Does anyone have insight on how this works? Do you just sue the pants off of the execs, or the lawyers who did due diligence, or the SREs maybe? Do the clawback the difference in goodwill + legal costs from the selling investors?

Is there recourse at all?

It'll probably the some poor schmuck SRE getting the blame, like always, right?

There'll be a small chunk of the purchase price left in escrow for a year for any extra liabilities that weren't discovered in DD. They'll be claiming that. But it won't be much.

It works like this: lawyers come up with a security checklist. Managers make sure the checkboxes are checked. Engineers are all ignored because fuck you, your opinion isn’t on the checklist.

It’s security theatrics, not actual security. And if you stand up for something more, get ready to quit because you won’t be listened to.

I used to work at aol. Neither company trusted the others networks or security processes. Integration planning meetings were like negotiating a prisoner exchange.

No remorse, VZ got a discount on the purchase price based on this issue.

So the article (and Verizon?) is lying that new evidence has come to light - Verizon and v Yahoo knew when they negotiated the sale?

The new information is that it was bigger than they revealed/knew/said/whatever before. Verizon's discount was based on the earlier, smaller number.