Yahoo! blocks Adblock users
Yet another reason to avoid Yahoo! entirely....
Yahoo! says it is testing a feature that prevents some users of the Adblock extension from accessing their webmail accounts. Netizens have reported on the Adblock Pro support forum being unable to use the Yahoo! Mail service with the ad-blocking extensions turned on. When trying to log into the Yahoo! webmail, they are met …
That and every iterarion of their "improved" webmail experience makes the entire thing more and more horrible to use. In general, everything Yahoo designed is User Unfriendly Software, effortless falling off the wrong end of every metric of usability, accessibility and just plain common sense.
While they claim to keep access to the old versions alive, in reality they just cripple the old version and effectively force users to switch to the "improved" new version because they have no choice.
Whereas you can set up thunderbird to use imaps and bypass their website in its entirety. Strange logic to be honest - why push people off your website but allow remote connectivity. Though you'd be advised to not turn off adblock because don't Yahoo! have a habit of serving up poisoned adds to their consumers?
They know that a significant proportion of users don't bother with dedicated email clients, and prefer to check their mail via a browser. For those users: YOU WILL BE ADVERTISED TO. I don't know to what extent Yahoo trawl the content of emails regardless of access method, but if it's anything like Google's gmail: WE'RE GOING TO DO OUR DAMNDEST TO TRACK YOU AND ADVERTISE TO YOU. RESISTENCE IS USELESS.
Me, I prefer to pay a few poundlets per day to an email hosting provider that doesn't treat me as the product.
Perhaps they could finally get round to doing IMAP IDLE. In the end it would actually save bandwith instead of all these phones logging in every 5/10/15 minutes.
And they could fix disposable e-mail addresses which have stopped working properly, for me at least.
I expect they've got the plaster falling off the walls at their offices too.
Well, if you're using an adblocker they aren't making any money from you.
They are - by trawling your email, building a martketing (not just advertising) profile and selling it to someone else. The fact that they are selling somewhat damaged goods and the profile is not usable by the advertiser because of APro in that case is not so relevant. It can be used by other means - it will now change the selection of what is "related" offered on various e-commerse sites, etc. All stuff marketeer scum loves.
- US$12/year for a personalized .com domain
- US$30/year for a nicely featured email account which lets you add and remove aliases for temp addresses
- http://theoatmeal.com/comics/email_address seems to cover this
In all fairness, my almost-80-year-old dad really likes his yahoo email.
I dumped Yahoo quite a while back (search for "Yahoo" and "XSS" to see how vulnerable your Yahoo account is). With the number of free alternatives, I really can't see why anyone would bother with Yahoo any longer. Yahoo has been slowly sliding down the slope of irrelevance for quite some time now.
I did somehow or other manage to get my address book hacked. They stole my address book and spammed everyone from a different account. I mentioned it to Yahoo via Twitter, and they just gave out the usual thing about changing passwords. I only log into Yahoo Mail through two devices. My laptop which is rather secure, and Android Yahoo App.
I have been using Yahoo Mail since about 1998. I don't want to leave now.
YOU didn't do anything...Yahoo did. Look up "Yahoo XSS attack" to see how truly pathetic Yahoo security is.
If you want to keep your Yahoo? Use Gmail to access your Yahoo or use thunderbird, but their webmail is nothing but a security nightmare and they give ZERO craps about its weaknesses, just about shoving ads down your throat.
>If you want to keep your Yahoo? Use Gmail to access your Yahoo or use thunderbird
You might lose your account that way. My wife used macmail/imap with hers and they shut her account because "it hadn't been accessed." She couldn't be bothered to try to get it back.
It was inconvenient but just accelerated the use of our own domain email. It's a pretty horrid web interface anyway - there's no way she'd use that.
Same here. I can see from the login history that nobody but me accessed my account and my password was pretty strong, fairly new and unique to yahoo so I was surprised to hear from my address book contacts that they'd had spam from 'me' addressing them by the name I used in my address book. This was a couple of months ago. I changed my password as a matter of protocol although it's pretty clear that wasn't the cause of this.
Fortunately, I only use yahoo mail for signing up to all the sites I don't give a stuff about so at least they've got somewhere to send their spam.
Back in 1999/2000 (?) I found that if I sent an HTML email to my Yahoo account,and if that included a style tag linking to a CSS, then that style would be applied to the full Yahoo webmail page, not just the email. Cue laughs sending emails to pals and replacing the fonts of their Yahoo inbox to pink Comic Sans.
I don't think I used Yahoo email much longer afterwards...
Yahoo actually forced me to avoid them a while back. Their account screw-ups just got to be to much and their email became unreliable. It began when they tinkered with their servers and made my email inaccessible intermittently for a time. After that they introduced a double authentication thing which locked my account for the new double auth. The double auth failed so I gave up on my email account. Then I found Yahoo demanded my cell phone number just to create a new email account as well. Hell no you can't have my cell phone number! It's crap like this that makes enemies out of it's past users and Yahoo is doing a damn good job of it.
To be fair (meaning: expect lots of downvotes) Yahoo are trying to protect the account holder by finding ways to identify them should (or when) the account be hacked. The account-holder's Cell phone number is one way to move in this direction. (What other ways are there that are less imposing?)
Of course, cell phone numbers are just as discardable and anonymous as email addresses, so I can't think there is a privacy issue there, and SIM cards are not expensive. The only downside is remembering to let Yahoo know if you move phones.
The real problem is that these companies need to move away from serving the anonymous masses - let's be frank here, these are the ones that are more likely to be involved with questionable activities. It harms the reputation of the Email Provider and, as a user of their service, can have a knock-on effect of preventing those messages you send from being received.
I am not advocating anyone use Yahoo mail these days - more likely trying to wean my clients off of it.
"Of course, cell phone numbers are just as discardable and anonymous as email addresses"
Not in Australia they're not. In order to buy a phone with service and a number assigned to it here, even if it's a pre-pay service, you have to produce photo ID, such as a driver's licence. No phone shop will sell you one without it. Of course you can buy a phone with no SIM card without ID, but that of course is useless.
So discardable, maybe. Anonymous? Nope. Not unless you can pull fake ID, and in this country that's opening yourself up to a world of hurt if you get caught.
There's the interesting thing. On the face of it, Yahoo have been irrelevant and bereft of income for a decade or more and yet they are still going. How? No-one is really sure. Why do I care? Well, using Yahoo as a model and extrapolating, Microsoft's cash pile is large enough that they should still be pushing some "operating system as a service" type of product well into the next century. (By then, of course, people will have their personal computing as a body implant running off biological power, which gives a whole new and disturbing meaning to the phrase "Intel Inside".)
Doesn't Yahoo partially own or did partially own Alibaba? I believe they made a huge amount of cash from that. They meet be burning through it now though.
I know about 7 people (including myself) with Yahoo accounts and all have had the address books taken and spammed to death.
I really don't get the logic behind this, if anything if I was a Yahoo Mail user this would push me towards finding *another* mail service rather than disabling AdBlock.
Advertisers only have themselves to blame for the rise of adblocking software... If they didn't put sound and moving crap all over the screen then people wouldn't have gotten so fed up that they block *everything*. It's up to them to *earn* back our trust...
*The Reg needs a Spock Icon.
I think the rise of the more obtrusive ads is driven by the fact that while more benign ads would benefit the online ad industry as a whole, a more attention-grabbing ad immediately benefits the specific ad placer. At least in the short term.
Then, of course, there's an arms race, of sorts, and here we are.
Plus criminals have discovered that ads are a good attack vector. Social engineering.
One big problem is too much intermediation in the chain, making any kind of quality control very difficult. We need to get off our addiction to free content - if we did we could save money on bandwidth and computer power.
"We need to get off our addiction to free content"
The problem is, suppose sites do move to a subscription model? Many already have - Murdoch's rags in particular - but how long once it becomes the norm will it be before the bean-counters start pointing at the extra money they could be making with subscriptions AND advertising?
This is exactly what happened on cable TV here in Australia. When cable first became available, it was fantastic - finally you could watch TV with no ads. Then they began putting in little ad breaks just to let you know about upcoming shows. Then the charities snuck in. And finally the money talks and the commercial ads get started. In the end, adverts on cable got about as bad as on free-to-air, except you get to pay a minimum $50 a month for the "privilege." $120 a month if you want Game of Thrones and its ilk.
So I'd bet a penny to a pound of shit that if the ad-free site subscription model took off, once it became the norm and there were no viable alternatives, you'd start seeing the whole adverts - adblockers - adblocker-blockers cycle start all over again. The greedy bastards are simply insatiable.
"...At Yahoo!, we are continually developing and testing new product experiences..."
So someone at Yahoo! came up with the notion that forcing ads down people's throats, when [by installing an ad-blocker] said people had already indicated they didn't want to see ads was a "new product experience" worth "developing and testing"?
Tune in same time next week when Yahoo! launches another new experiment, to guage whether or not users enjoy being smacked in the genitals with a croquet mallet, while checking their email.
Ha-ha! I have an empty Yahoo! mail account I sometimes use to register on websites, mostly those that block Mailinator and such. I just logged in out of curiosity (I use AB+, but I am not in the US). In 2015 a grand total of two email arrived in my Inbox, but before I could see that I had to close a popup that offered me to integrate Yahoo!, Outlook, and ... AOL? Is that still a thing?
Give us ad-masking instead. Ad-blocking was born at a time when consumer bandwidth was very limited. There are certainly locations where that still apply, but I wouldn't object so much to the content being downloaded if I only can keep the ads off my screen and out of my speakers. Efficient ad-masking implies that everything is downloaded and processed (except from rendering) so that any expected responses are returned. That should make the masking feature invisible to server operators and advertisers.
A good thought, for those who have unlimited bandwidth and fast links all the time; there may be more subtle approaches which might be considered.
Nonetheless, I remain with adblock firmly on, along with noscript, and my browsing is a much happier (and not coincidentally faster) experience.
Dear websites: your job, on the whole, is to make money for your shareholders/owners. You have chosen, by and large, to make that money from advertising, on the assumption that your provided service is sufficiently enticing that I will watch the supplied advertising.
I will accept, from a retailer, internal advertising - but that's it. I don't want to see it if I am not on your site, and believe me I am not in a 'relationship' with you that gives you the right to bombard me with spam after the event.
I have never seen a site whose content will persuade me to suffer advertising, and I don't expect to. There are only one or two sites - this has been one of them - for which I would pay; and even then, please remember that the majority of the internet is nothing more than entertainment. The total costs I would be prepared to pay, for my *entire* internet use, should be on the order of the BBC licence fee; a few pence per day.
"Give us ad-masking instead."
I used noscript for quite a long time mainly to speed the performance of Firefox (Linux/Core Duo laptop from 2007 with 2Gb RAM).
Ad-masking would still hit performance on lower powered devices (both cheapo tablet and older kit).
I'm using a dongle for Internet access as an experiment this month before cancelling the adsl 'broadband' and the landline.
"Give us ad-masking instead"
I don't understand the downvotes. This is the best all-round solution. The website gets paid. The user doesn't get pissed off. The ad networks also get paid. The advertiser? Well, as they haven't succeeded in pissing off the user they haven't lost potential or real customers and their direct costs are no more than they would have been had they paid to lose those customers.
"Its only the best all round solution if you don't have any significant delays in loading ads, and they are not poisoned flash files or similar that then infect your PC."
You'd need to have an overall limit, volume and time, on what could be downloaded. And as it would all be sent to /dev/null or whatever equivalent you OS provides poisoned flash files would be no more of a problem than the noisy ones or the animated gifs.
to parts of the world still on Dialup level Internet speeds.
Do you really want to take minutes to load a page because of all these ads and tracking sites being resolved and downloaded?
Then when the internet you are using costs several $$$ per minute.
so adblocking or ad-masking? Your choice my friend..
I know what one I'm gonna use when I'm on a small island in the Indian Ocean next week.
"to parts of the world still on Dialup level Internet speeds.
Do you really want to take minutes to load a page because of all these ads and tracking sites being resolved and downloaded?"
You travel to parts of the world that has slow dialup connections, and you still insist on using webmail?
You know there are better ways don't you?
"I don't understand the downvotes. This is the best all-round solution. The website gets paid."
Wrong. Ads that are not seen are worthless. The way which they are hindered from appearing on the screen is merely a technicality and pointless. Actually, you could even argue that ad masking is even worse than ad blocking, because the resulting effect (ie. users not seeing ads) is achieved at a far higher cost for everybody.
You read that right, welcome to the modern Internet.
Say you have a piece of malware which you want spread out, then why waste your efforts on one website while you could be targeting dozens at the same time with a little preparation? The secret? Target the source which all those websites have in common: advertisements. The best part is that most advertisement uses different sources which usually get displayed in series. So while one client might not see anything wrong with it the other will get the full package, also making detection a little harder.
Think I'm fantasizing? Sorry to disappoint: I've seen just way too many well respected websites fall prey to this. Ending up getting mentioned in several virus scanners as well as through Google and Bing itself.
Now: I realize that you should be able to expect good or better security from a bigger player such as Yahoo, but what guarantees are there? And make no mistake here: above I was only referring to malicious contents which was obviously harming your computer. Since we're talking e-mail: why not try to set up listeners which more or less mask themselves as advertising? A very lucrative business I'd say, especially since you're specifically targeting an e-mail platform.
I know, I know... I may be too cynical; I'll add the black helicopter. But that doesn't make it unreasonable to be careful here, and to simply stop using such a provider. Besides: there's plenty more besides Yahoo: Google, Microsoft, and just about every domain registrant out there.
You're quite right. It's rapidly getting the the stage where the general public realises that basic internet access security requires 3 things: anti-virus, noscript and an adblocker. As soon as the adblocker becomes universal it's game over for the entire advertising chain. They need to tackle malvertising urgently if they hope to survive. I'm surprised Google haven't done something about this already although as soon as they do, hoping that adblockers will whitelist them, the rest of the industry will make the usual monopoly complaints while ignoring the fact that it was their own arrogant sloppiness that brought the situation about.
You realize ads can only used to distribute the same malware, the same way, and may only pose the same threat as the web pages themselves, don't you? Nah, you obviously don't.
It's just another false excuse used for ideologizing ad blocking, which is practically content and service theft.
It's just another false excuse used for ideologizing ad blocking, which is practically content and service theft.
By that bizarre, shit-headed logic, it will be content and service theft if you don't buy from those advertisers. Because sales, my pea brained friend, are why the advertiser place adverts, not for the placing's sake. And what's more, you are a particularly cynical thief if you haven't fully opened up all privacy and content sharing with Google, Yahoo!, your ISP et al, since otherwise you're allowing them to serve you adverts for things you might not want to buy.
At the margin, many if not most people will take some advertising to support content. But what you evidently can't comprehend is that the advertisers have knowingly and intentionally taken the piss, by invading user privacy, happily wasting user bandwidth, being unreasonably intrusive with pop ups, jiggly, flickery Flash based crap, by wantonly compromising user security, and even wanting to hijack user's speakers to broadcast their pap.
The unwritten contract between service user and advertiser has certainly been broken, but it was broken by the advertisers, and that's why most sensible people run adblockers and the like.
I have had a Yahoo email since 1998, and quite frankly over the years it has become a cesspool of spam.
It take some work to switch to another less intrusive and spammy email, considering all the sites I have registered at using the Yahoo address.
Besides Yahoo mail has been getting slower and slower, a good thirty seconds to open a blank new email.
> ... it has become a cesspool of spam. [...] all the sites I have registered at using the Yahoo address
So the cesspool is entirely of your own making! And really nothing to do with Yahoo! It isn't spam if you signed up for it or if you are a customer so don't report it as spam because that wastes everybody's time by filling the filters with crap that shouldn't be there.
The slowness on the other hand is entirely due to sites and ad services including mental quantities of scripting in everything and even blocking it all isn't cost-free, and that in conjunction with your ancient slow tablet/PC.
> Do you really think reporting spam has any effect?
It does actually.
Last year I encountered a UI bug in the Yahoo Mail android app that jammed the spam button and accidentally marked about 100 emails in my inbox as spam.
I quickly moved it back to my inbox, but Yahoo had already updated its rules and for the next few days legitimate email was ending up in my spam folder.
When I noticed, I fixed it by doing the reverse, moved it all back into spam again then moved it out by clicking Not Spam.
"It take some work to switch to another less intrusive and spammy email, considering all the sites I have registered at using the Yahoo address."
It does but it's worth it. I used to have two addresses, a hotmail one for places likely to result in spam & an ISP one. The ISP one survived several buyouts until TalkTalk bought it out. As part of the ISP migration I registered a domain still with a single address on it until that must have leaked and started to get spam.
The current arrangement is that every company I deal with regularly has their own address so if any leak I can (a) identify where the leak came from and (b) replace the address. The hard work is in going through all the different address change mechanisms, some of whom can be a pain. It's also an opportunity to re-evaluate all the businesses to whom you've given an address & cull a few. Finally, every month or so I set up a new temporary address for circumstances where I might need to give out an address for a single transaction and then I kill that after a few weeks. All the live addresses go into a single account and so into a single inbox on Seamonkey. That's been the arrangement for a few months & seems to be working OK. In the long term the work will have paid off.
The Hotmail account receives almost nothing but spam now (the exception are usenet users who simply can't read the instructions in a sig.) and as I never kept an address book online no contacts who used it can get spammed from the Hotmail me apart, possibly, via the occasional numpty who included it in a cc: list. I really should get round to closing it and changing the one registration left using it - el Reg.
I'm so sick of all the garbage on the web (I'm not referring to the content) I'm now going to the mobile versions of many sites, while running no-script. (Many sites that don't work without JS, have a mobile site that does.)
Works great on Facebook, I haven't tried it on yahoo, because I normally use Thunderbird to access it. (Not that I get many emails to it).
GMail I always use the plain HTML version (when I'm not on my main comp with Thunderbird), but it is irritating how it tries to force you onto the horrid new version.
Yahoo's adverts are not very nice. A client phoned up last month asking for help to get rid of the adverts. This guy is 75 years old and was getting obviously annoyed that every time he looked at his email the top message in the inbox was an advert banner from Yahoo advertising Funerals!!
The huge advert down the right hand side was as bad. Can't remember what that one said, but it was close enough to "you are going to die soon".
We found our way onto the old Classic Mail interface and he was fine again.
It is very weird as to how so many of Yahoo Mail users just plain refuse to change their routines and use a proper mail client. Just by the definition that these people are using Yahoo Mail shows how little they understand the technology.
And as to the constant hacks and password thefts... I have one client who is hit every 18 months. He'll have his address book spammed with one of those "I am stuck in a foreign country, send me £5000" emails. The scammer will also delete his contacts from within Yahoo. And then change the reply addresses so it is being redirected to a different scam account. At least with that guy I have finally got him using a mail client!
Found out recently that adblock can be a bit more intrusive then needs to be. It started blocking perfectly normal Ajax requests of a script starting with "ad.." for example "adoptions" or "addons". did I say blocking? It made jquery crash and burn without any meaningful error. This is becoming malware! Yes, one could switch to uBlock but it's annoying that I've to be adding another check on browsersupport: to see if they run with this plugin!
PS: Yahoo mail sucks, who cares you get blocked. Time to move on.
The only email account of mine to ever be hacked was an old yahoo one. Reset password to one never used before, and not used for anything else... Didnt log into it again, then started getting spam from it again... That was within a year it was hacked again. There was clearly something obviously very wrong with their security, so I just closed the account, and forced my in-laws and wife to close their active accounts and move to gmail or ms... No issues since. Seems to me like they're focusing on the wrong issues with their email services.
This post has been deleted by its author
... not to mention humans.
Last I checked you had to go through protocols to perform experiments on vertebrates.
And it is a lot tougher to test with human subjects!
So, what ethical review board was consulted before this ecperiment? Was the FDA / NIH / NSF / FTC informed?
I only ask because the last three weeks we have been getting emails with dodgy URL's in them, the first week there more than 100 in the week, now it's down to about 10 last week, we even got them from our regular suppliers.
Once we investigated and spoke to a few people outside the organisation, we found their staff had become infected after being targeted with emails from Yahoo accounts, which then started sending out copies of the email to everyone in their address books.
Two staff with Yahoo email accounts then advised us that they had to reset their passwords after not being able to get into their accounts at home.
When we checked our logs, their accounts had sent malware emails to staff in our organisation that our devices had blocked.
So I can only expect that Yahoo have suffered a large hack but I just haven't seen anything about it yet.
Been with their webmail for probably 18 years and it was reliable for, say, a dozen of those. Not so much recently. Frequent apologies for downtime. Odd stuff like attachments falling off the end of mails. Links in mails are live when opened in Hotmail but not in Yahoo.
As for this adblocker nonsense, pushing users towards the exit.