Yahoo!’s security shambles

Yahoo! insiders have told the New York Times that the web biz systematically refused money and fixes for its internal security team for fear of scaring off users.

The troubled California giant, which last week confessed that hackers had stolen the credentials for at least 500 million of its customer email accounts, routinely denied funding requests for better security and refused to implement basic security measures such as end-to-end encryption.

In 2014 Yahoo! hired security guru Alex Stamos as chief information security officer. He pushed hard for such encryption but was slapped down by management, who were worried that it would lose the ability to scan and index users' messages.

“I’m not particularly thrilled with building an apartment building which has the biggest bars on every window,” Jeff Bonforte, Yahoo!’s senior veep for email, told the paper.

Nevertheless, Stamos instituted rigorous testing procedures for The Paranoids, as Yahoo!’s security team was known. But staff report he clashed with Mayer, who refused to hand over cash for more testing and installing an intrusion detection system and refused to perform an automatic reset of user passwords after an attack for fear of losing customers.

Which is somewhat ironic as at just that time hackers were harvesting huge amounts of Yahoo! customer database records. Yahoo! is now facing a class-action lawsuit and possible congressional investigation into how it allowed the hack to happen. ®

More News Bytes

1

Mirai scan tool unleashed

Security researchers have released a Mirai IoT botnet scanning tool.
John Leyden, 07 Nov 15:07
Daisywheel with Courier font
3

UK AI ethics board to launch

The Alan Turing Institute has agreed to set up a UK AI ethics board in partnership with the UK government.
Katyanna Quach, 07 Nov 10:49
Live news illustration with microphones and cameras

Zadara enters Googleplex

Zadara virtual storage arrays can be accessed from Google's Cloud Platform compute environment.
Chris Mellor, 07 Nov 09:54
Burning money, photo via Shutterstock

Dell fire sales score US$5.4bn

Dell has filed the regulatory paperwork to confirm the sales of its software and services arms.
Simon Sharwood, 07 Nov 07:46

GoPro revenues skydive

Sports camera company GoPro desperately needs good holiday season sales after a terrible third quarter.
Kieren McCarthy, 04 Nov 19:05
Zuckerberg
8

Zuck loses $3bn in a day

Facebook head honcho Mark Zuckerberg lost $3bn yesterday after shares in his company fell following an earnings warning about slowing advertising growth.
Kieren McCarthy, 04 Nov 18:48

Biting the hand that feeds IT © 1998–2017