
I got hacked mid-air while writing an Apple-FBI story - archiebunker
http://www.usatoday.com/story/tech/columnist/2016/02/24/got-hacked-my-mac-while-writing-story/80844720/
======
unsignedint
Everytime I hear this type of story -- are these people sending/receiving
E-mail in plain text transport? (That sounds like a very poor judgment to
begin with, especially for a journalist, if that's the case.)

~~~
brandon272
I would assume so. The most perplexing part of the story is that he didn't
inquire with the hacker as to what methods were used.

~~~
elwesties
He was on a public network so any email he sent as going out in plain text
over the air. Nothing secret or advanced about that.

~~~
yolesaber
What about HTTPS? [http://security.stackexchange.com/questions/1525/is-
visiting...](http://security.stackexchange.com/questions/1525/is-visiting-
https-websites-on-a-public-hotspot-secure)

~~~
redbeard0x0a
If you are using a standard email client, it doesn't use HTTPS . If the email
server you are connecting to supports encryption, it will be a different port
and a different protocol.

The protocols used for email are SMTP for sending email (port 25, nothing is
encrypted by default) and IMAP or POP for retrieving email (port 143 and 110
respectively, both are not encrypted).

The protocols have been updated to support encryption and are typically on a
different port (however SMTP supports something called STARTTLS that can
upgrade a connection to use encryption). Secure IMAP is on port 993 and Secure
POP is on port 995.

Protecting your email from prying eyes is a little more involved if you are
using an email client. However it is better to check your email using webmail
over an HTTPS connection if you are on a shared public network.

~~~
unsignedint
Aren't these features fairly commonplace these days? (I use two mail servers,
one of them is Gmail) and they both support TLS, actually, they even refuse me
to connect in plain text.

