Hacker News new | ask | show | jobs
by robert-wallis 4821 days ago
Why promote Yahoo!'s email service? They still don't use SSL after you are logged in right? Sending your plaintext session cookie over the net, allowing people in your coffee shop to hijack your email. Nobody should be encouraging people to keep or get Yahoo email accounts.
2 comments
robert-wallis 4821 days ago
Just checked, you can now enable SSL, but by default it is not enabled. No doubt most people don't have it on. Therefore, Yahoo is still an insecure email service.
link
callahad 4821 days ago
We had to start somewhere, and Yahoo's OpenID endpoint seemed pretty sane. Gmail and Hotmail are coming soon to round it out.
link