If someone lies that their password was stolen to hide them being the originator... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		IncRnd 11 months ago \| parent \| context \| favorite \| on: Cracking a 512-bit DKIM key for less than $8 in th... If someone lies that their password was stolen to hide them being the originator of a single email, who are they telling the lie? Is it a court? In many cases the person would be caught through behavioral analysis. They didn't change their password, so it wasn't really stolen. No other emails were improperly authored, so it wasn't really stolen. They never reported it to the email server owner, so it wasn't really stolen. Lying isn't a stronger defense to perform abuse than weak keys are for stopping abuse.

GTP 11 months ago [–]

> They didn't change their password, so it wasn't really stolen

You change your password only after you realize it got stolen. If you didn't realize it, then it makes sense you didn't change it. And, depending on the specific case, you could find plausible explanations also for the other points.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact