lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Wed Aug 10 14:54:05 2005
From: toddtowles at brookshires.com (Todd Towles)
Subject: Plaxo?

> One small problem that may not have been noticed with Plaxo. 
> If the Plaxo using person decides to do so,  you can be a 
> non-Plaxo using person on that externally managed address 
> book with full email address also in there, added by the 
> Plaxo user. I have received "I have updated my Plaxo" for 
> whatever was updated, by several customers, at my help line 
> email address and have checked it out when at their premises. 
> Sure enough, there is my email address externally managed.
> 
> So, whether you allow Plaxo or not, if some user outside of 
> your company has all your email addresses within your company 
> on their computer, it has also likely been added to Plaxo by 
> them whether you like it or not.

Of course this would lead to increased spam and viruses at your mail
server, due to the spreading of e-mail addresses to computers that are
managed by people that aren't exactly security focused. Like I need
more...your computer is infected with a virus...junk mail.

-Todd

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ