francis on Tue, 31 Aug 1999 01:24:14 +0200 (CEST)

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

<nettime> hotmail-hack

Hi this is a short summary of Hotmail Hack

9.23 am EDT the message is posted at, the origin is

14.43 CET I became knowlegde of it by a german-speaking mailinglist. On You could enter any username into a form and
get accsses to anybodies hotmail data without password. All functions were
abled. It was not possible (to the public) to change the password without
knowing the old password.

16.00 CET the url contains the message "microsoft
rules", the form doens't work anymore. is located in

By typing
into the browsers location-field You could still use the bug to see inside
the mailboxes. Instead of ENTERLOGINHERE You had to type the username. 

18.00 CET Uhr Hotmail ist down

18.30 CET points to

18.50 CET Hotmail is online again, the cgi that allowed to break in, is

Hotmail has 40 million subscribers, it is running on Net-BSD, because the
stuff wasn't able to port the system to Win NT, after Micro$oft bought
Hotmail. There are rumours that say, the hack was possible through a hack
of Microsofts Passport-System (  that should be
implemented into Hotmail. 

It is not possible to delete a hotmail-account yourself. It will be
deleted automaticly after 90 days of not using/ accesing it. 

CNN says that the Swedish Newspaper Expressen ( has
first published the Story today.
Expressen says that they got the information anonymous. 

The now appearing question is, how will be the PR-strategies of
Microsoft/Hotmail and will there be a reaction on stockmarkets? 


#  distributed via <nettime>: no commercial use without permission
#  <nettime> is a moderated mailing list for net criticism,
#  collaborative text filtering and cultural politics of the nets
#  more info: and "info nettime-l" in the msg body
#  archive: contact: