AsciiBin: email notifications threat
Here is my conversation with Jordan via email. I let myself extrapolate the meaning since the original quotes would not be understandable. Everyone feel free to discuss.
I started with testing AsciiBin. I posted some blabla and entered Jordan's email into notification option. Result? He got like 20+ spam emails from his own server (me lols) regarding the nonsense things he (presumably) pasted in.
After some convo with Jordan I came up with some idea, here a quote:
What do you all think, folks?Perhaps a solution similar to Syncplicity would do. When you send with notify, you receive only 1 email stating: A new account has been automaticaly created for you. All your pasted notes are there. Click the link below to log in.
proudly presenting my personal website and game website: F1Simulation. a thrilling Managed DirectX racing game... also my Ask Me
look at my tutorials about cropping images and Mono: bundling Mono with programs and lambda expressions
What is everyones take on the situation? If you want to simulate what Arek did, go to ASCIIBin -> Copy/Paste between computers and devices, make URLs small, Microblog, share code and type anything in the box. Under advanced options enter an email (Arek entered mine, I didn't lol,) and press send a billion times. You've just spammed someone from me (or my server, rather).
How would you handle the situation? What do you think should be? Do you think Arek's solution will work?
hmm,
funny, i spammed you jordan
well the problem is more complicated than that, in the beginning i was going to say that sending the same bin to the same email would be prohibited but i noticed that everytime i press submit , a new bin was created! 0.0
and because of that , the only thing that i would do is to make it harder to send it in email, like forwarding the bin creator to another form or page where he/she can select a specific bin to send to a specific email, when he/she sends the email he is taken back to home(the page)
yo homie i heard you like one-line codes so i put a one line code that evals a decrypted one line code that prints "i love one line codes"
www.amrosama.com | the unholy methods of javascriptCode:eval(base64_decode("cHJpbnQgJ2kgbG92ZSBvbmUtbGluZSBjb2Rlcyc7"));
I think Amrosama has a good point. If sending one email will take enough time and effort, then people will give up after few tries. That is an acceptable solution.
But I still think that my solution seems a bit more, hmm, interesting.
proudly presenting my personal website and game website: F1Simulation. a thrilling Managed DirectX racing game... also my Ask Me
look at my tutorials about cropping images and Mono: bundling Mono with programs and lambda expressions
I was thinking of allowing only registered members to "remind" themselves. It would use the email they subscribed with instead of allowing them to enter an email address.
I would say that:
1) you have to be logged in
2) you can only "spam" yourself.
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
LinkBack URL
About LinkBacks
Bookmarks