Bugtraq mailing list archives
Re: Yahoo! Instant Messenger
From: Matthew Keller <kellermg () POTSDAM EDU>
Date: Tue, 16 Jan 2001 12:22:07 -0500
"Michael S. Fischer" wrote:
The third statement of this paragraph is untrue -- Almost every transaction at Yahoo! involving money uses the Yahoo! wallet system, which uses a separate password from the one used by YIM and the other "standard" (non-financial) services.
You're assuming that the person who holds both a YIM account and a Wallet account uses a different password. I'd bet willing to wager that near five-9's of the YIM/wallet users use the same account name and password, thus making any disclosure of their password a problem. -- Matthew Keller WebMaster, Interim Network Manager & Host Systems Analyst Computing & Technology Services Information Services Division State University of New York at Potsdam Website: http://mattwork.potsdam.edu/ PGP: http://mattwork.potsdam.edu/crypto/
Current thread:
- Yahoo! Instant Messenger Shaun O'Callaghan (Jan 15)
- Re: Yahoo! Instant Messenger Michael S. Fischer (Jan 16)
- Re: Yahoo! Instant Messenger Matthew Keller (Jan 16)
- Re: Yahoo! Instant Messenger Bill Fumerola (Jan 17)
- Re: Yahoo! Instant Messenger Matthew Keller (Jan 16)
- <Possible follow-ups>
- Re: Yahoo! Instant Messenger Josh Higham (Jan 17)
- Re: Yahoo! Instant Messenger Michael S. Fischer (Jan 16)