On Tue, 2014-07-01 at 06:02 -0700, Chris J Brady wrote: > In a master stroke of security - or rather in an appalling LACK of > security - the mailing list owners / moderators have just sent me an > email confirming my membership - which included MY PASSWORD IN PLAIN > TEXT.
Sending such a reminder every month is normal for most mailman lists. You'll have been getting one of those every month since you first subscribed. That's why there's a bloody great warning on the subscription page where you enter your password, which says: You may enter a privacy password below. This provides only mild security, but should prevent others from messing with your subscription. Do not use a valuable password as it will occasionally be emailed back to you in cleartext. The "Do not use a valuable password" bit appears to be in bold... > For such a mailing list of potentially legally sensitive subject > matter - i.e. how to hack the BBC's servers - this is an unacceptable > breach of security. No. Acceptable subject matter on this list does not include, and has never included, the hacking of the BBC's servers. -- dwmw2
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ get_iplayer mailing list get_iplayer@lists.infradead.org http://lists.infradead.org/mailman/listinfo/get_iplayer