Wednesday, March 02, 2005

Hacking woes?

One of my friends says she's been harrassed by this dude who claimed that he could hack into any Yahoo! account. He claimed that he used to work for Yahoo! earlier and knows a lot of loop holes in Yahoo's systems. Today a couple of her ids (not just Yahoo) seem to be inaccessible and one of her accounts has been deleted. This guy apparently told her this morning that he had done it and then later deleted his own ids that he had used while communicating with her. What makes the jerk seem even more cheaper is that while harassing her, he was using another to talk to her like the friend she thought he was, till he taunted her today saying that he was the same person and he was the cause for her troubles..

But the point is, while she is sure he is the cause, I am wondering if what he claimed was possible at all? Is Yahoo's security that lax, that a "former employee" can do all this, or is he just using Yahoo's name in jest while being "techie" enough to hack and delete her accounts.... And is there anyway to report all this to Yahoo?

While, personally I don't have good things to say about Yahoo's customer service, I know that what I getting is made available to me free of all charges and Yahoo probably does better for its customers who pay. But Yahoo pays for our service using all those ads on the top of the page and possibly makes a decent profit too, so shouldn't we be treated slightly better than we are?

Would appreciate if someone had some tips on this issue on how to proceed.....

10 comments:

Nilu said...

Dei - vetti scene vidran da.

Even if I write a mail server program - I wont be able to do this. Yahoo! - In my opinion nscope e illa.

Anonymous said...

Exactly... Vetti Scene...
I guess your Fem Friend must have tried to access while the servers would have been slow or something..

Or the only way he could find it out, was by finding her "Secret Question" "Secret answer"..
People generally tend to be rather off-hand giving very Obvious answers for such questions....


But, logging as Administrator and changing settings.. Impossible....
(or else don't you think better hackers would have already reported this Flaw..)

Alpha
http://luvinglife.blogdrive.com

rajesh said...

Yeah..
yevano Rousu vidraan..But then Rousukae rousaa? :)

Anonymous said...

Well, cant imagine if this cud be possible... but maybe getting to know the IP address and fiddling around with it may assist in hacking... Yes / No? ;-).. but sure gives me the creeps.... God! so much of personal stuff in e-mails.... and to think that someone else is actually checking it out.... poor ur friend!... --- Latha

dev2r said...

The former Yahoo employee line is just BS. If he did somehow crack her account, it was probably because one of her email addresses was compromised.

Yahoo can close down her account if she wants but that's about all they can do. They can't change the password and give it to her, because *they* have no way of identifying *her*. If she wants to avoid this jerk, she would have to get another email address, period.

VS said...

hmmmm...
like all these better-knowing ppl have said, it cud have well been someone's attempt to flaunt his experience-gained ability, but, I can't see a reason why this should be impossible..
with all this work-from-home thing made possible, and having access to the server itself (and mind you, if you've worked for quite sometime and learnt quite a lot to disseminate stuff to new-recruits, you can get passwords of these guys pretty easily, and once u're out, ur passwd is out, but theirs are in.. and damn it, no server is really _totally_ caulked)it is always possible.
Yahoo too takes some customer surveys off and on... gud that u posted this on ur blog.. one of those mice that run thru ur blog, shd be getting a survey chance soon, and can mention this...
Man, you're getting it free, we shd be more than happy for what we're getting.. and if it cud happen with yahoo, it cud happen with google... hotmail, will anybody have a question?
VS

Anonymous said...

This is ridiculous and scary too!!!

Jagadish said...

http://help.yahoo.com/help/abuse/

passer by said...

i atleast know of one way passwords could be traced in yahoo..

u get a mail.. when u click on the link ..suddenly ur connection breaks..u r put into a yahoo like page asking u to login again.. and when u do..u have already sent ur username and password to a remote listener..

sunny days said...

What Shashi is referring to is phising>>Phising


Its very easy to send a mail to someone spoofing the sender's email address (smtp doesnt do authentication), its almost impossible to crack yahoo passwd. The administrator of yahooo etc is BS.
Only if he knew too much info abt her--bday, date of birth and the secret answer can it get compromised
since now its comprised , why care, inform everyomne of u;r new acct and broadcast it b4 the said jerk misues to start sending emails in her name.