> On 13 Jul 2018, at 12:34, David Kastrup <d...@gnu.org> wrote: > > Michael Hendry <hendry.mich...@gmail.com> writes: > >> I’ve recently received a message from a hacker who told me he knew my >> password (and quoted it correctly), demanding money in bitcoin for not >> forwarding details of my recent visit to a porn website to all my >> contacts. > > You make it sound like you use only one password for everything.
That was the way the hacker put it - without specifying what site the password related to, but I worked backwards from the quoted password. > A bad > idea. Indeed. I don’t think I had used nabble since 2015, and I did have one other website on which I had used the same password - by coincidence, I had accessed both on the same afternoon, but the first appeared secure (https:) > >> I had been using nabble to access the list - I've never accessed a >> porn website. >> >> Firefox had warned me that the rabble site wasn’t secure when I logged >> in. > > That sounds like spoofing: not actually connecting to the site you think > you are connecting to. Misspelled names (i.e., rabble instead of > nabble) can set oneself up with typo squatters. Could be. But I used a copied-and-pasted URL to access the nabble site - http://lilypond.1069038.n5.nabble.com/Four-Bars-per-Line-System-again-td45952.html I had copied this URL into a Lilypond file along with David Nalesnik’s excellent way of getting a four-bars-to-a-line layout for leadsheets, with sufficient flexibility to get (e.g.) the bridge section starting at the beginning of a line when the number of bars in the A section wasn’t divisible by 4. I have checked my browser’s history for misspellings and have found none. > >> I’ve deleted my nabble account, hence a couple of my messages to the >> group have been deleted. > > Deleting your nabble account sounds like pulling off the tractor > ignition key after the mule has bolted. Nice image!, but I decided I didn’t need to use nabble any more. > > It doesn't sound like it will do much to address password > vulnerabilities or spoofing. I have taken steps to improve the security of my passwords. Michael _______________________________________________ lilypond-user mailing list lilypond-user@gnu.org https://lists.gnu.org/mailman/listinfo/lilypond-user
