I subscribe to a service that, every week or two sends me the address of an internet proxy. With the proxy, I can fake out the Saudi firewall. After a week or so, they catch on and block the proxy. Then the service sends out a new one.
So today I checked my Yahoo Mail inbox. There was a message from the service. Also in the inbox was the last message from the service. I clicked on the new message and got the standard “This Site is Banned” thing from the firewall.
OK, so I returned to my inbox… and both messages from the service were gone! Can anyone explain how a third party can delete stuff from my inbox.
What is the full URL of the Yahoo Mail service you access? Are you going to the .com or is there an in-country URL.
**Theoretically ** the Saudi government could have made Yahoo comply with any kinds of weird restrictions before allowing them a presence in the country (in other words, not being null routed by the big bad Saudi filter) but it seems unlikely that they’d go about it this way and allow mailbox twiddling. Far easier to just block any inbound email sent from the proxy-avoidance organisation and stop it ever reaching your inbox.
I suspect that the deletion was caused by something else.
Is your connection encrypted? If not it’d be trivial to sniff the traffic and grab your login data. Login and delete the emails.
Even then there’s something called SSL inspection that intercepts keys in the middle and replaces them with it’s own keys. Result you encrypt with the attacker’s key, send it out, attack decrypts then reencrypts with the site’s key. attacker gets to look at unencrypted traffic while everyone else thinks it’s secure.
SSL inspection is used on legitimate content filters, but there’s no reason an attacker couldn’t use it for worse.
It could be some kind of auto setting where as all certain emails go into a “Spam-type” folder that you can’t access. So that email was moved there.
Who were the other two messages from? If you click an email it could auto install something to delete something else? You shoud be using a third party client and only reading text emails.
Try PopPeeper for Yahoo mail and other web-based accounts
Of course they are all back. The Saudis saw your post on the Dope, knew the jig was up, and tried their best to cover their tracks. What else did you expect?
The e-mails from that address all lead me to a blocked message again. Obviously the machines are shutting down communications in preparation for their attack.
Have you considered a VPN service? I’ve seen them for as cheap as $5 bucks and they’d help enormously with this sort of thing. If you have a willing friend with a reliable connection in a freeer part of the world you even set it up for free. Your friend could run a VPN server to their computer. The advantage of that is you’d connect and all your traffic would be hidden in an opaque pipe with an opening far far away from censorship. Further depending on the service you could set it up with a preshared key, which would fix any key interception issues.
No idea if this works for Yahoo mail, but with Gmail the bottom of the screen lists when you last logged in and indicates whether it was the same IP address.
Unless you are hacked by someone who happens to be spoofing your own computer’s address you can see whether someone else is accessing your account and you might even be able to get a valid IP for whoever is responsible.
Yeah, the problem came and went. My proxy server is working again. Still, I am convinced the Saudis have a better monitoring capability than I expected.