Tag Archives: Web

Value your identity? Stay away from Yahoo!

Three of my friends had their Facebook account hacked in a span of a month.  How?  Their Yahoo! Mail was hacked.  They all associated their Facebook accounts with their yahoo mail.  My girlfriend is one of them.  I’ve told her many times to avoid using yahoo for anything that she values – e.g. social networking, credit transactions, etc.  Now I don’t have to say “told you so…” for her to learn from that mistake.

I’ve known for a long time that Yahoo is easily hackable.  Heck I can’t even believe that it is TOO EASY! If you have a hacked yahoo account and wanted to purge it of anything – you’d be out of luck.  I tried recovering my girlfriend’s yahoo account thru the same process a hacker can get hold of it.  Go to a Yahoo portal, click ‘Forgot Password’ or ‘Can’t access my account’ and you’re good to go.  That’s how easy it is.  You can just change the password with the steps provided in Yahoo!

Obviously it isn’t good enough to just recover the account and change its password.  I tried deleting her account thru Yahoo’s Delete steps shown here.  So I thought she’s in the clear from the hacker recovering access to her Yahoo account.  Guess what?! After you delete your account Yahoo! shows you this page.

Obviously a hacker can still recover your account within 90-days! What an idiot for Yahoo! to allow such FEATURE!

Obviously a hacker can still recover your account within 90-days! What an idiot for Yahoo! to allow such FEATURE!

I tried logging in with my girlfriend’s account with the wrong password.  And guess again! It doesn’t even make sure that I typed in the password it just asks me to verify if I want to re-active it and voila! I can open it again.  I still have 90-days to RE-ACTIVATE it as what Yahoo! says anyway.  A hacker can practically take over as long as he/she wants if needed…but for the real owner, you’d have no choice but to just wish hard the hacker won’t do more damage than what they already know – limited or not!

So for anyone using Yahoo! keep it for fancy un-important stuff.  Make sure you don’t keep confidential information in it.  I have a Yahoo! account but only for messenger – but I barely use it for important stuff anyway.  You’ve been warned!

P.S. Gmail is rock-solid in recovering passwords and even deleting accounts when the user decides to.  I just created a user in gmail to test it out.  The password recovery facility is so tight you can only recover it through a secondary email.  Deleting a google account will delete it instantly.  I can’t recover it in any way.


Loosely Connected

Whoa! It seems like I’ve been out for almost a month. Internet connectivity had been unpredictable for me. Not to mention the last few weeks had been crazy filled with unplanned business trips and the holiday rush. I basically have not enough time to write reviews that I promised. Today, however, is different.

I’ve finally convinced my fellow roommates to get ourselves a dedicated broadband service. We’ve been secretly hooking up on occassional spills of a free wifi SSID at home – thank you neighbor! According to the service brochure it can deliver best effort of 2MBps upload/download speed at RM60/month. That got me excited for such an inexpensive service. Sure enough, we got hooked up today and ran speedtest immediately.

Amazing results!

Running speedtest on a KL server does show a whooping 2MBps download speed and an unbelievable 40+MBps upload speed. It’s too good to be true until I tried hitting my bookmarked sites. All of them seemed a little sluggish. I ran speedtest again on several US and UK sites and saw the difference in bandwidth.


I spoke too soon 😦

I called tech support and true enough he confirmed that the backbone is 2MBps within the Malaysian grid but the ADSL has a bottleneck connecting to international sites. Ironic but I appreciate the support staff for being honest. As ADSL is a shared service the bandwidth availability for each node will be unpredictable. If I’d only access local servers I’d get the fast speed. I don’t know how localized but I’ve read from forum sites that Chinese torrent trackers give better feeds so I would assume the SEA grid only.

I wouldn’t know if other ISPs have different backbone infrastructure but I think I’d settle for this service. I’ve heard mixed reviews of other ISPs like Izzi, Maxis and Streamyx. The first two are 3G based which is unreliable. Streamyx requires additional documents that involves our landlord – which is a hassle for such a temporary service (1 year). All of them also requires a large sum of security deposit required for foreigners that would get 1-3 months processing to refund at termination – I won’t be here by then if my VISA expires or move out. It tells me a lot on what life is for expatriates and I’d have to get used to it. It’s part of getting acquainted with foreign laws and policies.