-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Yahoo has a ton of cash and a lot of experience put into make a great experience.
But they do have those embarrassing security flaws you just mentioned. Also, they're not even using cellphone calling or having real people man cracked email accounts. Instead they let 15 year old 4channers backdoor you. The most secure way to fortify your mail to scramble your forgotten pw's, and if you do that, and you lose your pw, You're toast. I'm sure yahoo also has some shitty last 4 # of your CC. Google's way of doing it is superior. They hire pakis to do that stuff. Yahoo is amazing is many aspects (for years they had a great directory, and even today have superb search), but I never had the impression that security was their strongpoint. I wouldn't trust my mail or personal data with them. On Mon, 01 Mar 2010 23:23:24 +0000 brian moore <b...@cmc.net> wrote: >On Sat, 27 Feb 2010 12:42:30 -0800 >mark seiden <m...@yahoo-inc.com> wrote: > >> it's true that yahoo is hiring security people, though, >typically not as consultants >> but as employees -- programmers and engineers who are clueful >about >> security. > >Really? > >Cause they could sure use some.... (Considering the spam I get >from Yahoo, where the >Yahoo abuse people deny that web113903.mail.gq1.yahoo.com >[98.136.167.123] is part of Yahoo.) > >I'd say you have a serious security problem, since if that's true, >someone has compromised >your DNS servers as well as records at ARIN that say Yahoo owns >that network. > >Received: from n64.bullet.mail.sp1.yahoo.com >(n64.bullet.mail.sp1.yahoo.com [98.136.44.189]) > by mailhost.cmc.net (Postfix) with SMTP id 7CA5C29EB0A > for <webmas...@kezi.com>; Tue, 23 Feb 2010 09:59:41 -0800 (PST) > >That didn't come from Yahoo, either, according to your employees. > >Received: from n21.bullet.mail.mud.yahoo.com >(n21.bullet.mail.mud.yahoo.com [68.142.206.160]) > by bert.cmc.net (Postfix) with SMTP id 805631F918 > for <r...@rom.org>; Sat, 20 Feb 2010 06:31:13 -0800 (PST) > >That didn't come from Yahoo either... > >Looks like someone is totally having a field day with your DNS >servers and ARIN, because it certainly >can't be that your abuse staff is completely incompetent and >ignoring spam complaints with lies >about it not coming from Yahoo. > >_______________________________________________ >Full-Disclosure - We believe in it. >Charter: http://lists.grok.org.uk/full-disclosure-charter.html >Hosted and sponsored by Secunia - http://secunia.com/ -----BEGIN PGP SIGNATURE----- Charset: UTF8 Version: Hush 3.0 Note: This signature can be verified at https://www.hushtools.com/verify wpwEAQMCAAYFAkuMUHAACgkQwGoky+I7Eot/eAP+OJyVxW9JDzx5iV514RrCF5DOTX27 KslqXFVIVpKWLN6PscX0kKrI9bansION8Zt7wJoKO4EIdupAbpdXih4OOXBEzdxKhw2R Tjpj2NR715Es+3DPYX5Q0doYMVtgwEWZaBJZKVVoIyTMkhIoiIxyTIkhYipU4YchUBmj Yc0zm5I= =K5Og -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/