back to article Byrne's naked shorting crusade outs Yahoo! security vuln

Patrick Byrne's unrelenting crusade against naked short selling has uncovered a gaping security hole in Yahoo!'s ever-popular message boards. Yahoo! has now patched the cross-site scripting bug - which allowed miscreants to snatch Yahoo! IDs, cookies, and IP addresses from users merely searching the message boards - but not …

COMMENTS

This topic is closed for new posts.
Silver badge
Pint

So what's really behind this?

Did Patrick Byrne take a piss in Gary Weiss's Wheaties when they were in school? What makes a man of otherwise ordinary intelligence, decide to make their life's crusade something as stupid as waging war on someone from behind so many aliases?

As why - since Byrne's accusations appear to be extraordinarily well doumented - does Wikipedia appear to be so damn tolerant of this sort of thing?

Is this really all there is to Life?

Luckily - no ... mine's a Long Hammer IPA since you asked...

1
0
Heart

Hands up

Everyone who thought of David Byrne, naked, say "Aye!"

0
0
Boffin

@Version 1.0

I think the answer is obvious - Byrne wants to expose and take away the mechanism by which a lot of Wall St money is made (illegally and/or immorally), and Weiss is a profiteer of that mechanism, and/or has many friends which are. His involvement in Portfolio.com, and the IP address of the computer used to manipulate Wikipedia being in a Wall St insitution support that view. If I remember, Overstock.com was the victim of such an attack itself, which lead to Byrne's activisim and relentness pursuit of Wall St short-sellers. I always liked Overstock.com, it was an early online pioneer of good values, good customer service, and such.

For the record, this is PRECISELY where Chicago University "efficient market" economic theories of free capitalist markets fall down - when there is an ability to game the system. Not that I've been reading my Krugman recently...lol.

1
0
Alien

@ Version 1.0 and Robert Hill

Actually the reason is even simpler - They (the shorter) were costing Byrne money. Case in point

"Byrne's campaign came to a head in February 2007 when Overstock.com filed a $3.48bn lawsuit against 12 New York brokerage firms, alleging a "massive, illegal stock market manipulation scheme." The case is still pending."

Nothing pisses off a billionaire when he gets fleeced for a few billion - especially when it is done in a way that is illegal.

1
0
Megaphone

saga

it was very nice to read someoneelse's pithy summary of an awfully lengthy saga and find that we pretty much agree on the interpretation. mmm. (click here for 200-page report! - Not.)

0
0
WTF?

Exploiting exploits

Uncovering a security hole is laudable but uncovering a hole, exploiting the hole for you own devices and only then identifying the hole is illegal hacking.

0
0
Thumb Up

Judd Bagley is a genius

I'm sure glad Judd Bagley is on my side, serving on the board of directors of the non-profit Internet Review Corporation (publisher of Akahele.org), and not working against me. Dang, what that guy can do with simple hacks!

1
0
Silver badge
Grenade

The Virtual Market Space is Just Teaming and Teeming with New Life.*

"and in the wake of last fall's spectacular Wall Street collapse, so many other voices - including Lehman Brothers CEO Richard Fuld - have acknowledged that naked shorting at least played a part."

Selling hot air is never ever going to be cool and always ends up with burns and injury .... aka Stupid Pain.

And what if Phantom Stock listings on the Markets [with the Imagined Reality of GHostly Worth for Currency Exchange and Creation] hide One Major Player, Hosting the Great Media Player Game rather than being Thought of as a Motley Crew of Preening Individual Pirates and Bedevilled Incorrigible Rogues into Business and Banking?

Would that be a Rare Engaging Opportunity for AI Change to Computer Systemic Processing of Intelligent InfraStructures in Artificial Architectures ..... Virtual World Order ProgramMING for Smart and Chaotic Phormations/Imaginanations.

* A Naked Short Sell or a Covered Long Term Sure House Bet ? :-)

0
0
WTF?

Hacker?

So Judd Bagley is freely admitting that he's been hacking, illegally? As much as I agree with their cause, his actions are not going to help their point.

0
0
Coat

It is Too Late!

@Robert Hill:

Wall Street has evolved: Now all any Wall Street institution has to do to meet their bonus objective is to call up the FED and threaten insolvency if more money is not forthcoming; accounting rules too hard on the bottom line or whatever. Like those annoying children throwing a tantrum next to the sweet shelves in the supermarket. Like the typical loser parents do, Obama and Bernanke will get the candy to stop the whining - even though they have to steal to pay for it!

0
0
Welcome

@ Ian Ferguson - 'Hacker'

Yup, it sure sounds like something the Repuglicans did here a decade ago- they hacked into Ted Kennedy's Email account as I remember, and watched Democratic strategy in the US Senate, and came up with ways to thwart them for upwards of two years. No charges out of that either. The Repuglicans love to use tactics like this to their advantage, and always cry foul when it's their ox being de-balled.

If Bagley used this 'tool' to put the screws to a jerk like Gary Weiss, then all the more power to him, and Gary needs to STFU, and lay by his dish. Otherwise, Madoff will end up with some fellow GOPers he can play chess with, during the afternoon exercise time in the yard...

1
0
FAIL

Legal implications?

@Ian Ferguson: I too was surprised by the sympathetic tone of the article, and the total omission of any reference to the legal implications of Bagley's hacking.

@David Stever: Which GOPers do you mean? Bagley and Byrne are both Republicans.

0
0
Thumb Down

Glad I'm not the only one

I was also disturbed by the approving tone of the article, the failure to report or even mention legal implications, and the sheer sleaziness reported here.

The headline says that Byrne's crusade "outed" a Yahoo security flaw but that's not quite what happened. Byrne's crusade "exploited" that flaw, and that's a crucial difference.

I would expect that an honest, ethical etailer would promptly report such a flaw to Yahoo. Instead, an employee of the CEO utilized the flaw in his crusade. Yahoo only became aware of the flaw when contacted by the Register. That is startling in itself, and suggests that Byrne is not taken as seriously by his victims as he might prefer.

The Register clearly is sympathetic to Byrne on the naked shorting issue and that's its privilege. But to condone tactics such as this is seriously off-putting.

0
0
Alert

A few clarifications

As the subject of the article, I think I'm in a position to clear things up for some of the above commenters.

@Ian Ferguson: I've not done any "hacking". The security expert quoted in the article mentioned some of the extreme ways in which this exploit could be used, but my use was limited to pairing of usernames and IP addresses for a very small number of individuals. This may or may not resolve your concerns, but I should add that in my opinion, the target of my efforts is engaged in an effort to cover up a serious crime, and I in an effort to expose him for doing as much.

@Dan Davis: I am not affiliated with a political party and Patrick Byrne is Libertarian. I've worked for candidates of both major parties. I don't think it's accurate to classify either Byrne or myself as strictly Republican or Democrat.

@Ben Colman: I don't work for Overstock.com. Furthermore, I don't feel particularly obligated to help Yahoo's army of developers identify security flaws while the company seems happy to allow its message boards to be used and abused by short selling stock manipulators as a forum for spreading libel and disinformation against targeted public companies.

1
0
This topic is closed for new posts.

Forums