aksansai - Slashdot User

Security Flaw In Yahoo Mail Exposes Plaintext Authentication Info 66

Posted by Soulskill on Saturday September 27, 2008 @11:16AM from the who-needs-encryption-anyway dept.

holdenkarau writes "Yahoo!'s acquisition of open source mail client Zimbra has apparently brought some baggage to the mail team. The new Yahoo! desktop program transmits the authentication information in plain text. The flaw was discovered during a Yahoo 'hacku' Day at the University of Waterloo (the only Canadian school part of the trip). Compared to the recent news about Gmail exposing the names associated with accounts, this seems downright scary. So, if you have friends or relatives who might have installed Yahoo! desktop and value their e-mail accounts, now would be a good time to get them to change the password and switch back to the web interface."

US Senate Passes PRO-IP Act 212

Posted by Soulskill on Saturday September 27, 2008 @08:10AM from the ruh-roh-shaggy dept.

I Don't Believe in Imaginary Property writes "The Senate has passed the PRO-IP Act. While they stripped out the provision to have the DoJ act as copyright cops, it still contains increased penalties for infringement, civil forfeiture provisions, and creates an 'IP czar' to coordinate enforcement. Even though the civil forfeiture provisions are ostensibly intended for use against commercial piracy outfits, history indicates that they will probably get used against individuals at some point. Worse, because they left out the only part of the bill that Bush threatened to veto, it is expected to pass. It is going back to the House where they're expected to pass it on Saturday, after which the President will probably sign it. So, if you want to contact your representative, hurry." An anonymous reader notes that DefectiveByDesign.Org is mobilizing to fight this legislation. The Senate vote was unanimous. We've been following the progress of this bill for quite some time.

Slashdot Top Deals