Do you have adblock enabled?
 
If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(Ars Technica)   Remember that big Yahoo account hack? No, the other one. No, the OTHER other one. Anyway, it managed to compromise 100% of every existing account at the time   ( arstechnica.com) divider line
    More: Facepalm, Yahoo, Cryptography, major security breach, one-billion account estimate, unnamed security consultant, browser cookie-forging hack, Yahoo officials, e-mail addresses  
•       •       •

632 clicks; posted to Geek » on 04 Oct 2017 at 7:55 AM (2 weeks ago)   |   Favorite    |   share:  Share on Twitter share via Email Share on Facebook   more»



21 Comments     (+0 »)
 
View Voting Results: Smartest and Funniest
 
2017-10-04 02:34:37 AM  
Holy shiat.  Someone could join a fantasy football or hockey league and pretend to be me.  That is horrifying.
 
2017-10-04 03:32:12 AM  

davidphogan: Holy shiat.  Someone could join a fantasy football or hockey league and pretend to be me.  That is horrifying.


Yeah, sorta wondering who uses a Yahoo account as anything but a throwaway spam magnet.  Gmail, too, for that matter.
 
2017-10-04 07:55:57 AM  

davidphogan: Holy shiat.  Someone could join a fantasy football or hockey league and pretend to be me.  That is horrifying.


Already done.  You're starting Jay Cutler for the rest of the season, sucker!
 
2017-10-04 08:11:42 AM  
Corporations are people too. And they are wicked gossips.

And, you know, completely unethical.
 
2017-10-04 08:12:55 AM  
So the e-mail I haven't looked at since 2003 was compromised, well I guess they needed cheap viagra.
 
2017-10-04 08:23:56 AM  
Crap! Crap! Crap! Who dropped Kane from my league?!?!
 
2017-10-04 08:25:17 AM  
And, besides.. I have 2FA on my account (for some reason).. I logged on to my PC and my app on the phone popped up, asking if it was me doing so and providing a verification number to type in on the PC. It's not too secure, since everything in the world can theoretically be hacked, but at least it's convenient.
 
2017-10-04 08:29:44 AM  
To the talking heads on the news shows that keep saying 3 Billion "people" were hacked...
replygif.net
 
2017-10-04 08:45:03 AM  

FarkingSmurf: To the talking heads on the news shows that keep saying 3 Billion "people" were hacked...
[replygif.net image 245x285]


Alts are people too
 
2017-10-04 08:47:22 AM  

fusillade762: davidphogan: Holy shiat. Someone could join a fantasy football or hockey league and pretend to be me. That is horrifying.

Yeah, sorta wondering who uses a Yahoo account as anything but a throwaway spam magnet. Gmail, too, for that matter.


Flickr. You had to create a Yahoo account to use that service.
 
2017-10-04 09:20:56 AM  
Attention mergers and acquisitions... Hook up Yahoo! and Equifax. Apparently they can leverage similar infrastructure....
 
2017-10-04 10:27:54 AM  

fusillade762: davidphogan: Holy shiat.  Someone could join a fantasy football or hockey league and pretend to be me.  That is horrifying.

Yeah, sorta wondering who uses a Yahoo account as anything but a throwaway spam magnet.  Gmail, too, for that matter.


And your new, secure alternative is:   ???

Honestly though, who didn't know this was happening? There was a huge burst in spam from various non-tech savvy familia around that same time. The only thing that scared me was when CapitalOne knew that one of the PW changes I tried to use just happened to be one of my older and yet "more secure (in complexity)" PWs and it told me to choose something else.

When the bank knows your passwords, that's bad. I had never used that PW with them before.
 
2017-10-04 10:43:59 AM  

thespindrifter: fusillade762: davidphogan: Holy shiat.  Someone could join a fantasy football or hockey league and pretend to be me.  That is horrifying.

Yeah, sorta wondering who uses a Yahoo account as anything but a throwaway spam magnet.  Gmail, too, for that matter.

And your new, secure alternative is:   ???

Honestly though, who didn't know this was happening? There was a huge burst in spam from various non-tech savvy familia around that same time. The only thing that scared me was when CapitalOne knew that one of the PW changes I tried to use just happened to be one of my older and yet "more secure (in complexity)" PWs and it told me to choose something else.

When the bank knows your passwords, that's bad. I had never used that PW with them before.


You could host your own damn email better than Yahoo.

There are dozens of more secure alternatives, like... Almost any reputable host.
 
2017-10-04 10:58:39 AM  

NateAsbestos: You could host your own damn email better than Yahoo.

There are dozens of more secure alternatives, like... Almost any reputable host.


Look, I know a lot of things, but like any human I have my blind spots, and this is one of them. I don't even know where to start asking the right questions about where to start asking the right questions, so I thought I would start here. Pardon my ignorance, but how does one go about finding a more secure email hosting option?

Thank you in advance.
 
2017-10-04 11:13:08 AM  

thespindrifter: Pardon my ignorance, but how does one go about finding a more secure email hosting option?


Here you go.
 
2017-10-04 11:40:20 AM  
Hope they like my email address that I use as a spam repository...
 
2017-10-04 11:43:18 AM  

fusillade762: Yeah, sorta wondering who uses a Yahoo account as anything but a throwaway spam magnet.


I know a couple of people - ones who are actually technical, mind you - that used Yahoo as the their primary account for everything until at least 3 years ago. I know there are non-tech people that are using it *TODAY* on a regular basis. (Heck, I also know a few people who still use AOL mail.) So if you don't think that, of those 3 million accounts, at least 50% (probably much, much higher) were (at least at the time) actively in-use for most everything, you're very naive.

Plus, even of the "extra" account ones, how many were being used as the emails connected to websites or other activities that the owner was trying to hide from SO/kids/parents/dog? I'm sure there's a lot of embarrassing payment, hookup, black market, and other information on a number of those accounts.

Now, granted, I'm sure most of the compromise was used for sending spam, and maybe look for stored nudie photos, but also remember that most people don't use different (or, at least, different *enough*) passwords on other sites. It would be fairly trivial to get into other accounts, whether directly or through email password resets.

trialpha: Flickr. You had to create a Yahoo account to use that service.


That too. And that's when Flickr was actually good and popular, perhaps the best place on the web for mass photo storage, before Yahoo somehow went and completely screwed it up.
 
2017-10-04 11:49:47 AM  

Caelistis: thespindrifter: Pardon my ignorance, but how does one go about finding a more secure email hosting option?

Here you go.


Thank you!
 
2017-10-04 12:45:31 PM  

thespindrifter: Pardon my ignorance, but how does one go about finding a more secure email hosting option?


Try a Yahoo search...
 
2017-10-04 12:52:11 PM  
Now I know who to blame for my 6 straight losing seasons in fantasy football and basketball.
 
2017-10-04 04:46:57 PM  

thespindrifter: NateAsbestos: You could host your own damn email better than Yahoo.

There are dozens of more secure alternatives, like... Almost any reputable host.

Look, I know a lot of things, but like any human I have my blind spots, and this is one of them. I don't even know where to start asking the right questions about where to start asking the right questions, so I thought I would start here. Pardon my ignorance, but how does one go about finding a more secure email hosting option?

Thank you in advance.


It's really just a matter of trusting that your host knows what they're doing, and aren't lazy, incompetent cusses. Yahoo 100% does NOT make the cut, and this article is just one of many examples.

Microsoft's Office 365 platform has options for HIPAA and SOX compliance (and probably dozens of other standards), though you do have to have your own domain name. Google does the same (through G Suite, not G Mail).

Honestly I guess for me it is intuition since I am in IT and know what to look for. It's not like a company is going to advertise to you that they store your passwords in cleartext and just rely on hackers not bothering to open passwords.txt.

I pay $5/mo for my email through G Suite... At the very least, it not being free seems like it would give me some legal options if they fark me royally. Companies tend to treat paying customers better than people who only use their free services.
 
Displayed 21 of 21 comments

View Voting Results: Smartest and Funniest

This thread is closed to new comments.

Continue Farking

On Twitter





Top Commented
Javascript is required to view headlines in widget.
  1. Links are submitted by members of the Fark community.

  2. When community members submit a link, they also write a custom headline for the story.

  3. Other Farkers comment on the links. This is the number of comments. Click here to read them.

  4. Click here to submit a link.

Report