How should couples handle joint email addresses?

by @edent | # # # | 5 comments | Read ~263 times.
Terence and Liz in front of Lasers at emfcamp.

For years, my email address was registered with our electricity supplier. I got the monthly bills sent to me. My wife's email was used for the water supplier. This made sense when we were a young couple with separate finances - but now we're a smug an old married couple, with a joint bank account,…

Continue reading →

How to rescue blocked files from Gmail

by @edent | # # # # | Read ~126 times.
Show Original option in Gmail.

Six years ago, I developed Android apps (APKs) which I emailed to myself. When I try to download them from Gmail today, I get this rather annoying error. Anti-virus warning – 1 attachment contains a virus or blocked file. Downloading this attachment is disabled. Google, in its efforts to protect me from myself, have retroactively…

Continue reading →

Is LogMeIn leaking email addresses?

by @edent | # # | 2 comments | Read ~289 times.
Fraud alert warning signs.

Like all security minded people, I use a unique email address for every service I sign up to. This week, I noticed I had started receiving spam to an email address associated with my Join.me account. Join.me is a screen sharing service now owned by LogMeIn. I signed up for a trial of Join.me back…

Continue reading →

102KB ought to be enough for any email

by @edent | # # # # | 9 comments | Read ~4,078 times.
Raw HTML in the middle of an email.

Another day, another Gmail bug which won't get fixed. The original Android phone - HTC Dream - had 192MB of RAM. The latest Android phones tend to have 6GB. A 32 times increase in a decade. Laptops have also leapt forwards in speed and memory. Sadly, no one on the Gmail team has noticed. It's…

Continue reading →

€100 Bug Bounty from Intigriti - please stop tracking your confirmation emails!

by @edent | # # # # # | 1 comment | Read ~449 times.
Weird confrimation address.

There's a new bug bounty provider in town! The Belgian company Intigriti. This is a quick write-up of how I found a trivial bug in their own system. The EU has announced that it is providing funding for bug bounties on critical open source projects. They've split the programme between HackerOne and Intigriti. I signed…

Continue reading →

MailChimp leaks your email address

by @edent | # # # # | 7 comments | Read ~4,281 times.
Change email address page with obscured email address

An annoying privacy violation from leading email newsletter company MailChimp. Responsibly disclosed on 2017-12-04. When you click a link on a webpage or an email, your browser opens up that link and sends the newly visited webpage a Referer Header. (The misspelling is a historical artefact.) This says "Hello new site, I was referred here…

Continue reading →

Would you fall for this phishing scam?

by @edent | # # # # # | 5 comments | Read ~2,305 times.

Gmail is usually pretty good at stopping spam from reaching my inbox. When it slips up, it reminds me of just how terrifying the modern internet is. Early one morning, I received this email from someone I know (details redacted by me). It came from his email, it has his signature at the bottom. This…

Continue reading →

Interesting Email Metadata

by @edent | # # # | 3 comments | Read ~627 times.

For many years, my email footer said "Sent via my Casio cPhone" - my attempt to poke fun at the users who hadn't updated their iPhone's default email signature. This leads to an interesting question: Is there an easy way to see what device an email is sent from? If I type the attached on…

Continue reading →

Why can't you send email to a Chinese address?

by @edent | # # # # | 4 comments | Read ~3,491 times.

We all know what an email address looks like and how to validate them, right? A few years ago I got the Chinese domain name 莎士比亚.org. You can browse to it, link to it, and send email to it. Or can you? When I tried two years ago, none of the major email providers supported…

Continue reading →

Don't Use Bit.ly To Advertise Your PGP Key

by @edent | # # # # # | 2 comments | Read ~2,758 times.

I had dinner with the outgoing editor of The Guardian the other night. Clever chap, sure he'll go far in life. The Guardian is very hot on security. Many of their writers have PGP keys which they publicly advertise. In theory, that's great (complaints about PGP notwithstanding) - but the reality shows just how tricky…

Continue reading →