Yahoo reveals a third hack happened

IO.Hazard · 18. Feb 2017, 07:23 PM

“Based on the ongoing investigation, we believe a forged cookie may have been used in 2015 or 2016 to access your account,” announced the company in an email to users on Wednesday. “
http://www.breitbart.com/tech/2017/0...-a-third-time/

This third attack could be bigger than the previous 2 revealed last year.
http://thehackernews.com/2017/02/yahoo-hack.html

This might be a good time to ditch my only remaining Yahoo account for good.

Anupam · 18. Feb 2017, 08:49 PM

Boy oh boy! Shameful Yahoo, just shameful.

MidnightCowboy · 19. Feb 2017, 08:15 AM

Quote:

Originally Posted by Anupam

Boy oh boy! Shameful Yahoo, just shameful.

At least Yahoo appear to be honest about it, unlike a stack of others especially in countries where there is no mandatory legislation to report hacks.

http://emagazine.cicra.lk/87-of-it-p...go-unreported/

Fact is, if it's online it can be hacked.

The popular trend here at the moment is for folks to gain control of your smart TV. If it has a camera they can time break-ins accordingly. If it has voice control they can monitor your conversations for the same or another objective.

Even the security cameras that monitor your home while you're out can be hacked, and plenty have been.

Users however are often the architects of their own losses. They almost never understand the equipment they have bought, what functions it has and/or how to configure these for maximum security. Most users never even take the TV manual out of it's bag.

Some tips for TV security.

http://www.techtimes.com/articles/16...-some-tips.htm

I have a couple of extras.

Smart TV's are expensive. In Brazil the power supply is often unstable and during storms power surges are always a risk so we protect the TV and every other plugged in device with it's own surge breaker. This is a cheap solution for peace of mind although they don't work well with items that draw a lot of power such as microwaves as the fuses tend to burn out quite quickly. The added advantage regarding your TV is you can switch it off using this when you go out instead of resorting to plug removal. No chance then of your TV being accessed remotely.

Anupam · 19. Feb 2017, 11:49 AM

Yea, I guess you are right.

As more and more things become "smarter", and get connected to the internet, the risk factors only go higher.

I don't like online banking one bit, and here in India, cash has always been the main form of transaction, but now more focus is being done on being cashless, which although has its benefits, the price to pay for unsafe transaction is quite high.

trainman261 · 20. Feb 2017, 10:45 PM

I would like to add, though, as much as I dislike Yahoo, that I wouldn't rely on breitbart as a source - it's widely known as a site that publishes false information on a regular basis - and I have fact-checked several of their articles myself that I've been shown in the past, only to come to the same result.
As to the smart TV thing: My solution is simple, I use my (daily driver) computer as a smart TV, so for one, I only have to worry about securing one device, and for another, and for another, the webcam sitting on my TV is only usable when my computer is plugged in. Plus, it's cheaper (I can use a standard TV and already have the computer), and has many more features than the average smart TV.

Pierre2 · 21. Feb 2017, 03:42 AM

strangely enough, I've always found Ymail to be better than Gmail or Hmail
& yeah - they all get cracked, just some are more than others do.

with the local trend to move away from an ISPs email to say Gmail,
this cracking can be difficult, at best.

but with the other trend, & that is to eStatements & eBilling,
then everyone has to have 1 -2 eMail address anyway,
& you can't escape that.

in the west, currently, anyway.

IO.Hazard · 21. Feb 2017, 05:48 PM

Quote:

Originally Posted by trainman261

I would like to add, though, as much as I dislike Yahoo, that I wouldn't rely on breitbart as a source - it's widely known as a site that publishes false information on a regular basis - and I have fact-checked several of their articles myself that I've been shown in the past, only to come to the same result.

Breitbart news are a hit or miss, that's for sure, but sometimes they get things right. Anyway, that's why I posted a second source (Hacker news) and now a third one:
http://wccftech.com/yahoo-report-third-attack/
and a fourth:
https://arstechnica.com/information-...orged-cookies/

The main debate is about the real scope of this third attack and if yahoo is trying to minimize it by mixing it with the 2 previous attacks. Let's not forget they have an acquisition deal with Verizon, who by the way, is asking for a rebate:
https://qz.com/912055/verizon-values...ure-headaches/
http://money.cnn.com/2017/02/21/tech...-verizon-deal/

As for Smart TV's, I'd rather buy a modern but 'dumb' LED TV. Don't like the IoT at all. All their weaknesses were discovered and well documented way back in 2012
https://nakedsecurity.sophos.com/201...vulnerability/
Sadly, new tech and the IoT will make things only worse
http://www.zdnet.com/pictures/17-way...ibly-wrong/10/

18. Feb 2017, 07:23 PM	#1 (permalink)
IO.Hazard Senior Member Join Date: Aug 2012 Posts: 192	Yahoo reveals a third hack happened *“Based on the ongoing investigation, we believe a forged cookie may have been used in 2015 or 2016 to access your account,” announced the company in an email to users on Wednesday. “* http://www.breitbart.com/tech/2017/0...-a-third-time/ This third attack could be bigger than the previous 2 revealed last year. http://thehackernews.com/2017/02/yahoo-hack.html This might be a good time to ditch my only remaining Yahoo account for good.

18. Feb 2017, 08:49 PM	#2 (permalink)
Anupam Super Moderator Join Date: Jul 2008 Location: India Posts: 15,277	Boy oh boy! Shameful Yahoo, just shameful. __________________ Anupam

19. Feb 2017, 11:49 AM	#4 (permalink)
Anupam Super Moderator Join Date: Jul 2008 Location: India Posts: 15,277	Yea, I guess you are right. As more and more things become "smarter", and get connected to the internet, the risk factors only go higher. I don't like online banking one bit, and here in India, cash has always been the main form of transaction, but now more focus is being done on being cashless, which although has its benefits, the price to pay for unsafe transaction is quite high. __________________ Anupam

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

20. Feb 2017, 10:45 PM	#5 (permalink)
trainman261 Editor (Android) Join Date: Jan 2012 Posts: 224	I would like to add, though, as much as I dislike Yahoo, that I wouldn't rely on breitbart as a source - it's widely known as a site that publishes false information on a regular basis - and I have fact-checked several of their articles myself that I've been shown in the past, only to come to the same result. As to the smart TV thing: My solution is simple, I use my (daily driver) computer as a smart TV, so for one, I only have to worry about securing one device, and for another, and for another, the webcam sitting on my TV is only usable when my computer is plugged in. Plus, it's cheaper (I can use a standard TV and already have the computer), and has many more features than the average smart TV.

21. Feb 2017, 03:42 AM	#6 (permalink)
Pierre2 Senior Member Join Date: Dec 2014 Location: Perth, AU Posts: 192	strangely enough, I've always found Ymail to be better than Gmail or Hmail & yeah - they all get cracked, just some are more than others do. with the local trend to move away from an ISPs email to say Gmail, this cracking can be difficult, at best. but with the other trend, & that is to eStatements & eBilling, then everyone has to have 1 -2 eMail address anyway, & you can't escape that. in the west, currently, anyway.