lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
From: brenno at (Brenno J.S.A.A.F. de Winter)
Subject: This sums up Yahoo!s security policy to a -T-


I think the main issue here is that the son is dead and that changes a
lot from a privacy perspective. His family inherits his physical letters
and communications, so why not the digital. I truly amazed that Yahoo
goes so difficult on them, especially since its an American company
(where privacy generally has a lesser value than Europe).

Furthermore it would be adding insult to injury if they'd let the 90-day
rule stand. After all they are not granting the family access. 

On the issue of high profile case: that shouldn't matter. It is only
human that people would love to read his last words. Let Yahoo please be
compassionate, especially around Christmas time and stop this "we're
privacy friendly"-attitude when someone doesn't need privacy anymore.
Let them focus on privacy for those that are alive.


> A few pointers here to remember:
> - They reckon he was saving drafts of e-mails to send when he had net
> access. Not all of these drafts were sent before he was obviously
> murdered.
> - He was only using the e-mail account to communicate between friends
> or family. It isn't like he has secret e-mails he wouldn't want his
> family to read, example: some love affair etc with some random chick.
> - Other e-mail providers like AOL have already given families access
> to accounts of the e-mail used to send messages from battle.
> - Sure, corporation need tight privacy policies, although if a
> corporation like Yahoo! are going to be this tight, then surely there
> should be an "appeal" system setup in special high profile cases, like
> this one. This would be the best way to go, than putting families of
> war dead, through extra pain when dealing with a loss of life.
> - I personally think Yahoo! could easily allow them access in private,
> turning a blind eye in this special circumstance. Which as I mentioned
> above, an appeal process would give room for, obviously.
> - This account should at least be taken out of the deactivation
> process and deletion, until all legal angles have been ventured.
> - If all else fails, its not rocket science for some hacker/script
> kiddie to do the family a favour and crack the password and/or account
> information and e-mail a family member the details.
> Thanks, n3td3v
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter:

Powered by blists - more mailing lists