me!': 0.84; 'url:tk': 0.95; '2013': 0.98
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; bh=DE43mEBKZABOQBFf87ovGlKg8m4yNptqoTKDpItfh2c=; b=lQrueqVgfDJG8l7paqdxMOlxcdKdP6SM9W1JaybKSHlS+ODjudtNvL1eOSVO4H6UE0 e1CiqSLYj9wZ/s9lU2TPabkm1z0E0jB8Zxfd5YtKgIRnApO9yDHrDr0zsXsHr2YCkjd/ nTXaL3AOQj3Y5Hlmrjlhcv7h2BnLJOm0Bva+DOhfrxMtWoR9EISMo0xkrPdrKZ/d9P+O J2FfDTkWvY5zND+MfEft8lRhYLpngtfmmSzFyYRg47xnmYIVf3BIwfxtYFBVgOvp7xzG WcYvjiaf2B4j8h0FCxMK6XyqSMoCiMJvklxa1f2tBDdzAV41irTozgbVm2cSRfniQ1R4 kz1w==
MIME-Version: 1.0
X-Received: by 10.50.13.66 with SMTP id f2mr18174566igc.17.1380635791795; Tue, 01 Oct 2013 06:56:31 -0700 (PDT)
In-Reply-To: <CAMw+j7LW6R4K4YOq1ot9icw0hyONN9oMCSqCne1gdX9Y-f0G=w@mail.gmail.com>
References: <l2e6cp$vs9$1@dont-email.me> <mailman.544.1380632838.18130.python-list@python.org> <l2ehtr$1a1$2@dont-email.me> <mailman.552.1380634080.18130.python-list@python.org> <l2ejg6$8un$5@dont-email.me> <CAMw+j7LW6R4K4YOq1ot9icw0hyONN9oMCSqCne1gdX9Y-f0G=w@mail.gmail.com>
Date: Tue, 1 Oct 2013 15:56:31 +0200
Subject: Fwd: JUST GOT HACKED
From: =?UTF-8?B?Q2hyaXMg4oCcS3dwb2xza2HigJ0gV2Fycmljaw==?= <kwpolska@gmail.com>
To: python-list@python.org
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-BeenThere: python-list@python.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: General discussion list for the Python programming language <python-list.python.org>
List-Unsubscribe: <https://mail.python.org/mailman/options/python-list>, <mailto:python-list-request@python.org?subject=unsubscribe>
List-Archive: <http://mail.python.org/pipermail/python-list/>
List-Post: <mailto:python-list@python.org>
List-Help: <mailto:python-list-request@python.org?subject=help>
List-Subscribe: <https://mail.python.org/mailman/listinfo/python-list>, <mailto:python-list-request@python.org?subject=subscribe>
Newsgroups: comp.lang.python
Message-ID: <mailman.556.1380635795.18130.python-list@python.org>
Lines: 105
NNTP-Posting-Host: 2001:888:2000:d::a6
X-Trace: 1380635795 news.xs4all.nl 15897 [2001:888:2000:d::a6]:35919
X-Complaints-To: abuse@xs4all.nl
Xref: csiph.com comp.lang.python:55207

Why is this list not setting Reply-To correctly again?

---------- Forwarded message ----------
From: Chris =E2=80=9CKwpolska=E2=80=9D Warrick <kwpolska@gmail.com>
Date: Tue, Oct 1, 2013 at 3:55 PM
Subject: Re: JUST GOT HACKED
To: =CE=9D=CE=AF=CE=BA=CE=BF=CF=82 <nikos.gr33k@gmail.com>


On Tue, Oct 1, 2013 at 3:42 PM, =CE=9D=CE=AF=CE=BA=CE=BF=CF=82 <nikos.gr33k=
@gmail.com> wrote:
> =CE=A3=CF=84=CE=B9=CF=82 1/10/2013 4:27 =CE=BC=CE=BC, =CE=BF/=CE=B7 Chris=
 =E2=80=9CKwpolska=E2=80=9D Warrick =CE=AD=CE=B3=CF=81=CE=B1=CF=88=CE=B5:
>>
>> On Tue, Oct 1, 2013 at 3:15 PM, =CE=9D=CE=AF=CE=BA=CE=BF=CF=82 <nikos.gr=
33k@gmail.com> wrote:
>>>
>>> =CE=A3=CF=84=CE=B9=CF=82 1/10/2013 4:06 =CE=BC=CE=BC, =CE=BF/=CE=B7 Mar=
k Lawrence =CE=AD=CE=B3=CF=81=CE=B1=CF=88=CE=B5:
>>>>
>>>>
>>>> On 01/10/2013 10:58, =CE=9D=CE=AF=CE=BA=CE=BF=CF=82 wrote:
>>>>>
>>>>>
>>>>> Just logged in via FTP to my server and i saw an uploade file named
>>>>> "Warnign html"
>>>>>
>>>>> Contents were:
>>>>>
>>>>> WARNING
>>>>>
>>>>> I am incompetent. Do not hire me!
>>>>>
>>>>> Question:
>>>>>
>>>>> WHO AND MOST IMPORTNTANLY HOW DID HE MANAGED TO UPLOAD THIS FILE ON M=
Y
>>>>> ACCOUNT?
>>>>>
>>>>> PLEASE ANSWER ME, I WONT GET MAD, BUT THIS IS AN IMPORTANT SECURITY
>>>>> RISK.
>>>>>
>>>>> SOMEONES MUST HAVE ACCESS TO MY ACCOUNT, DOES THE SOURCE CODE OF MY
>>>>> MAIN
>>>>> PYTHON SCRIPT APPEARS SOMEPLACE AGAIN?!?!
>>>>
>>>>
>>>>
>>>> Would you please stop posting, I've almost burst my stomach laughing a=
t
>>>> this.  You definetely have a ready made career writing comedy.
>>>
>>>
>>>
>>> Okey smartass,
>>>
>>> Try to do it again, if you be successfull again i'll even congratulate
>>> you
>>> myself.
>>>
>>> --
>>> https://mail.python.org/mailman/listinfo/python-list
>>
>>
>> It looks like you are accusing someone of doing something without any
>> proof whatsoever.  Would you like help with the fallout of the lawsuit
>> that I hope Mark might (should!) come up with?i'am
>>
>>
>> Speaking of =E2=80=9Ctry again=E2=80=9D, I doubt it would be hard=E2=80=
=A6  As long as a FTP
>> daemon is running somewhere (and you clearly do not know better); or
>> even you have a SSH daemon and you do not know better, an attacker
>> can:
>>
>> a) wait for you to publish your password yet again;
>> b) get you to download an exploit/keylogger/whatever;
>> c) brute-force.
>>
>> Well, considering it=E2=80=99s unlikely you actually have a long-as-shit
>> password, (c) is the best option.  Unless your password is very long,
>> in which case is not.
>>
>> I=E2=80=99m also wondering what language your password is in.  If you ac=
tually
>> used a Greek phrase, how long will it take you to get locked out due
>> to encoding bullshit?
>
>
> Like i use grek letter for my passwords

Did you know that you just lowered the amount of characters an
attacker should check while brute-forcing your password from 256/164
(UTF-*/ISO-8859-7) to just 95?  No?  Congratulations anyways, Nikos!

--
Chris =E2=80=9CKwpolska=E2=80=9D Warrick <http://kwpolska.tk>
PGP: 5EAAEA16
stop html mail | always bottom-post | only UTF-8 makes sense


--=20
Chris =E2=80=9CKwpolska=E2=80=9D Warrick <http://kwpolska.tk>
PGP: 5EAAEA16
stop html mail | always bottom-post | only UTF-8 makes sense