Recently (as of this writing), the web site Need to Know (aka NTK, located at http://www.ntk.net/) printed an article (http://www.ntk.net/2002/07/12/) describing how Yahoo! was altering words in users' email in a vain attempt to forestall scripting attacks (apparently largely aimed at avoid problems with Javascript in HTML email). For instance, mocha becomes espresso. However, eval, which in some programming languages (such as Javascript) allows the evaluation of an arbitrary expression in that language, is transformed to review. However, the ham-handed regular expression used to perform this transformation apparently doesn't notice if eval is part of a word, and so medieval becomes the awful medireview.

When I first saw the claim on NTK's website that this had leaked into many other websites, I found the claim difficult to believe. I figured few things went through Yahoo! email and became web pages without a quick review (or is that an eval?). A quick search on Google, however, verified the awful truth. I was shocked by copies of New York Times book reviews with medireview in place of medieval, a medieval leather email list with subject lines transformed from medieval glue to medireview glue, a curriculum vitae including the word, and even SCA pages using it. Over 1,170 results on Google for a word created by Yahoo!.

I guess the moral is: Don't rely on a Yahoo! for protection.

Log in or register to write something here or to contact authors.