Oh boy…. they were hacked two years ago and they say it was a “state sponsored attack”. What the hack is that ?! How do you differentiate a hack done by an employee from a state sponsored attack? Let’s take it step by step: Yahoo has started to write to all affected customers this email: https://s.yimg.com/sf/support/en-us-security-notice-content.pdf Below is the text of the email notice sent by Yahoo to potentially affected users. Please note that the email from Yahoo about this issue does not ask you to click on any links or contain attachments and does not request your personal information. If an email you receive about this issue prompts you to click on a link, download an attachment, or asks you for information, the email was not sent by Yahoo and may be an attempt to steal your personal information. Avoid clicking on links or downloading attachments from such suspicious emails. Nice… considering that many fraudsters will make use of it. This is what you get when you login: First link is: https://help.yahoo.com/kb/account/SLN27925.html Here are all details of the breach, or whatever this was. Now the real stuff, observe the bold sentences: Account Security Issue FAQs We have confirmed, based…
Yahoo Issues Security Sitrep By Richard Adhikari TechNewsWorld 04/03/14 2:05 PM PT Yahoo “should have done this earlier,” Sorin Mustaca, IT security expert at Avira, told TechNewsWorld, “but they were tackling other problems — losing users, revenue issues, losing market share — so security, as a nonfunctional requirement, was left to the end.” “SSL is not the solution to all problems,” said Avira’s Mustaca. “There are plenty of others out there: malware; vulnerabilities in Yahoo’s online services and those from their partners; and adware.”
I was prompted today to update the Java framework on my laptop. I said, yes, update it and then I’ve seen the picture below: So, I ask, what the hack has Yahoo to do with Sun ? Why a stupid, useless and nerving toolbar is being installed with the Java framework ? Did Sun buy Yahoo or Yahoo did buy Sun ? No So why ? Of course, I am an ideologist and don’t accept the obvious answer: for money which Yahoo paid to Sun.
This time together with Dirk : Spam through Yahoo Groups
Immediately after I started my laptop today, I got a popup announcing me that I have to install a Java update. Well, knowing that it has vulnerabilities, I said… OK, do it. And then I continued to work … After a couple of seconds, I see the following popup : So, now the legitimate question: Why am I offered to get that damn toolbar ( I HATE toolbars !!!!) only because I wanted to update Java. What has Java (or Sun ) to do with Yahoo ? I think that nothing else than … money. I guess Yahoo pays a lot of money to Java to bundle their sh** toolbar. And what makes me really mad is the fact that it is by default installed. A user who does nothing else than click Next -> Next… will automatically install it. I consider this practice as bad as Adware and Spyware. Bad boys… Yahoo and even worse Sun !!! Shame on you !!!