[Full-disclosure] Black clouds over Sunnyvale go unchecked



yahoo hackers unite. yahoo is slowly but surely being taken over by a
bad element of yahoo employee. these employees are hired by each other
and fast tracked into sunnyvale. people say folks are vetted before
they are employed, although you can never have a check for social
background, the only checks possible are for criminal records. yahoo
employee hackers don't have criminal records, they are highly
interlligent folks, who have studied for years at universities. in
real life its easier to define a criminal, but when we're talking
about international hackers, there is no rule, there are no road
signs. what is needed is intelligence on the bad guys from a social
point of view. it is all very well using interviewing techniques, but
with that, your intelligence gathered at a job interview is only as
good as the would-be employee wants you to know.
you cannot save yourself from hackers getting into yahoo. once a
hacker is in yahoo, its very easy to gain the trust of co-workers.
once given a job, it would take a hell of a lot of evidence to unstick
them, and have grounds to fire them. i have intelligence on a social
level of someone who is a blackhat, every attempt to tip off yahoo and
make them convinced has failed, and you know what the worrying thing
is, this guy has hosted interviews and has successfully hired more
hackers. there is also intelligence that he wants in the long run to
hire more folks from a blackhat social background. i instant messaged
and have been e-mailing yahoo core security team for a sustained
period over the issue of the particular employee, who so far has
managed to divert attention from his activities by claiming everything
is false being made against him. a bunch of losers with a grudge,
bored kids, you know, any excuse the yahoo employee can think of to
keep his reputation clean. although this guy tipped off a blackhat
hacker that his im conversations were being monitored and this stopped
further intelligence gathering techniques being used on the blackhat
the yahoo employee tipped off. this tip-off wasn't a hear-say, there
was actual proof he tipped off a blackhat being monitored. yahoo say
for their security slogan "yahoo takes security very seriously",
though when its a threat from within, the yahoo employee is protected
by his other evil blackhat friends from within the security team. to
the whitehats of yahoo, they don't even know theres a blackhat
movement going on within yahoo's work force, even though for a long
time i've been trying to convince yahoo security team that the threat
is real, and data is leaving sunnyvale and being sent to third party
contacts. this yahoo employee was originally fast tracked into yahoo
by another blackhat. since that time, the spawning of more blackhat
insiders has been continuing. eventually yahoo will have an army of
blackhat insiders letting third party contacts know exactly whats
going on. its not to say theres no money in it, often top level google
employees offer folks money for yahoo corporate data and the likes,
and of course, if the price is right then who is going to say no?

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



Relevant Pages