If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(Reuters)   Yahoo explains steps it's taking to protect reassigned inactive accounts from ID thieves. Could have explained in the first place, but it's fun to watch Wired writers wet themselves   (reuters.com) divider line 19
    More: Followup, Yahoo, user ID, Wired magazine, intelligent design, common names  
•       •       •

1216 clicks; posted to Geek » on 21 Jun 2013 at 7:20 AM (1 year ago)   |  Favorite    |   share:  Share on Twitter share via Email Share on Facebook   more»



19 Comments   (+0 »)
   
View Voting Results: Smartest and Funniest

Archived thread
 
2013-06-21 07:23:35 AM
Only 7 percent of those IDs are tied to actual Yahoo email accounts.

Oh, that makes me feel much better. So identity theft will only affect like 20 million people?

From Wikipedia: Yahoo! Mail is the third-largest web-based email service with 281 million users as of December 2012
 
2013-06-21 07:39:13 AM
this shiat is so stupid. youd have to know a service it was used on and know its inactive. it is also entirely avoided by logging into your yahoo account or just not having old dead emails associated with important accounts.
 
2013-06-21 07:53:22 AM

NickelP: this shiat is so stupid. youd have to know a service it was used on and know its inactive. it is also entirely avoided by logging into your yahoo account or just not having old dead emails associated with important accounts.


I'm basically there, too.  Yes, it's going to get some people in trouble, but no, it's not Yahoo's responsibility to try to fix stupid, those people are entirely responsible for their own problems.  Associating an e-mail you don't check for years at a time with your financial institution?  The world is probably better off if you have no money.
 
2013-06-21 07:59:58 AM
I suspect there's no actual plan to carry through with this horrible reassignment plan -- they just want to scare people into logging into their old accounts, so they can claim '300 million ACTIVE users' or whatever, and then purge their disks of all the throwaway accounts and the spam they've collected.
 
2013-06-21 08:00:05 AM
This culture of paranoia some people live in is getting dumber every day. What exactly do they think is going to happen? Do they really think people are going to grab a bunch of Yahoo addys and just randomly go around the internet, click on the forgotten password link and hope they get a bite?

And lets say they actually do find one that works, if the email addy hasn't been used in over a year then it's doubtful whatever they happen to log into will still be active anyway. Bottom line, if you're using throw away email addresses for anything important then you're an idiot anyway.

This move makes sense from Yahoo's perspective, if people can't get a decent email addy then they'll simply move onto another service.
 
2013-06-21 08:02:12 AM
i.chzbgr.com
 
2013-06-21 08:19:24 AM

ReapTheChaos: This culture of paranoia some people live in is getting dumber every day. What exactly do they think is going to happen? Do they really think people are going to grab a bunch of Yahoo addys and just randomly go around the internet, click on the forgotten password link and hope they get a bite?

And lets say they actually do find one that works, if the email addy hasn't been used in over a year then it's doubtful whatever they happen to log into will still be active anyway. Bottom line, if you're using throw away email addresses for anything important then you're an idiot anyway.

This move makes sense from Yahoo's perspective, if people can't get a decent email addy then they'll simply move onto another service.


The only way I see it working it would be more opportunistic.  Like if I go register billb­ob­6969­69­[nospam-﹫-backwards]o­o­ha­y*com and notice I am recieving emails from whateverBank saying my online statements are ready I have a good idea there is an account there with my email address.  I haven't reset a bank account online in a while but pretty sure most of them require more than 'click here to get a new password emailed'.......
 
2013-06-21 08:32:05 AM
Why is Yahoo reassigning them anyway, just close the account
 
2013-06-21 08:46:29 AM
I don't get this. Why aren't they deleting anything associated with the account name before they reassign it?
 
2013-06-21 08:51:36 AM

drjekel_mrhyde: Why is Yahoo reassigning them anyway, just close the account


$$$$$$$$$$$$$$$$
 
2013-06-21 08:53:24 AM

drjekel_mrhyde: Why is Yahoo reassigning them anyway, just close the account


When was the last time you tried to sign up for an email at Yahoo? Having been around for about 15 years pretty much every conceivable email addy has been taken, yet a large percentage of them haven't been used in years. You want the email addy "drjekel_mrhyde" but what you get is more like "drjekel_mrhyde189452014" despite the fact that the one you want was abandoned by the original owner 10 years ago.

It makes sense from Yahoo's perspective, if people can't get a decent email addy they'll just use another service.
 
2013-06-21 09:02:30 AM
So, when is the media going to report on the hacking epidemic that Yahoo is suffering right now? Damn near everyone I know who still has a Yahoo account has had it hacked in the last couple of weeks, and it wasn't due to phishing...
 
2013-06-21 09:33:04 AM

SacriliciousBeerSwiller: So, when is the media going to report on the hacking epidemic that Yahoo is suffering right now? Damn near everyone I know who still has a Yahoo account has had it hacked in the last couple of weeks, and it wasn't due to phishing...


Your friends may just have crappy passwords.
 
2013-06-21 09:40:15 AM

NickelP: The only way I see it working it would be more opportunistic. Like if I go register billbob696969[nospam-﹫-backwards]oohay*com and notice I am recieving emails from whateverBank saying my online statements are ready I have a good idea there is an account there with my email address. I haven't reset a bank account online in a while but pretty sure most of them require more than 'click here to get a new password emailed'.......


I'm don't know about your bank, but every bank I've dealt with in the last 5 years or so online requires more than just the password to login from an unrecognized computer. They normally have additional personal questions you need to know the answer to.
 
2013-06-21 09:43:18 AM

ReapTheChaos: drjekel_mrhyde: Why is Yahoo reassigning them anyway, just close the account

When was the last time you tried to sign up for an email at Yahoo? Having been around for about 15 years pretty much every conceivable email addy has been taken, yet a large percentage of them haven't been used in years. You want the email addy "drjekel_mrhyde" but what you get is more like "drjekel_mrhyde189452014" despite the fact that the one you want was abandoned by the original owner 10 years ago.

It makes sense from Yahoo's perspective, if people can't get a decent email addy they'll just use another service.


Still won't help- there are far more people who want specific names than there are names available.  Literally thousands of people will try to get some variant of drjekyll.

I have a very unusual last name.  I have simple usernames for both Google and Yahoo, but that's only because I signed up for them literally as soon as they were available.  But I couldn't get the obvious extensions for my kids a few years back, nor could my wife almost a decade ago.  I'm completely out of luck on domain names- there's nothing even close left available.  If I can't do it, there's no hope at all for the Smiths' and Jones' out there, or anyone with a literary fixation at all

/Can't get /DEV/CAR, PONDR Y, H PSI or any other cool license plate either.
 
2013-06-21 10:44:41 AM

Glockenspiel Hero: ReapTheChaos: drjekel_mrhyde: Why is Yahoo reassigning them anyway, just close the account

When was the last time you tried to sign up for an email at Yahoo? Having been around for about 15 years pretty much every conceivable email addy has been taken, yet a large percentage of them haven't been used in years. You want the email addy "drjekel_mrhyde" but what you get is more like "drjekel_mrhyde189452014" despite the fact that the one you want was abandoned by the original owner 10 years ago.

It makes sense from Yahoo's perspective, if people can't get a decent email addy they'll just use another service.

Still won't help- there are far more people who want specific names than there are names available.  Literally thousands of people will try to get some variant of drjekyll.

I have a very unusual last name.  I have simple usernames for both Google and Yahoo, but that's only because I signed up for them literally as soon as they were available.  But I couldn't get the obvious extensions for my kids a few years back, nor could my wife almost a decade ago.  I'm completely out of luck on domain names- there's nothing even close left available.  If I can't do it, there's no hope at all for the Smiths' and Jones' out there, or anyone with a literary fixation at all

/Can't get /DEV/CAR, PONDR Y, H PSI or any other cool license plate either.


You would be surprised, Yahoo mail has roughly 280 million active users, imagine how many inactive accounts they have? I would guess a minimum of five times that amount. Granted every John Smith in the world wont be getting their exact name but JohnSmith81 beats J0hn_5m|th_XxX1981xXx.
 
2013-06-21 10:58:40 AM

Mad_Radhu: SacriliciousBeerSwiller: So, when is the media going to report on the hacking epidemic that Yahoo is suffering right now? Damn near everyone I know who still has a Yahoo account has had it hacked in the last couple of weeks, and it wasn't due to phishing...

Your friends may just have crappy passwords.


It's not that.  One of my friends had her account hacked and no one thought anything of it outside of to give her the heads up that her account was sending out spam.  Then my account got hacked the next day, as was the yahoo account of everyone in her contact list.  It was a very much not nice time last weekend because of that.  Nothing important was tied to that address, it was just an old address I had been using since high school and my friends and family all still used, but I then sent out spam to all of them, and nearly everyone on my contact list was hacked within two days.

It's why I don't trust Yahoo for any sort of security, but to watch something spread like that was insane.  And no, no one clicked on any of the links in the spam.
 
2013-06-21 08:30:02 PM

Mad_Radhu: SacriliciousBeerSwiller: So, when is the media going to report on the hacking epidemic that Yahoo is suffering right now? Damn near everyone I know who still has a Yahoo account has had it hacked in the last couple of weeks, and it wasn't due to phishing...

Your friends may just have crappy passwords.


Nah. Google it. Yahoo has been having really messed up security issues for the last few months. Seems to be spiking again.
 
2013-06-21 09:19:12 PM

Dalek Caan's doomed mistress: Mad_Radhu: SacriliciousBeerSwiller: So, when is the media going to report on the hacking epidemic that Yahoo is suffering right now? Damn near everyone I know who still has a Yahoo account has had it hacked in the last couple of weeks, and it wasn't due to phishing...

Your friends may just have crappy passwords.

It's not that.  One of my friends had her account hacked and no one thought anything of it outside of to give her the heads up that her account was sending out spam.  Then my account got hacked the next day, as was the yahoo account of everyone in her contact list.  It was a very much not nice time last weekend because of that.  Nothing important was tied to that address, it was just an old address I had been using since high school and my friends and family all still used, but I then sent out spam to all of them, and nearly everyone on my contact list was hacked within two days.

It's why I don't trust Yahoo for any sort of security, but to watch something spread like that was insane.  And no, no one clicked on any of the links in the spam.


They could simply be falsifying the 'from' field to make the spam more click-likely. It doesn't necessarily mean that the email is from there.

*

This still sounds more like a virus than a hack. Hacks tend not to have such a well-defined epidemology of 'patient zero was compromised. Then, a week later, everyone she was in contact with, then, a week after that, everyone THEY were in contact with, etc.'

You might send a spam sample to kapersky or spybot's 'report' feature to see if there's any drive-by download exploits going on.
 
Displayed 19 of 19 comments

View Voting Results: Smartest and Funniest


This thread is archived, and closed to new comments.

Continue Farking
Submit a Link »






Report