[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Full-disclosure] Plaxo?

To: "Greg" <full-disclosure@xxxxxxxxxxxxxxxxx>, <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: RE: [Full-disclosure] Plaxo?
From: "Todd Towles" <toddtowles@xxxxxxxxxxxxxxx>
Date: Wed, 10 Aug 2005 08:53:54 -0500

> One small problem that may not have been noticed with Plaxo. 
> If the Plaxo using person decides to do so,  you can be a 
> non-Plaxo using person on that externally managed address 
> book with full email address also in there, added by the 
> Plaxo user. I have received "I have updated my Plaxo" for 
> whatever was updated, by several customers, at my help line 
> email address and have checked it out when at their premises. 
> Sure enough, there is my email address externally managed.
> 
> So, whether you allow Plaxo or not, if some user outside of 
> your company has all your email addresses within your company 
> on their computer, it has also likely been added to Plaxo by 
> them whether you like it or not.

Of course this would lead to increased spam and viruses at your mail
server, due to the spreading of e-mail addresses to computers that are
managed by people that aren't exactly security focused. Like I need
more...your computer is infected with a virus...junk mail.

-Todd
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: Re: [Full-disclosure] "responsible disclosure" explanation (an exampleof the fallacy of idealistic thought)
Next by Date: [Full-disclosure] Evolution multiple remote format string bugs
Previous by thread: Re: RES: [Full-disclosure] The best 0-day exploit source
Next by thread: [Full-disclosure] Evolution multiple remote format string bugs
Index(es):
- Date
- Thread