Yahoo launches Axis 'browser' and fumbles it disastrously

Yahoo, in a bid to outstep the controversy left by former chief executive Scott Thompson, launches a brand new browser. But in doing so, it fouls it up horribly and causes another stir.
Written by Zack Whittaker, Contributor

Yahoo, not content with recent headlines over the ousting of its resume-tweaking chief executive, launched a new 'browser' for mobile and the desktop.

But it couldn't even do that right without fouling it up. Yahoo could probably trip over a chain in the street and unwittingly pull the plug on the Great Lakes --- it's that unlucky.

The former Web portal giant wants to eliminate the middleman in search by offering page links and image results without having to trawl through a search engine's pages. It could be the start of a terrible day for Google, and a fantastic day for Microsoft.

This move by Yahoo is its attempt to clamber onto the sides of the hole it landed itself in. Not content with cutting 2,000 jobs --- or 15 percent of the company --- earlier this year, along with all but a select few of Yahoo's "core" services --- like Yahoo News, Finance, Sports, Entertainment, and crucially, Yahoo Mail --- the company is making a new start back in search.

Bing, bing: Valiant effort, but Apple won't let Yahoo play ball

Seeing as Yahoo ditched its own search engine in favour of Bing, Microsoft must be in stitches with laughter, grinning eagerly at the prospect of its search market share rocketing.

Back in April, I said:

"Thompson said the search alliance with Microsoft was 'not yet delivering' the revenue results that had been expected. While Yahoo cannot renege on its partnership, nor would it be a wise idea to bail out at this stage, it reiterates the fact that Yahoo cannot rely on others to bail itself out."

With the one thing it has left that guarantees the company revenue is search. Following Yahoo's Q3 2011 earnings call in October, the company said its problems with Microsoft were "diminishing," and agreed to extend its revenue-per-search guarantee. Microsoft gets a little, but proportionally, Yahoo gets a lot more.

There is a major snag, however. Interestingly, for iOS, Yahoo is stuck in a rut because links accessed outside the browser do not and cannot default to the Axis browser; instead they jump directly into Safari. This means Axis can only be used actively rather than being loaded up passively as a result of a user's actions.

Sister site CNET's Rafe Needleman explains that while Axis for Android is currently in development:

"...it's a pretty safe bet that Google isn't exactly going to roll out the welcome mat for Yahoo's browser. Google already has two of its own browsers for mobile, the Android browser and the still-in-beta Android version of Chrome. And those drive traffic to Google's ads, not Yahoo's. (Firefox, by the way, defaults to using Google for search, so even when people use it instead of Chrome, Google still wins.)

The terms and conditions didn't launch with the browser

The brouhaha of Amazon's Silk browser sparked a terms-and-conditions frenzy. The browser would export its processing power to the cloud, meaning when you "go" to a site, you're viewing an Amazon EC2 cloud-based copy of the site. Amazon would be able to track your every online move, including where you went and what you said.

It was unlikely Yahoo would do the same thing, but nobody knew because the terms and conditions were not live at the time of the product hitting the Web --- suggesting a fumbled or impromptu launch by the company.

For more than an hour, the page simply read: "Terms will go here."

Of course, many will not even think twice about the terms and conditions --- that is, until it's too late. Particularly with browsers, users should always think again due to the sensitive nature of the content that flows from your screen into the pipes of the Web.

There's a major security flaw: Yahoo publishes its private key

A Yahoo developer apparently left in the private certificate key in the Chrome extension, making it possible for hackers and malware writers alike to counterfeit browser extensions.

Security expert Nik Cubrilovic explained that the private key can enable a hacker to "create a spoofed package that captures all web traffic, including passwords [and] session cookies." Yahoo is already on the case.


Yahoo Axis head Ethan Batraski said in a comment on The Next Webthat the company is aware of the vulnerability and "immediately disabled the Chrome extension.

He added: "We have blacklisted the key with Google and is taking into affect immediately.We take these type of issues very seriously and are working around the clock to ensure this is resolved."

All in all, the terms and conditions were fixed and the private key will likely be changed within hours or days. An update will likely flow through the pipes later today.

But it's hardly the best start for Yahoo trying to make a fresh impression.

Image credit: CNET (1, 2).


Editorial standards