Security Flaw In Yahoo Mail Exposes Plaintext Authentication Info

Posted by Soulskill on Saturday September 27, 2008 @03:16AM from the who-needs-encryption-anyway dept.

holdenkarau writes "Yahoo!'s acquisition of open source mail client Zimbra has apparently brought some baggage to the mail team. The new Yahoo! desktop program transmits the authentication information in plain text. The flaw was discovered during a Yahoo 'hacku' Day at the University of Waterloo (the only Canadian school part of the trip). Compared to the recent news about Gmail exposing the names associated with accounts, this seems downright scary. So, if you have friends or relatives who might have installed Yahoo! desktop and value their e-mail accounts, now would be a good time to get them to change the password and switch back to the web interface."

1 of 66 comments (clear)

Min score:

Reason:

Sort:

Re:Overreaction... by snl2587 · 2008-09-27 03:47 · Score: 0, Offtopic

This might be hard to believe but less than ten years ago virtual all passwords were transmitted in plain text.
This just in: man wakes from 10 year slumber to find that the internet has changed and no one cares about Monica Lewinsky anymore. Story at 11.