Premium Essay

Yahoo Mail Hacking

In:

Submitted By teema
Words 2908
Pages 12
1.0 INTRODUCTION
Yahoo! Inc. acronym for “Yet Another Hierarchical Officious Oracle” (Gil P.) is an American multinational Internet corporation with headquarters in Sunnyvale, California. It was founded in January 1994 by Jerry Yang and David Filo and incorporated on 1st March 1995. Its present CEO and President from July 17, 2012 is Marissa Mayer (Pariroth N.,2012). It’s services include Web Portal, Yahoo Search, Yahoo Groups, Yahoo Directory, Yahoo News, Yahoo Finance, Yahoo Answers, online mapping, fantasy sports and Yahoo mail which is a free email service launched in 1997, and Yahoo Mail was the third-largest web-based email service with 281 million users as of December 2012 (Molla R.,2012)
Yahoo email accounts have been continuously hijacked by hackers since January 2013. This has caused serious mail insecurities among Yahoo account holders. A cross-site scripting (XSS) proof-of-concept developed by a security researcher Shahin Ramezany is claimed to put some 400 million Yahoo Mail users at risk of hijack (Donohue B.,2013). The XSS vulnerability in yahoo webmail service was blamed for a spate of the account hijackings. The compromised accounts were used to send spam. (ISHA SURI,2013)
Security researcher Shahin Ramezany developed an XSS proof-of-concept exploit that he claims puts some 400 million Yahoo Mail users at risk of having their accounts taken over.

1.1 DECISION MAKING AND PROBLEM SOLVING
The ASK SIR L model is used to describe the approach taken by Yahoo in solving the email hacking problem.
A – Appreciate the problem
The Yahoo team recognised that they have a problem as can be seen from the statement given by the spokesperson.
On the 7th of January 2013, Yahoo issued TNW two statements, first saying it was investigating and secondly confirming that it has fixed the flaw. A Yahoo spokesperson in UK said “At Yahoo! We take security very

Similar Documents

Premium Essay

Hacking Exposed

...Hacking Exposed 1 Running Head: HACKING EXPOSED Hacking Exposed Crime and Criminal Behavior – CRJ105002016 201003 Hacking Exposed 2 Hacking Exposed Hacking is unauthorized use of a computer and network resources. A hacker is a person who breaks into computers, usually by gaining access to administrative controls (en.wikipedia.org). A 20 year old Tennessee college student named David Kernell broke into the Yahoo e-mail account of U.S. Vie Presidential candidate Sarah Palin. He accessed Palin’s personal e-mail account in September 2008, while she was running as a vice presidential candidate, and used Yahoo’s password reset feature to gain access to her mail. Several of her messages from her account were posted publicly. Mr. Kernell bragged through a posting a message to a poplar message board claiming to have gained access to Palin’s e-mail by using the Yahoo’s password reset features. After a couple of days the internet searching related to this hacking was tracked to Mr. Kernell. The resulting damage of this crime was described by Palin as the most disruptive and discouraging incident of her losing 2008 campaign (www.computerworld.com). Mr. Kernell fits the profile of the average hacker. He is a male between the ages of 16 and 25 and he does live in the United States. He is a computer user. I think Mr. Kernell knew exactly what he was doing and realized that once he got into Palin’s account (her being the vice presidential...

Words: 664 - Pages: 3

Free Essay

Hacking Exposed

...Hacking Exposed 1. What was the crime, who was the criminal, who was the victim, what was the resulting damage of the crime? The crime was hacking into a neighbor’s Wi-Fi network in 2009 and using it to try and frame them for child pornography, sexual harassment, and various kinds of professional misconduct and to send threatening e-mail to politicians, including Vice President Joe Biden (Kravets, 2011). The criminal was Barry Ardolf the victims’ neighbor (Kravets, 2011). The victims were Matt and Bethany Kostolnik his new neighbors who lived next door to Mr. Ardolf (Kravets, 2011). Mr. Ardolf wanted to destroy the careers and professional reputations of Matt and Bethany Kostolnik, to damage their marriage, and to wreak havoc on their lives. Mr. Ardolf spent two weeks cracking the Kostolnik’s WEP encryption (Kravets, 2011). He then used their own Wi-Fi network to create a fake MySpace page for the husband, where he posted a picture of a pubescent girl having sex with two young boys (Kravets, 2011). Mr. Ardolk e-mailed the same child porn to one of Mr. Kostolnik’s co-workers, and sent flirtatious e-mail to women in Mr. Kostolnik's office (Kravets, 2011). In May 2009, the Secret Service showed up at Mr. Kostolnik's office to ask about several threatening e-mails sent from his Yahoo account, and traced to his IP address, that were addressed to Biden and other politicians (Kravets, 2011). The subject line of one e-mail read: "This is a terrorist threat! Take this seriously...

Words: 713 - Pages: 3

Premium Essay

The Impact of Information Communication Technology

...Technology. In this essay I will provide an overview of three forms of Technology: Mobile Phone, the Internet, the E-Mail. I will also explain current development in C/T and discuss the role of legislation on the industry. Mobile Technology: Mobile Technology is the technology used for cellular communication. They come into use in 1990’s. When first introduced, it way a luxury item, today it is viewed as an essential to our existence. Old mobile technology consisted of a large handset, battery and signal difficulties and was very expensive. Since the start of this millennium a standard mobile device has gone. Today mobile are slim line, cheaper and can perform of many functions: Personal Mobile use: * To call * To Text * Camera functions * Games * Alarm * Email * Internet * Calendar * App Store Business use: * To communications with staff, customers/business partners Advantages of Mobile Technology: * 24/7/365 contact * Accessible at all time * Variety of services available via any mobile * Mobile Marketing reaches new and existing customers * Sending out special offers and tracking responses. * GPS in phone can help to locate hard-to-find places and be on time for appointments. Disadvantages: * No escape from its demands * Health risks * Bullying * Hacking problems * Costs * Lack of information control * Privacy issues * Safety issues This completes my...

Words: 867 - Pages: 4

Free Essay

Lolnohkers

...Assignment 1: Computer Memory Hacking Albert Pigg| |Mr. De Monte’ Thomason| |CIS106| |05/09/16| Assignment 1: Computer Memory Hacking Hacking of Memory When it comes to the term “hacking” essentially the “hackers” are usually categorized in two categories, “white-hat” and “black-hat.” White-hat refers to the hacker affiliating themselves with light and justice. Black-hat refers to the hacker affiliating themselves with the darker side of the net and with malicious intent. What is “hacking”? Essentially it is accessing, altering, or such manipulation of data while circumventing preventative measures. There is however numerous preventative measures corporations, governments and other private institutions take to secure their data. (Harvey, 1985) Common Tools of a Hacker “To catch a thief, it takes a thief.” We’ve all heard it sometime in life likely. To first take the steps of understanding how to prevent hacking, we must familiarize ourselves with some of their tools. DDOS and DOS Attacks Denial of service attacks are a frequent occurrence on the internet. Often referred to as “DOS attacks”. DOS attacks are initiated by hackers sending packets, or bits of data, very repetitively to the victim’s computer until it is unable to communicate any other packets. (PBS, 2001) One such attack was executed against some big United States companies. On February 8th 2000, “MafiaBoy” or Michael Calce attacked sites such as Yahoo!, CNN, eBay, and E-Trade, with repeated DOS attacks...

Words: 913 - Pages: 4

Free Essay

Cybercrime

...continues to rise throughout the world, the threat of cyber crime also grows. While some of these crimes are relatively harmless and commonplace, others are very serious and carry with them felony charges. Various types of Cyber crimes that can be encountered over the net are spam, fraud, cyber terrorism and so on. Whether for individuals, companies or governments, cybercrime has become a big problem. Spam is defined as unsolicited junk e-mail. It is used by chain mailers, forger and some others who selling dubious products.  “The Federal Trade Commission (FTC) has identified 12 types of scams that are most likely to arrive in consumers’ e-mail boxes. The “dirty dozen” are: business opportunities, bulk e-mail, work at home schemes, health and diet scams, effortless income, free goods, investment opportunities, cable descrambler kits, guaranteed loans or credit on easy terms, credit repair, and vacation prize promotions”(Phommalinh). Meanwhile, the most common type of cybercrimes occurred in spam is virus which spread by e-mails. When one receive an e-mail with a virus, the default settings of your computer do not have any action required to resist virus. At that point, virus can follow instructions and does anything whatever the programmer wants it to do. The typical action that virus does is installing itself in one’s computer’s system, infecting critical operating files, searching cached HTML and mailing them to others. Computer fraud refers to the fallacious misrepresentation of...

Words: 1173 - Pages: 5

Free Essay

Certified Ethical Hacker

...http://www.ipass4sure.com 312-50 ECCouncil Certified Ethical Hacker http://www.ipass4sure.com/exams.asp?examcode=312-50 The 312-50 practice exam is written and formatted by Certified Senior IT Professionals working in today's prospering companies and data centers all over the world! The 312-50 Practice Test covers all the exam topics and objectives and will prepare you for success quickly and efficiently. The 312-50 exam is very challenging, but with our 312-50 questions and answers practice exam, you can feel confident in obtaining your success on the 312-50 exam on your FIRST TRY! ECCouncil 312-50 Exam Features - Detailed questions and answers for 312-50 exam - Try a demo before buying any ECCouncil exam - 312-50 questions and answers, updated regularly - Verified 312-50 answers by Experts and bear almost 100% accuracy - 312-50 tested and verified before publishing - 312-50 exam questions with exhibits - 312-50 same questions as real exam with multiple choice options Acquiring ECCouncil certifications are becoming a huge task in the field of I.T. More over these exams like 312-50 exam are now continuously updating and accepting this challenge is itself a task. This 312-50 test is an important part of ECCouncil certifications. We have the resources to prepare you for this. The 312-50 exam is essential and core part of ECCouncil certifications and once you clear the exam you will be able to solve the real life problems yourself.Want to take advantage of the Real 312-50...

Words: 1963 - Pages: 8

Premium Essay

Ethical Hacking

...Chapter-1 1.0 Introduction With the tremendous advancement of Internet, different aspects of it are achieving the highest peak of growth. An example of it is e-commerce. More and more computers get connected to the Internet, wireless devices and networks are booming and sooner or later, nearly every electronic device may have its own IP address. The complexity of networks is increasing, the software on devices gets more sophisticated and user friendly – interacting with other devices and people are a main issues. At the same time, the complexity of the involved software grows, life cycles are getting shorter and maintaining high quality is difficult. Most users want (or need) to have access to information from all over the world around the clock. Highly interconnected devices which have access to the global network are the consequence. As a result, privacy and security concerns are getting more important. In a word, information is money. There is a serious need to limit access to personal or confidential information – access controls are needed. Unfortunately most software is not bug free due to their complexity or carelessness of their inventors. Some bugs may have a serious impact on the access controls in place or may even open up some unintended backdoors. Security therefore is a hot topic and quite some effort is spent in securing services, systems and networks. On the internet, there is a silent war going on between the good and the bad guys – between the ones...

Words: 8365 - Pages: 34

Premium Essay

Ip Address

...GROUP PAPER # 1 TSINFOTE: MANAGING CONCEPTS FOR INFORMATION TECHNOLOGY Submitted To: Professor Mennen Aracid Submitted By: Patrick Nicholas David 06 Aug 2013 Discussion Questions: 1. How many possible ways can an individual connect to the internet? What are the devices needed for each connection mode? How do you think the landscape will change in the next five years? * 1st - via DSL connection provided by internet provider like PLDT or globe * analog: dial up internet access. old school * mobile or GPRS * modem connected through copper cable or fiber cable * fibre optics - broadband and leased line * satellite internet service/connection Landscape in 5 Years: * satellite connection * Device needed: pc, laptop, cellphone with built in wireless card that can server as a wireless hotspot * Another would be via USB dongle with sin card capable for GSM connection like 3G or LTE * devised on sunglasses or reading glasses with voice command * internet access that can be seen in your peripheral vision and can be access through brain waves. you just need some implant in the brain * IMT-Advance" which have a theoretical max speed if 1 gbit /Second 2. What is an IP address? * IP address - a unique identifier assigned to your PC in a network connection * Internet Protocol address is a numerical label assigned to each device (e.g., computer, printer) participating in a computer network that uses the Internet...

Words: 957 - Pages: 4

Free Essay

The World of Cybercrimes

...The World of Cybercrimes Cybercrimes are one of the most dangerous threats to our Nation. There are no boundaries when it comes to cybercrimes. A cybercrime is one of the fastest growing crime types of the century and includes criminal activity involving computers and the internet. Hacking a computer is not the only thing considered a cybercrime. Downloading movies and music illegally is also a cybercrime. Once thought as something that only the military or other government officials had to worry about, it is now on the rise since everyone has a computer and it is easy to find out how to hack into computer systems. With the rise of internet usage among businesses and private users, the risk of being a victim of cybercrime is huge. The Security Tracking Study performed by the Pomemon Institute states that 83 percent of multinational companies feel that within the past 12 months they have been a target of a cybercrime. Price Water House Coopers states that the number of businesses having a security breach is more along the lines of 92 percent. Cybercrimes are attacks on computer hardware and software, downloading illegal movies and music, online fraud involving financial crimes and corruption with an organization, crimes against children and the elderly, cyber bullying and fraudulent telemarketing events for charitable donations. What was once something only “hackers” did is now something anyone can do. The term hacker was originally described as “any technical effort...

Words: 8856 - Pages: 36

Premium Essay

Computer

...is any illegal action where the data on a computer is accessed without permission. This access doesn't have to result in loss of data or even data modifications. Arguably the worst computer crime occurs when there are no indications that data was accessed. Computer crime is often attributed to rogue hackers and crackers, but increasingly organized crime groups have realized the relative ease of stealing data with relative low-level of risk. Government organizations are also rumored to be involved with hacking in to computer systems, but the legality of such actions is far too grey an area to be discussed here. Computer crime, or cybercrime, refers to any crime that involves a computer and a network, where the computers may or may not have played an instrumental part in the commission of a crime.[1] Netcrime refers, more precisely, to criminal exploitation of the Internet.[2] Issues surrounding this type of crime have become high-profile, particularly those surrounding hacking, copyright infringement, child pornography, and child grooming. There are also problems of privacy when confidential information is lost or intercepted, lawfully or otherwise. On the global level, both governments and non-state actors continue to grow in importance, with the ability to engage in such activities as espionage, financial theft, and other cross-border crimes sometimes referred to as cyber warfare. The international legal system is attempting to hold actors accountable for their actions, with...

Words: 7299 - Pages: 30

Premium Essay

Search Engine

...Search Engine Industry History of search engine The need for search services grew with the expanding reach and magnitude of the World Wide Web. One of the earliest search services, Yahoo!, was a directory of sites selected and organized into categories by human editors. The Web soon grew too large for directory-based search. AltaVista invented technology that automated search, relying on software “spiders” that created a searchable index of page contents and on algorithms that ranked page relevance based on the frequency of keyword references. Yahoo! added AltaVista’s algorithmic search engine, but in 1998 replaced AltaVista with Inktomi, which used parallel-processing networks to offer faster processing and a larger index. As website developers exploited search algorithms by repeating keywords on their pages, searches increasingly returned irrelevant listings—”spam”—that frustrated users. In 1998, Sergey Brin and Larry Page tackled this problem as graduate students at Stanford. Their PageRank algorithm reliably delivered more relevant searches by favoring pages that were referenced—”linked to”—by other pages. These links were called “votes,” because they signaled that another page’s webmaster had decided that the focal page deserved attention. The focal page’s importance was determined by counting the number of votes it received, weighting votes more heavily when they were cast by pages that Google had previously deemed to be important. This approach required PageRank to...

Words: 6111 - Pages: 25

Free Essay

Google China

...Chinese division of Yahoo! sent information on one of its users, Shi Tao, to the Chinese government. The journalist had been critical of the Chinese government, and, based on the information sent to the government, Shi Tao was sentenced to ten years in prison. In 2010, e-mail accounts housed by Google were hacked. Many of these accounts belonged to human rights activists. Issues like these pose a conundrum for the United States and international entities that are looking to prevent human rights abuses, including violations of privacy, in countries such as China. This paper will evaluate current and proposed efforts to curb such actions by the Chinese government. I propose the following three-pronged approach to deal with these actions: 1) a vigorous naming, blaming, and shaming campaign; 2) the adoption of a uniform policy by the United States government for addressing the Chinese government on these issues; and 3) the development of coherent, enforceable, and specific codes of conduct by trade associations and business groups that discuss issues of censorship and privacy regarding the internet, their customers, and foreign governments. 50 The Public Purpose Statement of the Problem In the mid-2000s, staff at the Chinese branch of Yahoo! sent private information on one of its users, Shi Tao, to the Chinese government. Shi Tao was a journalist who had been critical of the Chinese government in e-mails on his Yahoo! account. Based on agreements that Yahoo! had entered into...

Words: 8823 - Pages: 36

Premium Essay

Global Ethical Problems

...business in China. The organization cannot assume that Chinese do business the same way Americans do. To do business in China a company has to follow government directives. Chinese want to do business with people they trust. Terms on contracts will not mean the same thing to them as they do to Americans. Chinese businesses do not feel they are bound to contracts. In America a company competes with 100’s of business but in China, you are competing with globally. Google Inc’s announce in Beijing their decision to withdraw from China after ethical implications of hacking into the privacy of Google’s users. Google had to limit the excess of information on the search engine in China. China does not hold to the same freedom of speech American do. Free speech advocates criticized Cisco Systems, inc. for selling equipment to China that blocks Web sites. Yahoo helped the Chinese policy identify Chinese Journalist used Yahoo mail to send contents to secret government order to an overseas website (Dean, 2010). The journalist was sentenced to 10 years of jail....

Words: 1514 - Pages: 7

Premium Essay

Google Attacks

...in 2006, when the company decided to launch its services to China. Although the intention for Google in China was to provide the Chinese with more resources for information, China still had several regulations on censorship. Whether the censorship regulations fueled the hackers to attack Google is unknown, but it is suspected (Arrington, 2010). Recent reports on cybersecurity breaches related to China show that China has been consistently responsible for the largest percentage of observed cyber attacks (Voigt, 2013). In 2009, Google was involved in what is described as a “highly sophisticated and specifically targeted attack” on the company’s corporate infrastructure (Arrington, 2010). The cybersecurity attack exploited security flaws in e-mail attachments to sneak into networks of major financial, defense, and technology companies and research...

Words: 1000 - Pages: 4

Free Essay

Timbuk2 Success in the Bag

...qwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmrtyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmrtyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmrtyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmqwertyuiopasdfghjklzxcvbnmrtyuiopasdfghjklzxcvbnmqwer...

Words: 2869 - Pages: 12