I was living in southern Idaho back then, which meant a requirement to travel. I was just starting a radio internship at a network of stations – format of rock / alt indie and quickly headed to full time work there. Yes, hours of fun, shows, tours, etc. But still needed California vacation time. So yes, 60-80 hours a week in a closet size studio and the need to visit my home, Southern California was a priority. Granted Idaho has great white water rivers and white powder snow capped mountains, but still – surf, sand, and retail sunshine were missing.
The gateway medium? Electronic plane tickets via Expedia and Hotmail. Both I didn’t have yet. So I signed up for a Hotmail account via Internet Explorer. Awwww … I miss those early Passport MSN Messenger – IM and “one new message” bar sounds – nostalgia. Back to rewind, 1999, okay so not everyone had Hotmail yet – mostly Yahoo or AOL and Microsoft recently acquired Hotmail. I still had a difficult time getting my third choice account name. So brainbending – one simple combo was available! Full first name and last initial. Two minutes later done registering to welcome email arrives. Step two – I start to book Expedia … Need an account. My email is already registered?!? What? Okay …. “Forgot password.” Send. You didn’t fail to read the title here, summer of 1999, right? Just checking. Well despite me not caring about the why it was a registered email user account < look, I had late nights, not yet a daily straight up espresso drinker, and really did not think much of it. It was highly likely and logical that I started an account process and forgot to finish one late night > I waited – The Password emailed to me… Some vacationy type password. Again, highly likely I made it that password – no red flag. Odd right? But true. The password was five characters long. High Five. I think about a month later, I forgot the password … Reset and added a “1” Good job? Yes this means more out of town trips were booked.
A couple months later I get an email from the old Hotmail user letting me know it was once his, but he’s “moved on.” < bitter much > And I think we even might of mentioned my hijack of Expedia. Laugh. He had a similar name, lived in Washington state and was a computer nerd of some sort. I still recall his name and he emailed me several years back again just to say hi … Ahem or try to get his email back. I just looked him up on LinkedIn – Senior Infosec Eengineer, now lives in Utah. Look it was free Risk-game type takeover. In the words of Seinfeld’s Kramer, “The Ukraine is weak.” + | shew |
Same year, same station, different channel role – It was my job, nay duty, to encourage user security awareness. My favorite technique was to “baggy pants” anyone leaving their email open. They would return to their desk and find an email (from themselves) declaring how cool they are and how their pants are the baggiest. Or a claim that their password was weak and they should change it …+ | jimshew |