Full Disclosure mailing list archives
Re: Yahoo recommends you write down account information
From: "MR BABS" <mrbabs () gmail com>
Date: Fri, 17 Mar 2006 22:45:07 -0500
I did read them, and this again enforces my point, you guys are just trolls. Nobody takes you guys seriously. Provide me with a legitimate situation, in which a 'bad guy' has access to physically printed out documents, and the mailbox of the user , where he could not simply either install a keylogger, sniff the passwords off the network, or get them from the system. The truth is, yahoo uses this as a way to prevent annoyance. I'd suspect if they DIDN'T ask for this information n3td3v would be on here claiming that it was a DoS vulnerability or some comparable bullshit. Anyways, great troll, but this is an old meme, so lets keep moving the FDRUIN forward, shall we? On 3/17/06, n3td3v <n3td3v () gmail com> wrote:
Didn't you read this http://groups.google.com/group/n3td3v/browse_thread/thread/c18d3cb3267fc4a0/0e1a4176301c25c8#0e1a4176301c25c8 before you carried out your own sector of trolling? http://groups.google.com/group/n3td3v/browse_thread/thread/c18d3cb3267fc4a0/0e1a4176301c25c8#0e1a4176301c25c8 Please keep politically correct on FD, otherwise, the CERT folks might get worried :P On 3/18/06, MR BABS <mrbabs () gmail com> wrote:WOW great troll n3td3v you are truly the greatest trolling organization on the earth! I bet you and bantown are cooking up some schemes right now! On 3/16/06, bigdaddyzeroday () hush ai < bigdaddyzeroday () hush ai> wrote:Do you blow everything out of perportion like this? How old must you be to have this attitude. On Thu, 16 Mar 2006 15:52:06 -0800 n3td3v group <system_outage () yahoo com > wrote:You're Yahoo's top security advisor, who I talk to every day off the record, but you say PEOPLE LIE ABOUT INFORMATION THEY PUT ON ONLINE FORMS? I think you're missing the point. The account information YAHOO ask users to print out is the ACTUAL information on the users ACCOUNT table. SURE, folks can type COMPLETE crap in their registeration for signing upto a Yahoo account, but whatever information is submitted to the Yahoo account, it is the TRUE information that would give access to that account. SO, no matter the trend of users giving BOGUS information to sign up for an account, the only people who would print out information is people who would have submitted TRUE information. Otherwise, why would they print out info they knew was bogus? MARK, you're Yahoo's top security advisor, and I respect you offthe record, but coming on here trying to defend Yahoo's sec pros for getting it totally wrong in their CONTRADICTION between sites is totally wrong. Yahoo said the wording "DONT WRITE DOWN YOUR PASSWORD" but on the registeration proceedure it says "YAHOO RECOMMEND YOU WRITE DOWN YOUR ACCOUNT INFORMATION" YOU AS YAHOO SECURITY ADVISOR NEED TO ADMIT "YAHOO" AS A CORPORATION GOT IT WRONG. I speak to you every day off list, but going off on your own crusade won't make the rest of the Yahoo security team like you better. SEE YOU OFF LIST SEIDEN. Sorry to everyone else, this is part of an off list argument that Yahoo's top advisor can't get a grip of. (How did you become Yahoo's top security advisor? :P) SEE YOU OFF LIST Bye mis () seiden com wrote: a certain number of people lie about their birthdate and zipcode, or they forget just what they lied about, or move from place to place and forgot where they lived when they registered, and they don't have a working alternate email address. --------------------------------- Yahoo! Mail Use Photomail to share photos without annoying attachments.Concerned about your privacy? Instantly send FREE secure email, no account required http://www.hushmail.com/send?l=480 Get the best prices on SSL certificates from Hushmail https://www.hushssl.com?l=485 <https://www.hushssl.com/?l=485> _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Yahoo recommends you write down accountinformation, (continued)
- Re: Yahoo recommends you write down accountinformation Dave Korn (Mar 16)
- Re: Yahoo recommends you write down account information mis (Mar 16)
- Re: Yahoo recommends you write down account information n3td3v group (Mar 16)
- Re: Yahoo recommends you write down account information n3td3v group (Mar 16)
- Re: Yahoo recommends you write down account information n3td3v group (Mar 16)
- Re: Yahoo recommends you write down account information bigdaddyzeroday (Mar 15)
- Re: Yahoo recommends you write down account information bigdaddyzeroday (Mar 17)
- Re: Yahoo recommends you write down account information bigdaddyzeroday (Mar 17)
- Re: Yahoo recommends you write down account information MR BABS (Mar 17)
- Re: Yahoo recommends you write down account information n3td3v (Mar 17)
- Re: Yahoo recommends you write down account information MR BABS (Mar 17)
- Re: Yahoo recommends you write down account information n3td3v (Mar 17)
- Re: Yahoo recommends you write down accountinformation Sean Crawford (Mar 17)
- Re: Yahoo recommends you write down accountinformation n3td3v (Mar 17)
- Re: Yahoo recommends you write down account information MR BABS (Mar 17)