Quote this comment

Bob Posted…

One hundred years behind in security and light-years behind in caring about their users. How has Yahoo pissed me off? Let me count the ways. Yahoo has become too big for its britches and suffers from extreme bloat. It’s time for them to shed a few pounds in the form of intrusive advertising and faulty code and get back to basics. Sorry... I needed to rant a moment. I’m better now.

Quote this comment

amin Posted…

Welcome

Quote this comment

Cee Posted…

The (un)security problems of Yahoo are obvious and well known. Aside from Yahoo "needing" the right to view/use all of our personal information, the actual USERS on the Yahoo games site are the biggest threat of all. Just piss one or more of them off and see what happens. There are hackers who "specialize" in Yahoo game hacks. There is a site called "Yahoo Security" that consists of lists of viruses, trojans and other malicious tacktics...all ready to download just to get back at some offending yahoo games player.....these people need to get a life. More than that though, if Yahoo wasn't THE most hackable site there ever was...there wouldn't be such a problem.

Quote this comment

Meredith Posted…

I think I may have been hacked into, and am wondering how to fix the damage done, and what I can download to keep it from happening again. I understand your pissed offedness Bob, I'm right there with ya.

Quote this comment

evan Posted…

Meredth, 1. change any and all passwords to something cryptic and unbreakable, i.e. 4ns5hdx9. Also, use a different password for everything. 2. never, ever, use FTP or telnet, instead get a graphical SSH client for use on any OS. Security is important. Any other recommendations from the web-graphics crue? Has anyone else's internet or computer security been compromised? I am extremely concerned with security, but have also fallen victim to a hack (albeit a cheesy and easily discoverable/fixable one). This might be appropriate for a post...

Quote this comment

Scotty The Body Posted…

I DO have some tips. Assuming the following audience: home user, updating or managing web sites, extensive web surfing, broadband connection (with or without home router/firewall). ramble

• Strong passwords-- as Evan wrote above. Make your passwords unguessable and uncrackable and change them frequently. A good policy rule: password consists of at least 8 characters and mixes upper-case, lower case and special characters. Bad password: beergood. Good password 5h!o0b3
• Run a home firewall. -- regardless of the OS you're using, it is vulnerable to attack. A firewall can minimize this. I recommend ZoneAlarm for Windows users. Even though my router has a firewall in it, I still run this one every node of my network. Running Windows is like having unprotected sex. I've received viral infections from banner ads. All it takes is one uninformed click or acknowledging a popped-up "OK" button to install spyware and/or a virus on your PC. ZoneALarm Pro can help block this, as can turning off certain security features in IE.
• Do not send unencrypted passwords -- never telnet or FTP to your web host. Instead, use SSH/SCP, which encrypts the passwords (and data).
• Do not open attachments -- this is the most important one. DO NOT use an email client that allows for "web preview" (such as Outlook Express). Read your mail online (via web mail), or use a client that allows for you to display your mail as plain text. Spammers and viruses can easily take advantage of web preview functionality by either serving up tracking images (which verify your address for more spam) or embedding malicious scripts. Read this and this about some of my experiences with this.
• Turn off unnecessary services -- regardless of OS, you're probably running a bunch of stuff that is both non-essential and exploitable. In OS X, you probably have a ton of extra daemons hanging out and turned on the web servers out of curiousity and the like. In Windows, you'll have innumerable extra bits hanging out there. Do some Google searching on how to lock these down.
• Be careful -- do not provide your personal information over the net to companies and/or individuls who request it UNLESS you are certain of their need for it and you are also certain of the security surrounding the transfer. Also, open a Hotmail or Yahoo account and use that address if you decide you want to enter contests or register on websites. This is more for privacy and spam avoidance than security, but you never know what directions this fickle environment will lead us into.
• Run a spyware removal utility -- some anti-virus software has this capability, or download Ad-Aware.
• Run anti-virus software -- this is pretty self-explanatory, but I find it absolutely essential.
• Educate yourself -- It seems like an inscrutable mass of messy knowledge when one starts reading about personal computer security, but try to keep at least one eye on it from time to time. Being a savy user is no guarantee that you'll avoid the terror, but it helps. I shudder to think what my mother's computer would look like if she were on broadband. Even I, as an IT professional, have fallen victim to numerous viruses, spammers and even hacks. In almost every case, it was because I did something I knew I shouldn't do and ignored my better judgement or was just ignorant to the facts.

/ramble

Quote this comment

Glen Isham Posted…

I have just discovered that my password for Yahoo mail has been given out to another major company. I have received an e-mail letter from them on yahoo, using my yahoo password. I am PISSED! and am comptemplating a lawsuit. This totally wrong!

Quote this comment

Cee Posted…

Please put your comments in paragraph tags, no auto-line-breaking anymore.

That is WAY good advice from Scotty. No one wants to put the time or trouble in to make their Pc's safe...and it affects us all. You don't think so? If you let your PC be compromised and then email me...what happens? I get so sick of people that say "I don't have anything to hide"....Well, what about your SS# if you do your taxes on here, or banking? People are so lame because they're really just VERY lazy or ignorant.