On Tue, 2014-07-01 at 06:02 -0700, Chris J Brady wrote: > In a master stroke of security - or rather in an appalling LACK of > security - the mailing list owners / moderators have just sent me an > email confirming my membership - which included MY PASSWORD IN PLAIN > TEXT.
Sending such a reminder every month is normal for most mailman lists.
You'll have been getting one of those every month since you first
subscribed.
That's why there's a bloody great warning on the subscription page where
you enter your password, which says:
You may enter a privacy password below. This provides only mild
security, but should prevent others from messing with your
subscription. Do not use a valuable password as it will
occasionally be emailed back to you in cleartext.
The "Do not use a valuable password" bit appears to be in bold...
> For such a mailing list of potentially legally sensitive subject
> matter - i.e. how to hack the BBC's servers - this is an unacceptable
> breach of security.
No. Acceptable subject matter on this list does not include, and has
never included, the hacking of the BBC's servers.
--
dwmw2
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ get_iplayer mailing list get_iplayer@lists.infradead.org http://lists.infradead.org/mailman/listinfo/get_iplayer
