Is LogMeIn leaking email addresses?

by @edent | # # | 2 comments | Read ~271 times.
Fraud alert warning signs.

Like all security minded people, I use a unique email address for every service I sign up to. This week, I noticed I had started receiving spam to an email address associated with my Join.me account. Join.me is a screen sharing service now owned by LogMeIn. I signed up for a trial of Join.me back… Continue reading →

102KB ought to be enough for any email

by @edent | # # # # | 9 comments | Read ~4,060 times.
Raw HTML in the middle of an email.

Another day, another Gmail bug which won't get fixed. The original Android phone - HTC Dream - had 192MB of RAM. The latest Android phones tend to have 6GB. A 32 times increase in a decade. Laptops have also leapt forwards in speed and memory. Sadly, no one on the Gmail team has noticed. It's… Continue reading →

€100 Bug Bounty from Intigriti - please stop tracking your confirmation emails!

by @edent | # # # # # | 1 comment | Read ~396 times.
Weird confrimation address.

There's a new bug bounty provider in town! The Belgian company Intigriti. This is a quick write-up of how I found a trivial bug in their own system. The EU has announced that it is providing funding for bug bounties on critical open source projects. They've split the programme between HackerOne and Intigriti. I signed… Continue reading →

MailChimp leaks your email address

by @edent | # # # # | 7 comments | Read ~4,262 times.
Change email address page with obscured email address

An annoying privacy violation from leading email newsletter company MailChimp. Responsibly disclosed on 2017-12-04. When you click a link on a webpage or an email, your browser opens up that link and sends the newly visited webpage a Referer Header. (The misspelling is a historical artefact.) This says "Hello new site, I was referred here… Continue reading →

Would you fall for this phishing scam?

by @edent | # # # # # | 5 comments | Read ~2,296 times.

Gmail is usually pretty good at stopping spam from reaching my inbox. When it slips up, it reminds me of just how terrifying the modern internet is. Early one morning, I received this email from someone I know (details redacted by me). It came from his email, it has his signature at the bottom. This… Continue reading →

Interesting Email Metadata

by @edent | # # # | 3 comments | Read ~595 times.

For many years, my email footer said "Sent via my Casio cPhone" - my attempt to poke fun at the users who hadn't updated their iPhone's default email signature. This leads to an interesting question: Is there an easy way to see what device an email is sent from? If I type the attached on… Continue reading →

Why can't you send email to a Chinese address?

by @edent | # # # # | 4 comments | Read ~3,253 times.

We all know what an email address looks like and how to validate them, right? A few years ago I got the Chinese domain name 莎士比亚.org. You can browse to it, link to it, and send email to it. Or can you? When I tried two years ago, none of the major email providers supported… Continue reading →

Don't Use Bit.ly To Advertise Your PGP Key

by @edent | # # # # # | 2 comments | Read ~2,752 times.

I had dinner with the outgoing editor of The Guardian the other night. Clever chap, sure he'll go far in life. The Guardian is very hot on security. Many of their writers have PGP keys which they publicly advertise. In theory, that's great (complaints about PGP notwithstanding) - but the reality shows just how tricky… Continue reading →

Episode 10: Better Email #CampaignForRealEmail

by @edent | # # #

Does your email suck? Chris Woods has some suggestions on how to fix it. Check out his Better Emails tool for Outlook. Get About A Minute as soon as each episode goes live. Stick this Podcast Feed into your podcatcher Or you can Subscribe on iTunes Intro music "Gran Vals" performed by Brian Streckfus. Stopwatch… Continue reading →

Dark Patterns - Opt-Out / Opt-In

by @edent | # # # # | Read ~850 times.

Hanlon's Razor states, "Never attribute to malice that which is adequately explained by stupidity." It would be nice to think that all mistakes and errors we encounter are just the result of bone-headedness. Sadly, that's not the case. Quite often malicious people deliberately try to trick you into taking actions you would normally have ignored.… Continue reading →