And yes, again someone turns this into an Android vs. Apple war. 'Some idiots talked about Apple in an irrational, sensationalist way a while back, so now we can do the same thing with Android!' is basically your argument here. Please, leave Apple out of this.

Well, the OP did say something about MD5 which was a little bit silly. Should he/she be mocked for this? No, I don't like mockery, not everyone can be an expert in everything of course, and I rather prefer a rational discussion in any case. On the other hand, I do find it strange that the /. editors managed to let this pass without a little bit of critical thought (apparently).

Now, whether or not obfuscation is a good or bad idea is up for a lot of discussion. In any case, it is in no way stupid to think about and discuss the risks of plain-text password storage -- I'm pretty sure that a lot of users won't be aware of them. I also think that adding a thin layer of obfuscation does not really improve the situation, and it certainly doesn't solve the problem... but that is just MHO.

You are right; writing code is probably not something that combines with reading slashdot too well.

However, in my experience, thinking about code does. I'll often spend an hour or more just sitting there, staring ahead, reading slashdot a bit, continually working on [the problem] at the back of my head, and then afterwards, write better code than if I hadn't.

Yes. I conjecture that the only reason my current counter-measures (and that of GP) work reasonably well is because so many people use worse counter-measures -- which makes it less necessary for spammers to outsmart them (yet). It's not a solution, and by definition only works for a relatively small part of the population of email users.

Also:
(x) It would make DDOS attacks abusing the system extremely easy.

(basically, the system reduces to a simple blacklist, which is automatically updated based on spam-reports)