

Yahoo included their private certificate in Axis - amandle
https://github.com/nikcub/yahoo-spoof

======
DigitalSea
I've heard rumours from within Yahoo! that next major product release they're
planning on including a copy of Scott Thompson's computer science degree.

------
tlrobinson
<https://news.ycombinator.com/item?id=4016707>

------
Cushman
Ouch. But we've all had moments of forehead-slapping stupidity; I really feel
for whoever let this slip through.

~~~
mike-cardwell
They will never live it down.

~~~
sneak
The amusing part is that they escaped n rounds of major layoffs, only to be
(presumably) canned for something avoidable.

------
altrego99
Looks like they want to give others an opportunity to fix codes for Yahoo.
This will take the open-source to a new level.

------
readme
Is this responsible disclosure?

~~~
sneak
There is no such thing as responsible disclosure.

~~~
readme
<http://en.wikipedia.org/wiki/Responsible_disclosure>

Not sure I really agree. I think it would be courteous to politely inform
yahoo! of their mistake. Potentially more rewarding, as well.

~~~
sneak
<http://en.wikipedia.org/wiki/Allah>

Lots of things that don't exist have Wikipedia pages.

~~~
Karunamon
Sounds like an affirmative claim, can you prove that? ;)

------
sparknlaunch12
How hard is it for Yahoo to change their certificate?

------
tylermenezes
Honestly, it could probably be worse. Who uses Axis, anyway?

It still looks extremely bad for Yahoo, though.

------
sneak
It's a key, not a certificate.

------
wookiefeet
WOOPSIE POOPSIES!

