back to article Byrne's naked shorting crusade outs Yahoo! security vuln

Patrick Byrne's unrelenting crusade against naked short selling has uncovered a gaping security hole in Yahoo!'s ever-popular message boards. Yahoo! has now patched the cross-site scripting bug - which allowed miscreants to snatch Yahoo! IDs, cookies, and IP addresses from users merely searching the message boards - but not …


This topic is closed for new posts.
  1. Version 1.0 Silver badge

    So what's really behind this?

    Did Patrick Byrne take a piss in Gary Weiss's Wheaties when they were in school? What makes a man of otherwise ordinary intelligence, decide to make their life's crusade something as stupid as waging war on someone from behind so many aliases?

    As why - since Byrne's accusations appear to be extraordinarily well doumented - does Wikipedia appear to be so damn tolerant of this sort of thing?

    Is this really all there is to Life?

    Luckily - no ... mine's a Long Hammer IPA since you asked...

  2. Aaron Gilliland

    Hands up

    Everyone who thought of David Byrne, naked, say "Aye!"

  3. Robert Hill

    @Version 1.0

    I think the answer is obvious - Byrne wants to expose and take away the mechanism by which a lot of Wall St money is made (illegally and/or immorally), and Weiss is a profiteer of that mechanism, and/or has many friends which are. His involvement in, and the IP address of the computer used to manipulate Wikipedia being in a Wall St insitution support that view. If I remember, was the victim of such an attack itself, which lead to Byrne's activisim and relentness pursuit of Wall St short-sellers. I always liked, it was an early online pioneer of good values, good customer service, and such.

    For the record, this is PRECISELY where Chicago University "efficient market" economic theories of free capitalist markets fall down - when there is an ability to game the system. Not that I've been reading my Krugman

  4. Anonymous Coward

    @ Version 1.0 and Robert Hill

    Actually the reason is even simpler - They (the shorter) were costing Byrne money. Case in point

    "Byrne's campaign came to a head in February 2007 when filed a $3.48bn lawsuit against 12 New York brokerage firms, alleging a "massive, illegal stock market manipulation scheme." The case is still pending."

    Nothing pisses off a billionaire when he gets fleeced for a few billion - especially when it is done in a way that is illegal.

  5. Anonymous Coward


    it was very nice to read someoneelse's pithy summary of an awfully lengthy saga and find that we pretty much agree on the interpretation. mmm. (click here for 200-page report! - Not.)

  6. Anonymous Coward

    Exploiting exploits

    Uncovering a security hole is laudable but uncovering a hole, exploiting the hole for you own devices and only then identifying the hole is illegal hacking.

  7. Gregory Kohs
    Thumb Up

    Judd Bagley is a genius

    I'm sure glad Judd Bagley is on my side, serving on the board of directors of the non-profit Internet Review Corporation (publisher of, and not working against me. Dang, what that guy can do with simple hacks!

  8. amanfromMars 1 Silver badge

    The Virtual Market Space is Just Teaming and Teeming with New Life.*

    "and in the wake of last fall's spectacular Wall Street collapse, so many other voices - including Lehman Brothers CEO Richard Fuld - have acknowledged that naked shorting at least played a part."

    Selling hot air is never ever going to be cool and always ends up with burns and injury .... aka Stupid Pain.

    And what if Phantom Stock listings on the Markets [with the Imagined Reality of GHostly Worth for Currency Exchange and Creation] hide One Major Player, Hosting the Great Media Player Game rather than being Thought of as a Motley Crew of Preening Individual Pirates and Bedevilled Incorrigible Rogues into Business and Banking?

    Would that be a Rare Engaging Opportunity for AI Change to Computer Systemic Processing of Intelligent InfraStructures in Artificial Architectures ..... Virtual World Order ProgramMING for Smart and Chaotic Phormations/Imaginanations.

    * A Naked Short Sell or a Covered Long Term Sure House Bet ? :-)

  9. Ian Ferguson


    So Judd Bagley is freely admitting that he's been hacking, illegally? As much as I agree with their cause, his actions are not going to help their point.

  10. fajensen Silver badge

    It is Too Late!

    @Robert Hill:

    Wall Street has evolved: Now all any Wall Street institution has to do to meet their bonus objective is to call up the FED and threaten insolvency if more money is not forthcoming; accounting rules too hard on the bottom line or whatever. Like those annoying children throwing a tantrum next to the sweet shelves in the supermarket. Like the typical loser parents do, Obama and Bernanke will get the candy to stop the whining - even though they have to steal to pay for it!

  11. David Stever

    @ Ian Ferguson - 'Hacker'

    Yup, it sure sounds like something the Repuglicans did here a decade ago- they hacked into Ted Kennedy's Email account as I remember, and watched Democratic strategy in the US Senate, and came up with ways to thwart them for upwards of two years. No charges out of that either. The Repuglicans love to use tactics like this to their advantage, and always cry foul when it's their ox being de-balled.

    If Bagley used this 'tool' to put the screws to a jerk like Gary Weiss, then all the more power to him, and Gary needs to STFU, and lay by his dish. Otherwise, Madoff will end up with some fellow GOPers he can play chess with, during the afternoon exercise time in the yard...

  12. Dan Davis

    Legal implications?

    @Ian Ferguson: I too was surprised by the sympathetic tone of the article, and the total omission of any reference to the legal implications of Bagley's hacking.

    @David Stever: Which GOPers do you mean? Bagley and Byrne are both Republicans.

  13. Ben Colman
    Thumb Down

    Glad I'm not the only one

    I was also disturbed by the approving tone of the article, the failure to report or even mention legal implications, and the sheer sleaziness reported here.

    The headline says that Byrne's crusade "outed" a Yahoo security flaw but that's not quite what happened. Byrne's crusade "exploited" that flaw, and that's a crucial difference.

    I would expect that an honest, ethical etailer would promptly report such a flaw to Yahoo. Instead, an employee of the CEO utilized the flaw in his crusade. Yahoo only became aware of the flaw when contacted by the Register. That is startling in itself, and suggests that Byrne is not taken as seriously by his victims as he might prefer.

    The Register clearly is sympathetic to Byrne on the naked shorting issue and that's its privilege. But to condone tactics such as this is seriously off-putting.

  14. Judd Bagley

    A few clarifications

    As the subject of the article, I think I'm in a position to clear things up for some of the above commenters.

    @Ian Ferguson: I've not done any "hacking". The security expert quoted in the article mentioned some of the extreme ways in which this exploit could be used, but my use was limited to pairing of usernames and IP addresses for a very small number of individuals. This may or may not resolve your concerns, but I should add that in my opinion, the target of my efforts is engaged in an effort to cover up a serious crime, and I in an effort to expose him for doing as much.

    @Dan Davis: I am not affiliated with a political party and Patrick Byrne is Libertarian. I've worked for candidates of both major parties. I don't think it's accurate to classify either Byrne or myself as strictly Republican or Democrat.

    @Ben Colman: I don't work for Furthermore, I don't feel particularly obligated to help Yahoo's army of developers identify security flaws while the company seems happy to allow its message boards to be used and abused by short selling stock manipulators as a forum for spreading libel and disinformation against targeted public companies.

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2019