[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-disclosure] Yahoo security give blogger the thumbs up
- To: full-disclosure@xxxxxxxxxxxxxxxxx
- Subject: [Full-disclosure] Yahoo security give blogger the thumbs up
- From: SO SECURITY RESEARCH INSTITUTE <system_outage@xxxxxxxxx>
- Date: Sun, 12 Mar 2006 08:41:18 -0800 (PST)
Dear All,
Do you, uh, Yahoo?
It appears no action will be taken against a Yahoo employee who disclosed
confidential corporate side security information (with screenshots) to his
weblog. This obviously gives the green light for anyone at Yahoo to do the same
in the future. Why have a Yahoo policy if its not going to be inforced?
Regardless of the security value of the blog entry, a clear breach of the
confidentiality agreement between Yahoo and ADP has been made. Yahoo's response
was "Jeremy is Jeremy, he can blog about anything he wants." Making it sound
like if you're a celebrity Yahoo blogger then you can walk all over company
policy. ADP were unavailable for comment at time of this message being
submitted to Full-Disclosure mailing list. http://tinyurl.com/plqt3
SO SECURITY
Beyond The Human Firewall Research
---------------------------------
Yahoo! Mail
Use Photomail to share photos without annoying attachments._______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/