Tuesday, February 28, 2017

Seriously, You Can't Make This Stuff Up!

   Fake news and alternative facts aside, the truth really is stranger than fiction.

   We finally get to the point where the only thing left to talk about concerning Yahoo! is their upcoming turbulent buyout by Verizon.  But noooo...

   They're back, with another breach announcement.  This one is from sometime in the 2015/2016 timeframe (am I the only one who is concerned that they can't pin it down better than that????).  It seems to be more limited in scope (i.e. less than the 500 Million users affected last time!).

   We seriously just "finished" talking about this issue.  Normally when an old problem comes back again (like always do), I consider re-running an older post with any needed updates (and rarely are any major updates needed).  But I just posted about Yahoo!'s problems TWO MONTHS AGO!

   This time around the root cause is supposed to be a forged cookie that could be used to access an account without using a password.  Yahoo! is saying that the attackers must have had access to the source code and that a similar method may have been used in the previous attacks.  Maybe... maybe not.

   In other news... the price for Verizon to buy Yahoo! keeps dropping.  Could "free" be far behind?

   You know, the funny thing is that I really like the Yahoo! home page layout with its news summaries.  If they could just protect my account data for more than a month or two we might actually have a service worth salvaging.

   Vote... are you dumping your Yahoo! account or keeping it?


  1. It's a good thing Verizon is buying Yahoo! because the Yahoo! name has lost all credibility with their user community. Will I delete my 20-year old email account with Yahoo!? Maybe...

  2. Barry, are these issues unique to Yahoo? Are other services more secure? As you know absence of a breach announcement doesn't necessarily mean similar breaches haven't occurred elsewhere.

  3. Hi Ernest, Great question! Of course, any service provider or any business at all, could have breach. What makes Yahoo! "special" is both the number of consecutive issues as well as the blatant and publicized disregard of the issues by management.