Yahoo mail password reject loop on OSX Apple Mail fix

If you use Apple Mail (or a similar desktop app for handling email) and you’ve seen the following error message in connection doctor, or you run into the constant cycle of the app telling you to reenter your password, this might fix it.  

“Trying to log into this SMTP account failed. Verify that the username and password are correct.”

It is possible that you’re experiencing a sign in verification issue with apps that don’t support Yahoo!’s multi-step authentication system.

  1. Log into Yahoo’s website.
  2. Click on the gear thing in the top right.
  3. Choose “Account Info”
  4. Sign in (again)
  5. In the section titled “Sign-In and Security” click on “Manage your app passwords”
  6. Give it a name like “MacBook Air Laptop Mail”  and then let it generate a unique app password.
  7. Use this password in your app, and only in this app — create other passwords unique to each app you use.  You don’t need to remember the password, the point is you just generate a “one-app” password for each app that needs to authenticate. 

Full details: http://help.yahoo.com/kb/index?page=content&y=PROD_ACCT&locale=en_US&id=SLN15241

NSA code in Android OS

I thought the comic from the Joy of Tech was fairly cute and didn’t expect it to actually be true. After a bit of searching, it seems to be fairly well corroborated:

I found this quote from Business Week to be particularly interesting…

Through its open-source Android project, Google has agreed to incorporate code, first developed by the agency in 2011, into future versions of its mobile operating system, which according to market researcher IDC runs on three-quarters of the smartphones shipped globally in the first quarter. NSA officials say their code, known as Security Enhancements for Android, isolates apps to prevent hackers and marketers from gaining access to personal or corporate data stored on a device. Eventually all new phones, tablets, televisions, cars, and other devices that rely on Android will include NSA code, agency spokeswoman Vanee’ Vines said in an e-mailed statement.

Naturally, this made me wonder if the code does anything more than just make the devices more secure. I’d be curious to know if anyone in the Android community has actually examined the code to see if it has any hidden surprises. It also looks as though Apple doesn’t accept source code from government agencies… so there’s that.

I’m a big fan of open source for situations where it is appropriate — and many great technologies are developed this way. WordPress and its vast plugin community is a perfect example. The main core functionality is meticulously curated by a single organization; yet anyone can contribute to the project. Code contributions are considered, integrated, tested and then potentially approved into the platform (or not). This “Linux-like Benevolent Dictator” approach works well because there exists one ruling body to enforce and control a universally consistent distributable version of the software.

This approach breaks down if core code is modified because responsibility for upkeep of the code base transitions to the party modifying it. Updates cannot be deployed without merging or reapplying expensive changes. Developing for a branched version is no longer standard and when left unchecked, complicates the entire landscape for developers because of the potential for mind blowing fragmentation. While orthogonal updates are good (plugins/apps), taking ownership of a vast codebase is generally not so good; especially from a cost perspective where unanticipated support costs can easily outweigh the revenue and make it cost prohibitive to keep the branch up to date. In the case of WordPress, this happens when a developer doesn’t respect the boundaries with core code — these folks are pretty universally considered sloppy. With Android, these are the phone manufacturers that alter the core OS for their devices and subsequently fail to maintain the software. The OEMs have little choice but to take ownership of the support since tent-pole features like Email and Calendar are not even included as part of the core Android Framework.

An environment that requires each manufacturer assumes such a level of support for a framework they didn’t create leads to a fragmented, unmanageable ecosystem which punishes application developers and end users alike. In this muddied landscape, the NSA has just as much right and reason to contribute to the codebase as any other organization — and hey, at least they’re contributing, right? Just make sure you understand that when choosing your next mobile device.