A news story on Yahoo!’s site was altered by a hacker this week
who exploited a security loophole in the portal. Twenty year-old
Adrian Lamo changed a Yahoo! story about Russian programmer Dmitry
Skylarov to read that Skylarov was facing the death penalty for his
alleged breach of US copyright laws.
Lamo alerted a security company to his actions which in turn
contacted Yahoo! The portal says it has now taken steps that block
unauthorised access. Lamo had used scanning software to obtain the
URL of one of Yahoo!’s open proxy servers. He then configured his
browser to connect to the proxy and entered Yahoo!’s news authoring
facility without having to enter a password, by posing as an
employee of the company.
Mr Lamo has previously been credited with highlighting security
flaws in the Excite@Home network and in AOL’s instant messaging
service.
