Yahoo Hacked – 1.0B Accounts Exposed

Dude… The Fat Lady is SO singing over at Yahoo…

yahoo exposed

  1. There are a few things that come to mind here:
  2. If I were Marissa Mayer, I would crawl under a rock and hide. Like… forever.
  3. If I were Verizon, I would run, not walk, so fast and so far away from the purchase of Yahoo, and I would NEVER look back (or second guess that decision)
  4. If I were a Yahoo user, I would set fire to my account and use the mail account that my ISP gave me. At this point a comcast.net mail account can’t be seen as a bad thing…

To be honest, this is beyond pathetic.

I’ve heard it mentioned that the security breach in question is the result of a separate, earlier attack that occurred in 2013, at least six to twelve months before the attack in 2014 that exposed 500 million accounts to hackers. I’ve heard that security analysts at Yahoo brought their concerns to the management team and the analysis was effectively ignored.

In a statement, Yahoo said they weren’t able to identify the intrusion associated with the breach. Hackers may have stolen names, email addresses, telephone numbers, MD5 hashed passwords, dates of birth, and in some cases, both encrypted and unencrypted security questions and answers.

The company has further admitted that hackers may have accessed all of this information due to a theft of source code, enabling them to manufacture a way in without requiring a password. Apparently, they were able to forge a cookie that allowed them to retrieve credentials that were stored locally. While Yahoo has invalidated the security questions and their answers as well as the forged cookies, the damage has already been done.

The thing that really irks me the most here, is that this was a bigger breach than the one that was reported in 2014; AND it occurred BEFORE the breach that got so much publicity. This hack is twice as big and in my opinion twice as damning. Verizon was already “evaluating” its purchase of Yahoo. If I were them, I’d evaluate myself right out of the deal. The assets aren’t worth the risk.

Yahoo has been severely criticized by six different US senators for taking two years to publicize the September 2014 breach that lost them 500,000 accounts. This latest breach occurred a full year or so before that, and its being revealed AFTER the 2014 breach.

At this point, Yahoo knows basically NOTHING. They have no idea who may have perpetrated the attack, which nation may have sponsored the hackers or the full extent of the information that has been compromised. As a result, Yahoo’s stock took a 2.5% hit in afterhours trading on 2016-12-14. At this point, I can see the value of the stock dropping more as Verizon “evaluates” their purchase plans.

As I said, Yahoo is over. Marissa Mayer is done as a CEO, despite the amount of promise she showed during the early part of her tenue with the company. Verizon should do themselves a favor and target other web content and properties . I think their money would be better spent on assets that weren’t compromised.

If I were a Yahoo user, I’d shut my account down, get a secure password manager, and change passwords and security question answers on all my financial accounts… and that’s just for starters. Yahoo has been around since the early 1990’s. A lot of users have a great deal invested in them, and all of that metadata may be compromised at this point. Better safe than sorry for ALL involved (including investors, Yahoo management and Verizon, as well as users)…

Are you a Yahoo user? Are you still using your Yahoo account? Are you concerned about this breach? What, if anything, have you done to protect yourself and your account information? Why don’t you meet me in the Discussion area below and give me your thoughts on the breach and on Yahoo itself as well as what you’re doing to make yourself safe.

Related Posts:

It was All a Marketing Stunt

The Italian ISP that deleted all of its servers… yeah, apparently… not so much.

hoaxLate last week, the owner of a small web hosting company in Italy said he “accidentally” executed some bad maintenance code on his servers, and they deleted all his servers.

Marco Marsala headed to a support forum and posted a cry for help claiming he made a big mistake,

“I run a small hosting provider with more or less 1,535 customers and I use Ansible to automate some operations to be run on all servers,” Marsala wrote. “Last night I accidentally ran, on all servers, a Bash script with a rm -rf {foo}/{bar} with those variables undefined due to a bug in the code above this line.

“All servers got deleted and the offsite backups too because the remote storage was mounted just before by the same script (that is a backup maintenance script).”

He got some sympathetic replies. However, most of the forum users basically told him he was an idiot and that since (as he further explained) that all of his onsite and offsite backup drives were also mounted to his servers at the time of execution, all of the sites that he ran (again, approximately 1535) all got permanently and irrevocably deleted.

Apparently, the delete was so destructive, that many users didn’t think that even an experienced data recovery company would be able to retrieve his data.

One user told him in no uncertain terms,

“You’re going out of business. You don’t need technical advice, you need to call your lawyer,”

I, and many others, woke up this morning only to find out that this had been nothing more than a giant hoax… it was all a marketing ploy. I guess the idea was that he was going to miraculously “restore” his data by himself, thus proving his technical superiority, and would hopefully gain more business.

If that wasn’t it, I have no idea, as, if I were someone wanting web hosting, I wouldn’t be looking to THAT guy…

According to Server Fault Meta, the whole thing was nothing more than a DUPLICATE of what is being called a “guerrilla marketing operation.” The user has been called a “blatant spammer/ troll” by a number of users

One user called Sirex, I think said it best, “we went into it thinking [this guy] was an idiot. We’ve came out of it thinking [this guy’s] an idiot, but for a different reason. I don’t think the joke is on us.

I happen to agree, here. If I were anyone that had a web account with this guy… I’d be long gone by now. What about you? Did you see this last week? Did you follow it at all? Were you surprised when it was reported to be a hoax? Why not chime in, in the Discussion Area, below and give me your thoughts?

Related Posts:

So… Now Net Neutrality is In??

All of a sudden President Obama is jumping on the Net Neutrality band wagon?

I don’t get politics.

I really don’t. Perhaps it’s because at the core of everything in me, I think that (most) people are generally good and don’t want or have any desire to screw over the person sitting next to them. Maybe I’m naïve… or just stupid. Who knows.

A few years ago when SOPA had the internet up in arms, everyone was screaming about the internet, content rights, and net neutrality. Its counterpart, PIPA was just as bad; and thankfully, both of them died in committee. Through all of this, though, lobbyists for AT&T, Comcast, Cox, Verizon, Time Warner and every other cable provider have been spending big… and I mean BIG… dollars in Washington trying to keep the FCC from applying Title II telecommunications reclassifications to ISP’s.

Effectively, Title II classification would make all ISP’s a broadcast service and therefore, a utility, falling directly under the governments regulations. However, there’s a catch..

The problem is that the internet is both a telecommunications service and an information service. The Telecommunications Act of 1996 covers both, but there’s a huge loop hole. While the act does make provisions for the offering of a capability for generating, acquiring, storing, transforming, processing, retrieving, utilizing, or making available information via telecommunication – and includes electronic publishing – it does not include any use of any such capability for the management, control, or operation of a telecommunications system or the management of a telecommunications service. The distinction comes into play when a carrier provides information services. A carrier providing information services is not a ‘telecommunications carrier’ under the act.

Over the past few years lobbyists have been throwing money at law makers, trying to get them to allow for HOV lanes on the internet. For example, a few years ago, Comcast wanted Netflix to pay a premium to have their content streamed over the internet or Comcast would throttle Netflix content.

Netflix said, “no.”

It didn’t want to pay for a virtual HOV lane on the internet. So, Comcast followed through and throttled their traffic, making the service pretty much unusable. This caused a huge problem for Netflix. Their stock tanked as users complained and left. In the end, Netflix relented, and paid for their HOV lane, and Comcast stopped throttling their traffic. The stock recovered and all was right with the world.

Net Neutrality would make this type of extortion illegal; and would require ISP’s like Comcast, Cox and Time Warner to treat all traffic like the 1’s and 0’s that they are.

President Obama appointed the most recent FCC Chairman, Tom Wheeler. Wheeler hasn’t had a great deal of success in addressing Net Neutrality. A federal appeals court struck down the previously proposed rules for net neutrality in January of 2014. The FCC has been trying to play politics since then and really hasn’t wanted to touch the hot potato that this has become.

In the end, both sides of this issue – the lobbyists opposing net neutrality and the content providers and the public who laud it – are pushing the FCC to make a decision. As Sean Connery said, “in the end, there can be only one.” At the end of the day, someone has to make up their minds – is everything just ones and zeros – or is some internet traffic more expensive to transmit?

At the end of the day, it’s really all about money.

The ISP’s want to be paid for the kind of traffic that flows more often over the internet – streaming audio and streaming video – from services like Spotify, Beats Music, iTunes Radio, Hulu, and Netflix. They see users moving all of their entertainment needs and wants to the internet as hard wires have a much farther reach than signals broadcast over the air. In other words, the change in infrastructure, equipment, type of traffic and the supply and demand for it… the entertainment and telecommunications lobbies want to be compensated for all of that. They want to tax the users and make them pay for their habits.

I recently saw an article that showed a Tweet by Senator Ted Cruz. He called Net Neutrality “ObamaCare for the Internet.”

I disagreed and tweeted back that Net Neutrality is really the internet’s Declaration of Independence.

net neutrality

“We hold these truths to be self-evident, that all [internet traffic is] created equal, that they are endowed by their [content] creator with certain unalienable Rights, that among these are [equality], [perpetuity] and the pursuit of [unmetered Bandwidth].

I’m willing to give a bit on the “unalienable rights,” part. If you have better suggestions, I’d love to hear them. I really did that off the top of my head, but the point is clear – all internet traffic should be treated the same, and none of it should be throttled or metered based on what kind of content it comprises.

Now, what Tom Wheeler decides to do… no one knows yet. I think I see him sitting on the sidelines watching which way the wind is blowing. He is clearly either a professional politician or is just afraid of standing up and making a decision.

The country – no… the WORLD – is watching Mr. Wheeler. What you decide will likely shape the next century or two. I know you want to get it right and you don’t want to create issues or problems for yourself, but it’s time to do the right thing. Put your big boy pants on and take a stand for Net Neutrality.

Do the right thing.

While I tend to be a conservative politically, I am not rich. I don’t want to pay MORE of a premium for the content I am already consuming. As entertainment – music and video – moves from broadcast and cable TV to the internet via Netflix, Hulu, iTunes and other on-demand services, I don’t want to have to pay more than I already am (which, by the way, is as much of a premium as it really needs to be for all of the movie channels, on demand channels and pay-per-view channels that are available and are used) for the stuff I ALREADY HAVE. In the end… the content providers are going to pass the cost of the HOV lane on to the consumer…

I work for a living! Cut me and my checking account a break and say yes to Net Neutrality!

What do YOU think? Am I too invested in this? Am I right about content being all ones and zeros and all ones and zeros are created a like? Is your internet bill really a UTILITY bill as defined by Title II of the Telecommunications Act of 1996? Why don’t you chime in, in the Discussion area below and let me know what you think? Anyone who surfs the internet likely has some kind of opinion about this. I’d love to hear yours…

Related Posts:

Great tool for sending newsletters and other marketing products through emails

Atomic Mail Sender is a mass mail utility that sends e-mail messages to the recipients’ mailboxes without using your ISP mail server. You just have to import the mailing lists which are saved either in .txt, .lst, or .csv format or connect directly to a database. You can also import unsubscribe mailing lists in the same formats as the mailing lists. With its basic management options such as: adding new addresses, removing addresses, filtering features, etc, represented by easily recognized icons and buttons, Atomic Mail Sender brings nothing new in terms of mass mailing utilities but it definitely stands out as one of the simpliest applications.

read full review download Atomic Mail Sender

Related Posts:

Stay in touch with Soft32

Soft32.com is a software free download website that provides:

121.218 programs and games that were downloaded 237.780.356 times by 402.775 members in our Soft32.com Community!

Get the latest software updates directly to your inbox

Find us on Facebook