Yahoo's “Anti-Scripting” Filters Examined. It's being reported that Yahoo's free email service is now changing certain words in email messages, supposedly to stop “cross-site scripting attacks”. A good source of information is this article at Need To Know, linked to by (among others) Slashdot, where, predictably, discussion has sprung up about the ethical implications of unseen filtering of personal correspondence (a quick search through Yahoo's help pages turned up no information about this filtering that I could see). What's lacking in the articles I've seen, though, is an examination of just how this filtering is working, so I've spent a little bit of time fiddling with it to find out exactly what's going on. [kuro5hin.org]