{"id":2691,"date":"2013-06-21T12:09:53","date_gmt":"2013-06-21T16:09:53","guid":{"rendered":"http:\/\/blog.nccomputertech.com\/?p=2691"},"modified":"2013-06-21T12:09:53","modified_gmt":"2013-06-21T16:09:53","slug":"yahoo-tells-security-critics-to-chillax-regarding-its-email-recycling-program","status":"publish","type":"post","link":"https:\/\/nccomputertech.com\/techtalk\/2013\/06\/21\/yahoo-tells-security-critics-to-chillax-regarding-its-email-recycling-program\/","title":{"rendered":"Yahoo tells security critics to chillax regarding its email recycling program"},"content":{"rendered":"

\"\"<\/a><\/p>\n

So much for trying to be nice. Yahoo\u2019s latest bid to lift itself from the tech also-ran swamp with an email recycling initiative has been criticized for potential security threats to dormant users. To try and calm down the pitchfork-wielding crowd, the company has released a statement describing various security measures that will be taken to insure past users\u2019 data and security\u2014but they may not cover all the bases.
\nHow safe are old users?
\nA June 12 tumblr post unveiled Yahoo\u2019s plan to make available inactive, but succinctly-named Yahoo accounts. The company holds nearly two decades worth of accounts and their associated emails. Over the years, many of these users have moved on from the ecosystem forcing newer, active users to settle for an unintelligible email address like albert9330399@yahoo.com as opposed to albert@yahoo.com.
\nThe primary concern is that with a little research into dormant Yahoo accounts, crafty identity thieves could use associated email addresses to access bank accounts, social media, and other online portals.
\nThe threat of that isn\u2019t off base. For example, I signed into Yahoo Groups and joined a group dedicated to Janet Jackson\u2019s 2004 Super Bowl appearance. Oddly enough, the group (built around the event that took place in George W. Bush\u2019s first term!) features posts as recently as a month ago, though all the newer posts appear to be spam bots. However, Yahoo offers an \u201coldest\u201d function in their posts that automatically took me back to a number of original and peopled posts from 2004.
\nYahoo GroupIt’s not hard to find possibly abandoned Yahoo accounts attached to real people.
\nGoing back in time nine years, I was able to find a bounty what appears to be genuine users full real name along with their Yahoo email handle\u2014or at least a handle for some other email address. Within this glut of information are surely some genuine Yahoo address handles along with a user\u2019s full name.
\nPlaying the numbers game, a would-be identity thief would be able to have their pick of retired Yahoo accounts along with the associated person\u2019s real name and use that information to access online information.
\nAccording to Wired\u2019s Matt Honan, Yahoo has responded the concerns with the following statement:
\nOur goal with reclaiming inactive Yahoo! IDs is to free-up desirable namespace for our users. We\u2019re committed and confident in our ability to do this in a way that\u2019s safe, secure and protects our users\u2019 data. It\u2019s important to note that the vast majority of these inactive Yahoo! IDs don\u2019t have a mailbox associated with them. Any personal data and private content associated with these accounts will be deleted and will not be accessible to the new account holder.
\nTo ensure that these accounts are recycled safely and securely, we\u2019re doing several things. We will have a 30-day period between deactivation and before we recycle these IDs for new users. During this time, we\u2019ll send bounce back emails alerting senders that the deactivated account no longer exists. We will also unsubscribe these accounts from commercial emails such as newsletters and email alerts, among others. Upon deactivation, we will send notification for these potentially recycled accounts to merchants, e-commerce sites, financial institutions, social networks, email providers and other online properties.
\nThe most important part of the statement is the notification of merchants, e-commerce sites, financial institutions, social networks, email providers and other online properties, which will hopefully help lax users remain secure. Hopefully the various online entities will act quickly to avoid any unwanted access.
\nProtect your ghost accounts
\nYahoo\u2019s recycling plan will free-up IDs that have been inactive for the past 12 months. Current users will be able to apply for newly-freed Yahoo ID beginning in mid-July, and they will find out which accounts they were able to by mid-August.
\nIf you wish to keep your Yahoo address, simply log-in to any Yahoo property before July 15 and your account will be spared from the recycling program. If you can remember your old Yahoo account, it may be worth it to log-in to that Flickr account you haven\u2019t touched in five years. Just to be on the safe side.
\nvia Yahoo tells security critics to chillax regarding its email recycling program | TechHive<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"

So much for trying to be nice. Yahoo\u2019s latest bid to lift itself from the tech also-ran swamp with an […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_feature_clip_id":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false},"categories":[6,7,8],"tags":[323,894,1265],"class_list":["post-2691","post","type-post","status-publish","format-standard","hentry","category-networking","category-security","category-social-media","tag-email","tag-recycling-program","tag-yahoo"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/papNkV-Hp","jetpack-related-posts":[{"id":9031,"url":"https:\/\/nccomputertech.com\/techtalk\/2016\/09\/24\/heres-what-you-should-know-and-do-about-the-yahoo-breach\/","url_meta":{"origin":2691,"position":0},"title":"Here’s what you should know, and do, about the Yahoo breach","author":"NCCT","date":"September 24, 2016","format":false,"excerpt":"By Lucian Constantin | IDG News Service | PCWorld Yahoo\u2019s announcement that state-sponsored hackers have stolen the details of at least 500 million accounts shocks both through scale\u2014it\u2019s the largest data breach ever\u2014and the potential security implications for users. That\u2019s because Yahoo, unlike MySpace, LinkedIn and other online services that\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":6015,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/07\/16\/yahoo-scoops-up-rayv-to-improve-its-video-streaming-technology\/","url_meta":{"origin":2691,"position":1},"title":"Yahoo scoops up RayV to improve its video streaming technology","author":"NCCT","date":"July 16, 2014","format":false,"excerpt":"Looking to enhance its video streaming capabilities, Yahoo on Friday announced that it has acquired RayV, a video broadcasting firm that enables improved high quality streaming for online and mobile content partners. Financial details of the deal weren't disclosed. \"The RayV team shares our passion for innovation and commitment to\u2026","rel":"","context":"In "Software"","block_context":{"text":"Software","link":"https:\/\/nccomputertech.com\/techtalk\/category\/software\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/I5jCAdtfbSI\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":2971,"url":"https:\/\/nccomputertech.com\/techtalk\/2013\/07\/17\/tumblr-tells-users-to-change-passwords-patches-security-hole-in-ios-apps\/","url_meta":{"origin":2691,"position":2},"title":"Tumblr tells users to change passwords, patches security hole in iOS apps","author":"NCCT","date":"July 17, 2013","format":false,"excerpt":"Tumblr, the blogging site recently acquired by Yahoo, has released a security update for its iPhone and iPad apps that it said addresses an issue that allowed passwords to be compromised in certain circumstances. Users of the apps have been advised to update their passwords on Tumblr as there is\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":9246,"url":"https:\/\/nccomputertech.com\/techtalk\/2017\/10\/08\/this-week-in-tech-635-benjis-bag-of-dongles\/","url_meta":{"origin":2691,"position":3},"title":"This Week in Tech 635: Benji’s Bag of Dongles","author":"NCCT","date":"October 8, 2017","format":false,"excerpt":"https:\/\/youtu.be\/MUI010ec8P4 The guy who created the like button now says it's dangerously addictive. Facebook Chief Security Officer Alex Stamos says press doesn't understand how hard it is to prevent voter manipulation. Yahoo admits that hack perpetrated under Yahoo Chief Security Officer Alex Stamos impacted all 3 billion Yahoo users. Google\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/MUI010ec8P4\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":5958,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/07\/10\/crypto-certificates-impersonating-google-and-yahoo-pose-threat-to-windows-users\/","url_meta":{"origin":2691,"position":4},"title":"Crypto certificates impersonating Google and Yahoo pose threat to Windows users","author":"NCCT","date":"July 10, 2014","format":false,"excerpt":"People using Internet Explorer and possibly other Windows applications could be at risk of attacks that abuse counterfeit encryption certificates recently discovered masquerading as legitimate credentials for Google, Yahoo, and possibly an unlimited number of other Internet properties. A blog post published Tuesday by Google security engineer Adam Langley said\u2026","rel":"","context":"In "Microsoft"","block_context":{"text":"Microsoft","link":"https:\/\/nccomputertech.com\/techtalk\/category\/microsoft\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2014\/07\/disguise-kit-640x728.jpg?resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2014\/07\/disguise-kit-640x728.jpg?resize=350%2C200 1x, https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2014\/07\/disguise-kit-640x728.jpg?resize=525%2C300 1.5x"},"classes":[]},{"id":7648,"url":"https:\/\/nccomputertech.com\/techtalk\/2015\/02\/26\/chrome-security-update-warns-against-sneaky-software-downloads-as-well-as-malware\/","url_meta":{"origin":2691,"position":5},"title":"Chrome security update warns against sneaky software downloads as well as malware","author":"NCCT","date":"February 26, 2015","format":false,"excerpt":"Google is adding a new warning to Chrome in its continuing efforts to protect users from harmful actors on the web. The new red flag for Google\u2019s browser warns you when you\u2019re about to visit a site that encourages users to download harmful and unwanted software. Chrome isn\u2019t the only\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/2691","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/comments?post=2691"}],"version-history":[{"count":0,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/2691\/revisions"}],"wp:attachment":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/media?parent=2691"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/categories?post=2691"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/tags?post=2691"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}