lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20060316235206.32551.qmail@web36901.mail.mud.yahoo.com>
Date: Thu Mar 16 23:52:24 2006
From: system_outage at yahoo.com (n3td3v group)
Subject: Yahoo recommends you write down account
	information

You're Yahoo's top security advisor, who I talk to every day off the record, but you say PEOPLE LIE ABOUT INFORMATION THEY PUT ON ONLINE FORMS?
   
  I think you're missing the point. The account information YAHOO ask users to print out is the ACTUAL information on the users ACCOUNT table.
   
  SURE, folks can type COMPLETE crap in their registeration for signing upto a Yahoo account, but whatever information is submitted to the Yahoo account, it is the TRUE information that would give access to that account.
   
  SO, no matter the trend of users giving BOGUS information to sign up for an account, the only people who would print out information is people who would have submitted TRUE information. Otherwise, why would they print out info they knew was bogus?
   
  MARK, you're Yahoo's top security advisor, and I respect you off the record, but coming on here trying to defend Yahoo's sec pros for getting it totally wrong in their CONTRADICTION between sites is totally wrong.
   
  Yahoo said the wording  "DONT WRITE DOWN YOUR PASSWORD" but on the registeration proceedure it says "YAHOO RECOMMEND YOU WRITE DOWN YOUR ACCOUNT INFORMATION"
   
  YOU AS YAHOO SECURITY ADVISOR NEED TO ADMIT "YAHOO" AS A CORPORATION GOT IT WRONG.
   
  I speak to you every day off list, but going off on your own crusade won't make the rest of the Yahoo security team like you better.
   
  SEE YOU OFF LIST SEIDEN.
   
  Sorry to everyone else, this is part of an off list argument that Yahoo's top advisor can't get a grip of.
   
  (How did you become Yahoo's top security advisor? :P)
  SEE YOU OFF LIST
  Bye
   
   
   
   
  mis@...den.com wrote:
    a certain number of people lie about their birthdate and zipcode, or
they forget just what they lied about, or move from place to
place and forgot where they lived when they registered, 
and they don't have a working alternate email address.

			
---------------------------------
 Yahoo! Mail
 Use Photomail to share photos without annoying attachments.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060316/1a2f0e1c/attachment.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ