网络科技

    今日:354| 主题:255290
收藏本版
互联网、科技极客的综合动态。

[科技] A former insider says Marissa Mayer kept secrets from Yahoo’s security team mor

[复制链接]
最熟悉的陌生人 发表于 2016-10-5 14:07:52
210 4

立即注册CoLaBug.com会员,免费获得投稿人的专业资料,享用更多功能,玩转个人品牌!

您需要 登录 才可以下载或查看,没有帐号?立即注册

x

A former insider says Marissa Mayer kept secrets from Yahoo’s security team mor -1 (difficult,spotlight,sometimes,executive,direction)
  Yahoo CEO Marissa Mayer  Rueben Sprich/Reuters   
  A former Yahoo executive says CEO Marissa Mayer kept secrets from key members of the security team, raising more questions about business practices at the troubled internet company.
   Yahoo's approach to the security of its hundreds of millions of users has come under the spotlight amid revelations of amassive hack that went unreported for years and the company's undisclosed collaboration with the nation's top spy agency.
   According to the former Yahoo executive that Business Insider spoke to, Yahoo's culture of secrecy and its prioritization of other business goals led to troubling security practices that made it much more difficult for Yahoo to defend from hackers.  
   Yahoo's security team was often denied funding and sometimes kept in the dark at Mayer's direction, as she feared more emphasis on security could potentially spur  a decline in the company's user base.
  "In the Mayer world, it became highly secretive," to the point where the head of security wasn't always "even part of the discussion," the executive told Business Insider.
  One such example was highlighted Tuesday, with some former Yahoo employees telling Reuters that Alex Stamos, the chief information security officer in 2015, was left completely out of a decision by Mayer to scan user emails for the government. Stamos and the security team only learned of the program after testing Yahoo's systems for vulnerabilities and discovering software they thought had been inserted by hackers.
  Instead, it was Yahoo's own software engineers who had secretly installed the email scanning software. Stamos, who had been on the job for just one year, resigned in protest.
  Not the first time

  But according to the exec who spoke to Business Insider, the Stamos incident was typical of how security was handled at Yahoo.
  The source recounted an incident about a year earlier in which a member of the security team revealed that they had been directed by the company's legal department to look into a hacking incident, but were specifically ordered not to tell CISO Justin Somaini about it.
  Top executives are sometimes kept out of investigations if there's suspicion that they might be involved in the incident in some way. But in this case, according to the source, the reason for keeping the CISO out of the loop was because Mayer didn't want the hacking incident being used as a justification to increase the security budget.
  “It got very toxic with the Marissa years around a lot of subjects, security being just one of them," the source added.
   The "Paranoids" — as Yahoo's security team is called — often went head-to-head with Mayer and lost, a number of security employees recently told The New York Times. This mostly came down to funding, as requests for things like intrusion detection software or security infrastructure would be rejected as too cumbersome for users, or too costly an expense that might take away from other projects.
  Out-and-out ignored

  Security issues were often "pushed down, dismissed, or out-and-out ignored," the executive said. That may be why a number of Yahoo security engineers have left for other Silicon Valley companies, while the company has had trouble retaining executives to lead its security efforts.
   Yahoo's first CISO, Somaini, joined the company in 2011 and stayed until January 2013, leaving in part because he was " unhappy with the new regime " of Mayer, according to a report from All Things Digital. After his departure, the company didn't have a full-time CISO until March 2014, when Alex Stamos was hired .
   Stamos left for Facebook a little over a year later. His interim replacement, Ramses Martinez, moved to Apple only about a month after being put in the role. Yahoo's current CISO, Bob Lord, has been on the job for 11 months.
  Yahoo did not respond to a request for comment.
  Are you a current or former Yahoo security employee? Reach out: [email protected] (PGP: 0CA0 6424 E782 71BC 1057 EA87 94EF FBA8 8948 80).
友荐云推荐




上一篇:T-Mobile abruptly stops offering JUMP! On Demand lease option for new customers
下一篇:网传iPhone 8将回归双面玻璃设计 网友:十年憋大招
酷辣虫提示酷辣虫禁止发表任何与中华人民共和国法律有抵触的内容!所有内容由用户发布,并不代表酷辣虫的观点,酷辣虫无法对用户发布内容真实性提供任何的保证,请自行验证并承担风险与后果。如您有版权、违规等问题,请通过"联系我们"或"违规举报"告知我们处理。

LPS9981 发表于 2016-10-5 16:08:44
洗洗更白白,顶顶更健康!
回复 支持 反对

使用道具 举报

陌紫柔7 发表于 2016-10-5 16:21:55
我是耶稣他儿子,椰子!
回复 支持 反对

使用道具 举报

微暖 发表于 2016-10-11 06:07:54
楼主,我这人不太会说话,如果有什么冒犯的地方,也是为了顶你!
回复 支持 反对

使用道具 举报

wei263665 发表于 2016-11-14 19:00:45
前排,哇咔咔
回复 支持 反对

使用道具 举报

*滑动验证:
您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

我要投稿

推荐阅读

扫码访问 @iTTTTT瑞翔 的微博
回页顶回复上一篇下一篇回列表手机版
手机版/CoLaBug.com ( 粤ICP备05003221号 | 文网文[2010]257号 )|网站地图 酷辣虫

© 2001-2017 Comsenz Inc. Design: Dean. DiscuzFans.

返回顶部 返回列表