Another trick from Yandex mail
Hello!
Reading Habr, I noticed that a lot of bad things have happened to Yandex and its services lately. Then they will turn up, then the services will be cut out. People spit.
Faced the other day with another Yandex trick.
')
I have an old box on Yandex mail. Every day, automatically, many times a day, I check the mail with the bat, what has come - I immediately take it away and delete it from the server. The box almost never glowed.
Suddenly, the other day, the bat informs you that the POP protocol is blocked. I climb into the web interface. There they report to me that they have a suspicion that my account has been hacked and now they have blocked it.
To unlock asking formoney information.
They have a form of recovery there. They want my first and last name, date of birth, mobile number and at the end of the photo of my face against the background of the turn of my passport! Immediately I wanted to ask them - do you need to measure anything with a ruler?
And the most interesting thing is that who remembers to which accounts I have this box then regil? And the form automatically checks, writes about a mismatch and a dead end. And there is no feedback.
Rape found a feedback form somewhere in the wilds, wrote them this way and that. Those included a fool, let's say a photo to understand that you are you. I wrote to them that I can prove that I am the owner. Look, there are no letters in the box, and at the same time he himself informed about the dates, topics and recipients of the letters received and sent from this account since 2010. Access to the logs only they have. If the attacker now hacked my account, how would he have learned about such letters, if they are not in the box? Even in one letter I saw the name and surname for which the regil box was located. All unsubscribed. Frost.
I wrote to them that I didn’t need their annoying “care” and “protection against hacking” and asked her to turn it off, saying that they could sort it out somehow without them. Under my responsibility. Frost.
Could simply disable the ability to send-receive letters, if so afraid of spam, etc. And do not completely hack access to mail.
In general, the findings:
1. Obviously, for the work of Yandex mail, they do not need not only my phone number, but also other personal data. I, like many, do not wish to indicate to them anything that could de-anonymize me. Mail and without their innovations successfully worked in decades.
2. Based on claim 1, it is very likely that this is a divorce from Yandex in order to get personal data and, if anything happens, to determine a specific individual.
3. Yandex’s approach is rather vile. It’s good that I’m picking up all the mail with bat and I have it locally. Well, there are no services registered for this box. Otherwise it would be more pitiable. The same Twitter, a week after registration, honestly warned that if I did not enter the phone, it would be blocked. Yandex just silently shat.
4. Considering such tendencies of Yandex, users should think about it. Either they give all real personal information about themselves toUncle Yandex, or think about dumping from Yandex as from an unreliable platform. So that later there were no problems with Yandex. And also think about the reliability of your accounts in their other services.
I would like to hear in the reviews if anyone else got on such nonsense? Maybe they have such a mechanism running and is slowly working, with the goal of gradually de-anonymizing users? After all, the facts to the suspicion of hacking, I can not check.
Reading Habr, I noticed that a lot of bad things have happened to Yandex and its services lately. Then they will turn up, then the services will be cut out. People spit.
Faced the other day with another Yandex trick.
')
I have an old box on Yandex mail. Every day, automatically, many times a day, I check the mail with the bat, what has come - I immediately take it away and delete it from the server. The box almost never glowed.
Suddenly, the other day, the bat informs you that the POP protocol is blocked. I climb into the web interface. There they report to me that they have a suspicion that my account has been hacked and now they have blocked it.
To unlock asking for
They have a form of recovery there. They want my first and last name, date of birth, mobile number and at the end of the photo of my face against the background of the turn of my passport! Immediately I wanted to ask them - do you need to measure anything with a ruler?
And the most interesting thing is that who remembers to which accounts I have this box then regil? And the form automatically checks, writes about a mismatch and a dead end. And there is no feedback.
Rape found a feedback form somewhere in the wilds, wrote them this way and that. Those included a fool, let's say a photo to understand that you are you. I wrote to them that I can prove that I am the owner. Look, there are no letters in the box, and at the same time he himself informed about the dates, topics and recipients of the letters received and sent from this account since 2010. Access to the logs only they have. If the attacker now hacked my account, how would he have learned about such letters, if they are not in the box? Even in one letter I saw the name and surname for which the regil box was located. All unsubscribed. Frost.
I wrote to them that I didn’t need their annoying “care” and “protection against hacking” and asked her to turn it off, saying that they could sort it out somehow without them. Under my responsibility. Frost.
Could simply disable the ability to send-receive letters, if so afraid of spam, etc. And do not completely hack access to mail.
In general, the findings:
1. Obviously, for the work of Yandex mail, they do not need not only my phone number, but also other personal data. I, like many, do not wish to indicate to them anything that could de-anonymize me. Mail and without their innovations successfully worked in decades.
2. Based on claim 1, it is very likely that this is a divorce from Yandex in order to get personal data and, if anything happens, to determine a specific individual.
3. Yandex’s approach is rather vile. It’s good that I’m picking up all the mail with bat and I have it locally. Well, there are no services registered for this box. Otherwise it would be more pitiable. The same Twitter, a week after registration, honestly warned that if I did not enter the phone, it would be blocked. Yandex just silently shat.
4. Considering such tendencies of Yandex, users should think about it. Either they give all real personal information about themselves to
I would like to hear in the reviews if anyone else got on such nonsense? Maybe they have such a mechanism running and is slowly working, with the goal of gradually de-anonymizing users? After all, the facts to the suspicion of hacking, I can not check.
Source: https://habr.com/ru/post/393065/
All Articles