[AxisOfEasy] Yahoo: Still Datamining Your Email For Fun And Profit


Weekly Axis Of Easy #64


This week’s quote:  “Out on the edge you see all kinds of things you can’t see from the center. Big undreamed-of things — the people on the edge see them first. “  by ????

Last Week’s Quote was “An entirely new and unique and dense sort of ignorance will be manufactured by a combination of censorship of the Press and censorship by the Press.” – despite multiple guesses at Noam Chomsky, it was G.K Chesterton, with J Mark Robinson getting there first.

THE RULES: No searching up the answer, must be posted in the comments below…

The Prize: First person to post get their next domain or hosting renewal is on us.


In this issue:
  • Yahoo still selling insights derived from data-mining your email to third-parties
  • Another Apache Struts flaw requires immediate patching 
  • Germany calls for payment system separate from US based networks
  • The danger of expired domain names
  • Google partnership with MasterCard tracks 70%of all purchases
  • Amazon employing Twitter bots to astroturf working conditions
  • Escape from the BUMMER machine
  • Ethereum Name Service (ENS) integration for .XYZ domains now live

Yahoo still selling insights derived from data-mining your email to third-parties

In a Wall Street Journal article that calls the practice “against the grain of the industry”, details emerged that Yahoo is still scanning user emails and deriving insights from them which they then sell to advertisers and marketers. Yahoo’s parent company, Oath – which is the content division of Verizon that bought Yahoo and Aol for a fraction of their former value, is in talks with advertisers to provide a service of scanning 200 million user email boxes for consumer insights. Apparently users would have the ability to opt-out (probably requiring a retinal scan on page 600 of the terms of service which can only be accessed in person and after providing photo id).

I have two reactions to this: First it may be “against the grain of the industry” …for now, but don’t think for a second that when Google, or Hotmail or any other behemoth’s fortunes change or the public scrutiny around privacy drifts away, they won’t resort to similar tactics in the future. It’s what they do.

And second, if you’re actually using yahoo email for personal (read: private), or business communications, you’re nuts. Especially since you probably have access to easyMail which is bundled with most domain packages here anyway. We categorically, absolutely do not and will not datamine your email.

The original article is behind a WSJ paywall, but it’s been covered elsewhere.

Read: https://www.theverge.com/platform/amp/2018/8/28/17792522/yahoo-mail-email-scan-data-advertisers-opt-out

Another Apache Struts flaw requires immediate patching

There’s another bug in Apache Struts, the open source framework for developing Java apps. Remember the time Equifax got hacked and all your personal credit history got breached and sold over the dark web? That was a bug in Apache Struts. So if you’re using this in your development environment and you’d rather not become known as the next Equifax, get going on those patches.

Germany calls for payment system separate from US based networks

Germany’s foreign minister, in an interview with the Financial Times has stated that Europe should create a separate monetary fund and payments system from the US-dominated IMF/Swift systems. The reason I mention this: earlier this year I came across Rohit Bhargava’s “Non-Obvious” series, where he describes his methodology for capturing and identifying trends, accompanied by his annual report on the trends he identified for the current year. I decided to start doing something similar, and one of the trends I felt I identified this year was that of “de-dollarization”, the early rumblings of the end of the current USD dominated world system. Bitcoin is a part of this, crypto-currencies are part of this, and other countries deciding maybe they should have their own payment systems and monetary funds are a part of this.

Original FT article is behind a paywall, but see: https://www.businessinsider.com/germany-wants-european-rival-to-us-backed-swift-payment-system-2018-8

The danger of expired domain names

Another reminder that letting former production domains lapse and expire may not be wise and perhaps even unsafe. Cyber-Security consultant Gabor Szathmari blogged about how one can use expired domain names to gather information and penetrate corporate systems. In “Hacking law firms with abandoned domain names”, he looked specifically at the legal profession, observing how sometimes after a merger or acquisition, a former domain name for a law firm can eventually get dropped, leading to security breaches.

Google partnership with MasterCard tracks 70%of all purchases

Bloomberg reports that “[f]or the past year, select Google advertisers have had access to a potent new tool to track whether the ads they ran online led to a sale at a physical store in the U.S. That insight came thanks in part to a stockpile of Mastercard transactions that Google paid for.” This from a deal between Google and MasterCard that gave the search engine access to a database of offline credit card transactions on 2 billion cardholders that was not disclosed to said cardholders.. Now that the deal has come to light, some experts are saying it has privacy implications. Gee, ya think?

Amazon employing Twitter bots to astroturf working conditions

Word on the street is that working in an Amazon warehouse is not a cakewalk, and occasionally over the years some critical stories emerge on how tough it can be. But on the other side of the coin, there apparently exists a small battalion of Stepford Wives (and Husbands) who aren’t robots, but almost appear to be given the uniformity of their Twitter profiles and tweets. They appear to be comprised primarily of fawning adulation of Jeff Bezos and uncompromising praise for Amazon. As Techcrunch observes, it’s a little weird, but the inevitable parody account has been suspended by Twitter. Go figure.

Escape from the BUMMER machine

In case you missed it, I mentioned Jaron Lanier’s “10 Arguments For Deleting Your Social Media Accounts Right Now” several times in these issues. I finished reading it over the summer and finally managed to post an in-depth review of it, it’s on the blog now.

Ethereum Name Service (ENS) integration for .XYZ domains now live

Also excited to announce that by the time you read this, we’ll have released a functional Ethereum Name Service (ENS) integration for .XYZ domains. This has been in testing on the ropsten test net for close to a year, the ENS / XYZ integration went live on mainnet last week and we’re happy to be the first and only ICANN domain registrar and DNS provider to provide a one-click wizard for claiming your domain via ENS.

4 thoughts on “[AxisOfEasy] Yahoo: Still Datamining Your Email For Fun And Profit

  1. More precisely, it’s Finnerty in Player Piano who tells his psychiatrist this.
    (sigh) It’s no use. I’ll never win this Axis of Easy thing. The perils of a retiree- Why can’t I get up before 11AM?
    Why? Well, as Bokonon says, “Here we are, trapped in the amber of the moment. There is no why.”

    Perhaps I should pay more attention to those peculiar travel suggestions that are dancing lessons from god. So it goes…. 😉

Leave a Reply

Your email address will not be published. Required fields are marked *