Yahoo Ignoring Its Own Security Flaws


In light of the Heartbleed story, I felt that we needed a post here about the inherent dangers of Yahoo’s new redesign. Not counting all the other issues, the new redesign is a security risk all by itself, full of numerous problems that can easily be exploited.

Yahoo is not a safe environment, and even patching Heartbleed and using encrypting won’t fix all their problems. They have caused so many issues in their Groups and Mail services with their new “improved” redesign that they are broken and unsafe.

Without any ability to regulate them, spammers can overrun us because we can’t see what we are approving and sometimes it appears to be blank when approving.

Embedded images aren’t shown either, and “reject with a reply” sometimes goes to the entire group instead of privately.  See here.

Near the beginning of the NEO changeover, private information in Freecycle Groups was mistakenly going public and was displayed to 18,000 users.  Although it was supposedly fixed, trust was broken, and most Freecycle groups have long since left.

The system breaks and hangs; things don’t work. They threw us in this “test” with no warning in August of 2013 and have not ever publicly acknowledged that Group members still have these  problems.

From the Yahoo Uservoice Feedback Forum
1,633 votes

After filing an incident report (130824-020762) with your so called Customer Care, I have come to the conclusion that you really couldn’t care any less. “You are part of a test group and cannot be removed” is not an adequate response nor helpful in any way. I not only don’t appreciate the Yahoo attitude, as far as I’ concerned you can keep it. I will start my groups over in Google Groups and leave Yahoo and it’s advertisers to their own demise.


It’s now been 8 months and yet we are still stuck in this broken, buggy, unstable mess. Yahoo needs to man-up and admit their new interface is a failure and no amount of encrypting or securing will make it function correctly. It doesn’t even function on the mobile devices it was designed for!

We’ve been hacked.

Attacked with ads that were inappropriate or with malware.

Suffered severe mail outages that also affected Group Mail, and and Yahoo Customer Care has been little or no help.

Suffered loss of moderator controls and features and had many other issues:

And nothing has been done to fix it. Yahoo figures no one will care about us; we’re just “Groups” users who don’t matter. Mail users got an admission of failure, an adjustment on a feature, and an apology. We got nothing. Once loyal longtime users of Yahoo, we were simply disregarded.

So we are once again in the fight of our lives against Yahoo’s new “improvements” because the new format called NEO has been a disaster from day one that has impacted and changed many thousands of users’ lives forever.

The secret Yahoo doesn’t want you to know? Yahoo’s new “upgrades” DO NOT WORK. They are broken, buggy, dysfunctional, have security issues, and worse, they cause physical harm to the elderly and disabled. We’ve had enough; it’s been long enough, and something needs to be done NOW!

Meanwhile, they are trying to hide their failure. In fact, instead of properly evaluating feedback that we’ve been providing in their Feedback Forum, now Yahoo is DELETING it!  Fortunately, I had already archived a lot of it.

This is now day #220 of our Crusade, and we are still going strong. We need to get our story in the press, like mail did, in order to bring public opinion to the table and hopefully force Yahoo to roll back this disaster of an “improvement” and return us to the classic format that we all knew and loved, that was secure and user friendly, and that WORKED.

But if nothing else, even if we fail and can’t get them to return to Classic, my group and another group of 3,000+ teenagers and twenty-somethings who have joined forces with me are determined to hold Yahoo accountable for what they have done in the public eye, if nowhere else. We are going to bring their treatment of loyal users to the light of day, one way or another, and you can help us do that!

Please read this and consider helping by putting our Crusade Site URL and our fight in the press.


Nightowl >8#


One thought on “Yahoo Ignoring Its Own Security Flaws

  1. Yahoo was ‘fixed’ for some other reason or purpose, as none of the issues that existed in October 2013 were addressed.

    With the loss of advertisers and advertising revenue, apparently someone is making the top people stick with a system that doesn’t work for us.

    To maintain this, it has to be profitable for someone else, and those who are profiting from this apparently can’t be named.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s