Items tagged security, yahoo
Filters: security × yahoo ×
Yahoo! yesterday launched their new development platform for My Yahoo! and Yahoo! Mail, which uses Caja to protect users from malicious gadgets. This means Caja suddenly got 275,000,000 users. Wow! I guess this makes Caja the most widely used capability language ever.
— Ben Laurie # 16th December 2008, 4:33 pm
Yahoo, Caja, OpenSocial. Yahoo!’s new application platform uses OpenSocial, and protects itself from malicious JavaScript using Google’s Caja secure JavaScript engine. I hadn’t realised that Caja was ready for production use—this is excellent news. # 30th October 2008, 5:14 pm
Yahoo could also have followed Gmail’s lead, and disabled the security-question mechanism unless no logged-in user had accessed the account for five days. This clever trick prevents password “recovery” when there is evidence that somebody who knows the password is actively using the account.
— Ed Felten # 22nd September 2008, 4:21 pm
Google wants your Hotmail, Yahoo and AOL contacts. And they’re using the password anti-pattern to get them! Despite both Yahoo! and Hotmail (and Google themselves; not sure about AOL) offering a safe, OAuth-style API for retrieving contacts without asking for a password. This HAS to be a communications failure somewhere within Google. Big internet companies stand to lose the most from widespread abuse of the anti-pattern, because they’re the ones most likely to be targetted by phishers. Shameful. # 15th September 2008, 10:39 am
Yahoo! Address Book API Delivered. At last, now there’s no excuse to ask your users for their Yahoo! username and password just so you can scrape their address book. # 4th June 2008, 6:03 pm
openid.yahoo.com. Yahoo!’s human readable guide to OpenID, complete with tour. It looks like they’re relying on the “sign-in seal” to protect against phishing. # 17th January 2008, 2:35 pm
Top XSS exploits by PageRank. Yahoo!, MSN, Google, YouTube, MySpace, FaceBook all feature. # 29th May 2007, 10:07 pm