Tag: Crimes

Last week I criticized Yahoo for their insecure password recovery mechanism that allowed an intruder to take control of Sarah Palin’s email account. Several readers asked me the obvious follow-up question: What should Yahoo have done instead? Before we discuss alternatives, let’s take a minute to appreciate the delicate balance involved in designing a password…

This week’s breach of Sarah Palin’s Yahoo Mail account has been much discussed. One aspect that has gotten less attention is how the breach occurred, and what it tells us about security and online behavior. (My understanding of the facts is based on press stories, and on reading a forum post written by somebody claiming…