Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
Compare cell phone plans using Wirefly's innovative plan comparison tool ×
Yahoo!

Submission + - Security flaw in Yahoo mail exposes auth info

tdalek writes: After patching its plaintext authentication gaffe, Yahoo! Zimbra Desktop has fumbled the security and privacy ball once again. Yahoo! Zimbra now uses the standard authentication method used by the rest of the Yahoo! Mail family. However, unlike other implementations where invalid SSL certificates will throw up plenty of warnings for the user, Yahoo! Zimbra Desktop is trivially vulnerable to a man-in-the-middle attack, as it simply transmits the usernames & passwords regardless of who's picked up on the other side. With all of the news about DNS vulnerabilities, this seems like exceptionally poor timing for a MiTM. For the time being you may wish to switch to using the Yahoo! webmail interface, until this bug gets fixed.
Security

Submission + - Yahoo! Zimbra Desktop vulnerable to MiTM

holdenkarau writes: "After patching the its plaintext authentication gaffe, Yahoo! Zimbra desktop has hit another stumbling block in the security road. Yahoo! Zimbra now uses the standard authentication method used by the rest of the Yahoo! Mail family. However, unlike other implementations where invalid SSL certificates will throw up plenty of warnings for the user, Yahoo! Zimbra Desktop is trivially vulnerable to a man-in-the-middle attack, as it simply transmits the usernames & passwords regardless of who's picked up on the other side. With all of the news about DNS vulnerabilities, this seems like exceptionally poor timing for a MiTM. For the time being you may wish to switch to using the Yahoo! webmail interface, until this bug gets fixed."
Books

Amazon Kindle Endorsed By Oprah 197

Oprah Winfrey enthused about the Amazon Kindle on her show today — it's her "new favorite thing" — and had Jeff Bezos on to announce a $50-off offer good till Nov. 1. A plug on Oprah is ordinarily a sign that a product has crossed over into the mainstream. But her show's audience has been slipping lately, and it's unclear how many cash-strapped citizens will be willing to part with $309 (after the special offer) for a new techno-gadget, for which they then have to shell out more money for DRM-encrusted content.
Privacy

Submission + - Designing software with Privacy in mind 6

dalektcalum writes: Dr. Ann Cavoukian, Canada's Information and Privacy Commissioner, recently gave a talk entitled Privacy by Design. The talk starts of by covering the basics of privacy, and privacy law, and then moves onto the important component, how to design software that properly protects users privacy. The majourity of the time is spent on design principles, but also examines specific technologies (such as Elliptical Curve Cryptography).

Slashdot Top Deals

Backed up the system lately?

Working...