Hacker News new | past | comments | ask | show | jobs | submit login

The cause isn't just a "typo". Sounds like they went to effort to set up DNS MX records and SMTP servers for domains like `army.ml`.

Also, not only did they set up something specifically to capture the emails that they knew weren't intended for them (incidentally preventing the senders' own SMTP servers from alerting the senders of the problem almost immediately), but... it sounds like they also examined the content of some of the diverted emails that they knew were sensitive and not intended for them.

I can't tell from the article whether they've finally disabled this diversion of the emails. Nor whether they had a plan to scrub all copies of the emails before it's out of their control, maybe offering US diplomats/officials a deadline to get a copy if they want it

Also, if they're now acting in good faith, and interfacing with US officials, I wonder who leaked this situation to the press, and why.




It's impossible to know but I imagine a press leak (and further coverage by cable news and other traditional print media outlets) is the only way that members of Congress would actually care enough to hold members of the military and Department of Defense accountable so that they'll eventually find a way to resolve the issue.

Whether that'll take the form of a software engineering solution or a "social engineering" solution - in the form of Congressional hearings and the like - remains to be seen.


They aren’t being at all subtle about it, for example:

    ;; ANSWER SECTION:
    navy.ml.    300 IN MX 0 handle.catchemail.ml.

    army.ml.    300 IN MX 0 handle.catchemail.ml.
Very unethical way to handle sensitive data.


Unethical? Why should Mali have an ethical duty to respect military or intelligence of a foreign country with no alliance that could easily be their enemy some day?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: