abell - Slashdot User

Follow Slashdot blog updates by subscribing to our blog RSS feed

Submission Summary: 0 pending, 1 declined, 1 accepted (2 total, 50.00% accepted)

Submission + - Gravatars can leak users' email addresses (developer.it)

Submitted by abell on Tuesday December 15, 2009 @07:06PM

abell writes: Gravatar offers a global avatar service, using a MD5 hash of the user's email as avatar ID. This piece of information in some cases is enough to retrieve the original email address. Testing a simple attack on stackoverflow.com, I was able to get the email address of more than 10% of the site's users.

« Newer Older »

Slashdot Top Deals

Every young man should have a hobby: learning how to handle money is the best one. -- Jack Hurley