Yahoo Axis may be an interesting, though not revolutionary app, but the launch casts a bit of a shadow on Yahoo's prowess as a tech company.
The Chrome version of the app was found to have a rather serious security flaw so it's been pulled down until further notice.
It's not a huge issue, but it's not a minor one either. The Yahoo Axis Chrome extension
leaked its internal certificate key, which it uses to verify its authenticity with the Google Chrome Web Store.
Basically, it's the thing that tells Chrome that the extension really is Yahoo Axis and that it did originate from Yahoo.
But with the certificate made public, any developer can forge it and create an extension that will look like it was created by Yahoo. That extension could then be able to do all sorts of nasty things to a computer.
Find us on Google+
No user comments yet.
Be the first to express your opinion!
