Hacking Attempt on Yahoo account?
-
Why is it that, whenever I try to access my
yahoo.commail account using Vivaldi Browser, the program attempts to do this throughhttps://guce.yahoo.com/and, since I don't allow it to do it using a special config here, of course I am shown an "error" page on whose bottom I see the warning "ERR_SSL_VERSION_INTERFERENCE". For your knowledge, in case you don't know, the addresshttps://guce.yahoo.com/is from the Amazon group (ec2-18-204-238-9.compute-1.amazonaws.com, as shown as a resolved address). Weird... Naturally, I am seriously giving some thought to quit using Vivaldi, which seems not to be reliable anymore.Thanks for your attention, if any.
modedit Removed negative assumption from title, removed backlinks
-
A quick search shows GUCE as standing for "Global User Consent Event" and this is apparently something used by the company "Oath" for consenting to data collection.
Oath is home to the sites and apps you know and love, like HuffPost, Tumblr, Yahoo Mail, TechCrunch, and many more.https://www.oath.com/my-data/#meetoath
This page is of course filled with marketing jingo about "respecting" users' privacy, giving users "control of their data", and that collecting your data will "improve your experience"
We may provide information to our parent company Verizon, our partners, and other parties for product improvements, research and analysis, and to help them provide you more relevant experiences and ads.Oath.com is a company owned by Verizon Media.
OAuth itself (not sure if any relation to above company) of course is an open standard, but once you get the corporations in on it, they will find a way to abuse anything.
https://en.wikipedia.org/wiki/OAuthIt's not hacking, and I don't understand why your "special config" would block the address "guce.yahoo.com". But if you want to continue using Yahoo I think you have no choice but to accept their terms and conditions, just how it is.
"AmazonAWS" is a cloud provider, and the address is just an alias Yahoo uses to point to their machines on the Amazon cloud.
I doubt this is a Vivaldi specific setting, as the same would happen in other browsers, depending on your setup.
-
Here's a pro tip.
Use a real email program ¯_(ツ)_/¯ -
Hi, Thanks for your support.
Actually, I meant this seems more like a "hijacking attempt" of a kind - well, in itself it is certainly something bad. I want to login into my yahoo mail account and not to a "guce.yahoo.com" whatever it is account. Anyway, whenever using Vivaldi for browsing to my e-mail account and trying to sign in through "https://login.yahoo.com", I am "redirected" to "https://guce.yahoo.com/consent?gcrumb=28c1Smo&trapType=login&done=https%3A%2F%2Fwww.yahoo.com%2F&src=" !
Take a look at the animated GIF capture (see viewing link bellow). It undeniably shows this happening. The moving cursor represents back and forward page navigation through mouse gesture actions so as to clearly show the "transition" that occurs between differently weird login addresses. The "ERR_SSL_VERSION_INTERFERENCE" error page is shown on account of the fact that I proactively blocked all Amazon addresses as a precaution when I first detected this possible hijacking attempt.
Again, thanks.
Regards.
-
@Pathduck said in Hacking Attempt on Yahoo account?:
It's not hacking, and I don't understand why your "special config" would block the address "guce.yahoo.com". But if you want to continue using Yahoo I think you have no choice but to accept their terms and conditions, just how it is.
"AmazonAWS" is a cloud provider, and the address is just an alias Yahoo uses to point to their machines on the Amazon cloud.Hi, guys. Thanks to you all for your kind attention and support. That may be the case, that is, no hijacking action and actually sheer data collection, no privacy. I have very particular reasons for not always checking e-mails through a mail client. Anyway, guess I should migrate to another service.
All the best and kind regards.
-
@progenio All the big providers do this and it's just understood if you want to use their free services you also have to consent to have your data collected. Maybe it's been a while since you logged in to your mail, and they need you to consent to some new agreement on how your information is used.
Personally I have Hotmail, Google and Yahoo mail, and have no big issues with their terms, just that users need to be aware that they do this.
The only reason I have a Yahoo account is that Flickr was bought by Yahoo so I need to login to "login.yahoo.com" to use Flickr.
Logging in to Gmail, I will be sent to "accounts.google.com".
Logging in to Hotmail I will be sent to "login.live.com".This is just how the sign-on process works, and is nothing malicious at all. Their data collection is something each user will have to consider for themselves, how much is it worth for a free service.
Yahoo owns the "guce.yahoo.com" host, and unless your DNS provider is being spoofed* you can trust this site - at least to the extent that is a part of the Yahoo services.
Also be warned, if you block all Amazon AWS addresses you will no doubt have problems down the road, as a lot of services are now hosted on the Amazon cloud.
-
May or may not be relevant but this can be handy...https://haveibeenpwned.com
-
@Pathduck Hi, guys. Thanks again for your support. Problem is that, as far as I can remember, soon after I had detected this potential hijacking attempts happening, I got an unsolicited e-mail message into my yahoo inbox from Vivaldi's folks (apparently - I did no serious check to make sure it really was from them) telling me something about which I can't remember now. Weird stuff this unsolicited message, since I can't remember informing this specific e-mail address of mine to Vivaldi's folks. Well, with these things in mind, I guessed I could or should put two and two together and come to a conclusion involving hijacking. But maybe it's all about gathering user data indeed in the end.
Regards.
-
@Para-Noid Hi, Para. Thanks for sharing. Tried stuff there and, apparently, I wasn't pwnwed. Regards.
-
@Pathduck said in Hacking Attempt on Yahoo account?:
Also be warned, if you block all Amazon AWS addresses you will no doubt have problems down the road, as a lot of services are now hosted on the Amazon cloud.
Thanks. I'll sure give some serious thought to this.
Yes, I am aware about the user being resent to namely different but related and quite known services or addresses. Only I found the unknown, at least by me, "guce" stuff very odd, maybe totally on a very subjective hasty basis on my part.
Thanks.
-
@progenio said in Hacking Attempt on Yahoo account?:
I got an unsolicited e-mail message into my yahoo inbox from Vivaldi's folks (apparently - I did no serious check to make sure it really was from them)
That's interesting and certainly would be unexpected. Care to share some of that email - from address, text etc? You can of course remove any information like name and addresses you shouldn't share? Just the main text of the email and possibly the headers?
If you deleted it, probably it's still in the deleted/trash mails folder in Yahoo mail.
-
Ppafflick unlocked this topic on -
Ppafflick moved this topic from Vivaldi for Windows on
