Confirming Membership of List

Colin Law clanlaw at gmail.com
Tue Jul 1 08:35:47 PDT 2014


On 1 July 2014 14:02, Chris J Brady <chrisjbrady at yahoo.com> wrote:
> In a master stroke of security - or rather in an appalling LACK of security - the mailing list owners / moderators have just sent me an email confirming my membership - which included MY PASSWORD IN PLAIN TEXT.
>
> For such a mailing list of potentially legally sensitive subject matter - i.e. how to hack the BBC's servers - this is an unacceptable breach of security.

How would anyone knowing your password to a public mailing list
compromise your security?

Colin



More information about the get_iplayer mailing list