Full Disclosure mailing list archives
Re: Yahoo!
From: Geoffrey Huntley <ghuntley () gmail com>
Date: Wed, 7 Jul 2004 19:54:59 +1000
OMG MY E-PENIS > YOUR E-PENIS. Jesus christ. On Wed, 7 Jul 2004 10:03:14 +0100, System Outage <system.outage () gmail com> wrote:
Heh.. Don't worry. I won't tell this list about the numerous cookie exploits which lead to thousands, probably millions of Yahoo! account's being compromised last year. If only the media had picked up on it at the time. It would have been a massive story for people like CNet News to run. Some things are ment to be kept underground, I guess. It's amazing the stuff that never makes it onto public security mailing lists, and it seem's like only the small issues are post here by security groups (for Yahoo! at least). And about telling Yahoo! about issues. I've given up on that now. They are ignorant people at the address security () yahoo-inc com. They only care for themselfs and have little public relation skills. They burnt there bridges with me and now they'll suffer. They know I get hold of alot of information for Yahoo! and send it to them directly at security () yahoo-inc com or via other employee's who send it to the security team. I've noticed also from past advisories on here by the big security groups that Yahoo! Security seem to have a problem with public relations and the lack of feedback they give people. Anyway, it's not my problem anymore. They can find there own security loopholes from now on. I'm finished with helping them out, as I have done indirectly over the past 6 years and to security () yahoo-inc com directly for the last 1/2 years. The script kiddies who hang on Yahoo! Chat will probably burn the place down (and that's just the ones who claim to have carried the out Akamia attack on Yahoo!), if they haven't managed to do so already. Cheerio On Tue, 6 Jul 2004 19:08:04 -0700 (PDT), VX Dude <vxdude2003 () yahoo com> wrote:--- System Outage <system_outage () yahoo com> wrote:Yeah, i've contacted the Yahoo! Security Team over the past 1/2 years with various issues that they -did- follow up and patch, but did not once think to tell me about progress. It was only after I spoke to a representative of Yahoo! Security and said I was going to post all the underground security issues with Yahoo! to FD, that I received an e-mail to say sorry that we didn't contact you. We've been reading -all- mails are we've been taking further action(s), after all this time.<snip>I guess the same may apply for Google Security Team. After all, Yahoo! and Google were very good partners, up until recently. Google and Yahoo! seem to have very quickly become rivals, with regards of Search and E-mail. The things I could tell FD about Yahoo! would rock the Yahoo! Security Team to it's foundations (and they know it). Luckily for them, I have morals. Yahoo! are aware of who I am, even though they know me on another alias. Cheerio<snip> I would just like to point out that some of us who use yahoo enjoy their security holes, if they didnt have such security holes we move on to using something like gmail! So please, stop telling yahoo, if they really cared, they'd do it on their own, and don't blab to FD either. Why ruin everyone's fun for 2 inches of fame? PS: FD keep sending those viruses. I don't know what the fuck it has to do for your cause, but it helps out my cause ;p __________________________________ Do you Yahoo!? New and Improved Yahoo! Mail - 100MB free storage! http://promotions.yahoo.com/new_mail _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Gmail Information Disclosure Vulnerability, (continued)
- Re: Gmail Information Disclosure Vulnerability Tremaine (Jul 05)
- Re: Gmail Information Disclosure Vulnerability System Outage (Jul 05)
- Re: Gmail Information Disclosure Vulnerability Maarten (Jul 05)
- Re: Gmail Information Disclosure Vulnerability Remko Lodder (Jul 05)
- Re: Gmail Information Disclosure Vulnerability Eric LeBlanc (Jul 05)
- Re: Gmail Information Disclosure Vulnerability a (Jul 11)
- Re: Gmail Information Disclosure Vulnerability Maarten (Jul 05)
- Re: Gmail/Yahoo! System Outage (Jul 05)
- Re: Gmail/Yahoo! VX Dude (Jul 06)
- Re: Yahoo! System Outage (Jul 07)
- Re: Yahoo! Geoffrey Huntley (Jul 07)
- Re: Yahoo! System Outage (Jul 07)
- Re: Yahoo! System Outage (Jul 07)
- RE: Gmail Information Disclosure Vulnerability Rodrigo Gutierrez (Jul 06)
- Re: Gmail Information Disclosure Vulnerability System Outage (Jul 05)