Submission + - Gravatars can leak users' email addresses (developer.it)
abell writes: Gravatar offers a global avatar service, using a MD5 hash of the user's email as avatar ID. This piece of information in some cases is enough to retrieve the original email address. Testing a simple attack on stackoverflow.com, I was able to get the email address of more than 10% of the site's users.
