During Monday's Cybersecurity for a New America conference in DC, Yahoo's Chief Information Security Officer Alex Stamos stood up and had an intense verbal showdown with NSA director Mike Rogers about the NSA's plan to ban working crypto, in which the nation's top spook fumfuhed and fumbled to explain how this idea isn't totally insane.
Read the rest
In some ways, it's the inevitable outcome of Google's increased focus on Chrome and Yahoo's increased focus on getting anyone, anywhere to care about it before it runs out of money.
Read the rest
We've known since the start that Yahoo fought the NSA's Prism surveillance program tooth-and-nail; but as unsealed court docs show, the Feds made the process into a harrowing ordeal, and sweet-talked gullible judges into dropping the hammer on Y.
Read the rest
You may know that Flickr is one of the largest repositories of freely
usable public domain and Creative Commons photos in the world, hosting
collections contributed by libraries, national archives, foundations,
museums, galleries, and individual users (I've uploaded more
than 10,000 CC-BY-SA images of my own). However, with its latest
redesign, Flickr has made is very difficult to copy the images it has
been entrusted with, and nearly impossible to correctly attribute them
in accord with their license terms.
Today, we're fixing that. A little, anyway.
Read the rest
Yahoo has taken some serious steps towards protecting user-privacy
, writes the Electronic Frontier Foundation's Seth Schoen. After revelations that the NSA and GCHQ had hacked its services, intercepted private video-chats
, and harvesting mass data from its fiber optic links
, the company has added forward secrecy and STARTTLS to its roster of default-on security measures. Of the two, forward secrecy is the most interesting, as it protects the privacy of old intercepted Yahoo data even if the company loses control of its keys. Bravo, Yahoo!
A stunning new Snowden leak reveals that the UK spy agency GCHQ harvested images and text from millions of Yahoo video chats, including chats in which one or both of the participants was British or American. Between 3 and 11 percent of the chats they intercepted were sexual in nature, and revealing images of thousands of people were captured and displayed to spies. The programme, called OPTIC NERVE, focused on people whose usernames were similar to those of suspects, and ran from at least 2008 until at least 2010. The leak reveals that GCHQ intended to expand the programme to Xbox 360 Kinect cameras and "fairly normal webcam traffic." The programme was part of a facial recognition research effort that GCHQ compared to "Tom Cruise in Minority Report."
While the documents do not detail efforts as widescale as those against Yahoo users, one presentation discusses with interest the potential and capabilities of the Xbox 360's Kinect camera, saying it generated "fairly normal webcam traffic" and was being evaluated as part of a wider program.
Beyond webcams and consoles, GCHQ and the NSA looked at building more detailed and accurate facial recognition tools, such as iris recognition cameras – "think Tom Cruise in Minority Report", one presentation noted.
Read the rest
In what Nicole Perlroth describes as "the online equivalent of a riot", Yahoo Mail users are revolting against recent updates to the service
. Apparently they turned it into a confusing gmail clone with gaudy backgrounds and display advertising, or something.
Britain's largest ISP, British Telecom, has ragequit Yahoo! after learning that the internet giant had bought beloved microblogging site Tumblr. Just kidding! It's actually sick of its customers' Yahoo-provided email accounts getting hacked.
Brian Krebs has located and published a sales pitch from a hacker who has found a zero-day exploit allowing him to steal cookies from Yahoo webmail users, granting access to their accounts.
“I’m selling Yahoo stored xss that steal Yahoo emails cookies and works on ALL browsers,” wrote the vendor of this exploit, using the hacker handle ‘TheHell.’ “And you don’t need to bypass IE or Chrome xss filter as it do that itself because it’s stored xss. Prices around for such exploit is $1,100 – $1,500, while I offer it here for $700. Will sell only to trusted people cuz I don’t want it to be patched soon!”
Yahoo Email-Stealing Exploit Fetches $700
Dan Goodin at Ars: "The dump, posted on a public website by a hacking collective known as D33Ds Company, said it penetrated the Yahoo subdomain using what's known as a union-based SQL injection. ... To support their claim, the hackers posted what they said were the plaintext credentials for 453,492 Yahoo accounts
An excellent long-read about Flickr and Yahoo by Mat Honan
at Gizmodo today. Anyone who has loved and been let down by the once-great photo-sharing site now caught in the purple zombie's death spiral will nod in agreement throughout. The opening graf:
Web startups are made out of two things: people and code. The people make the code, and the code makes the people rich. Code is like a poem; it has to follow certain structural requirements, and yet out of that structure can come art. But code is art that does something. It is the assembly of something brand new from nothing but an idea.
Read: How Yahoo Killed Flickr and Lost the Internet. (Gizmodo)
Yahoo announces that Jerry Yang has resigned from the internet company's Board of Directors "and all other positions with the company, effective today." Yang has also resigned from the Boards of Yahoo Japan Corporation and Alibaba Group Holding Limited, effective today. Yahoo's official statement is here.
Photo: Co-founder and former CEO of Yahoo! Inc. Jerry Yang applauds during the announcement of a commitment pledge at the Clinton Global Initiative in New York September 22, 2010. (REUTERS)
Photo: REUTERS/Robert Galbraith
Outgoing Yahoo CEO Carol Bartz, fired over the phone by board chairman Roy Bostock, is famous for using foul language. Following her departure, she did not disappoint.
"These people fucked me over," she says, in her first interview since her dismissal from the CEO role late Tuesday. ... "I said, 'Roy, I think that's a script,'" adding, "'Why don't you have the balls to tell me yourself?'"
Carol Bartz exclusive: Yahoo "f---ed me over" [CNN Money]