Jump to content


Check out our Community Blogs

Register and join over 40,000 other developers!


Recent Status Updates

View All Updates

Photo
- - - - -

AsciiBin: email notifications threat

ascii

  • Please log in to reply
5 replies to this topic

#1 ArekBulski

ArekBulski

    CC Devotee

  • Senior Member
  • PipPipPipPipPipPip
  • 480 posts

Posted 17 April 2009 - 08:22 AM

Here is my conversation with Jordan via email. I let myself extrapolate the meaning since the original quotes would not be understandable. Everyone feel free to discuss. :)

I started with testing AsciiBin. I posted some blabla and entered Jordan's email into notification option. Result? He got like 20+ spam emails from his own server (me lols) regarding the nonsense things he (presumably) pasted in.

After some convo with Jordan I came up with some idea, here a quote:

Perhaps a solution similar to Syncplicity would do. When you send with notify, you receive only 1 email stating: A new account has been automaticaly created for you. All your pasted notes are there. Click the link below to log in.


What do you all think, folks?
  • 0

#2 Guest_Jordan_*

Guest_Jordan_*
  • Guest

Posted 17 April 2009 - 09:42 AM

What is everyones take on the situation? If you want to simulate what Arek did, go to ASCIIBin -> Copy/Paste between computers and devices, make URLs small, Microblog, share code and type anything in the box. Under advanced options enter an email (Arek entered mine, I didn't lol, :)) and press send a billion times. You've just spammed someone from me (or my server, rather).

How would you handle the situation? What do you think should be? Do you think Arek's solution will work?
  • 0

#3 amrosama

amrosama

    CC Mentor

  • VIP Member
  • PipPipPipPipPipPipPipPip
  • 2765 posts

Posted 17 April 2009 - 10:03 AM

hmm,
funny, i spammed you jordan :D
well the problem is more complicated than that, in the beginning i was going to say that sending the same bin to the same email would be prohibited but i noticed that everytime i press submit , a new bin was created! 0.0
and because of that , the only thing that i would do is to make it harder to send it in email, like forwarding the bin creator to another form or page where he/she can select a specific bin to send to a specific email, when he/she sends the email he is taken back to home(the page)
  • 0
yo homie i heard you like one-line codes so i put a one line code that evals a decrypted one line code that prints "i love one line codes"
eval(base64_decode("cHJpbnQgJ2kgbG92ZSBvbmUtbGluZSBjb2Rlcyc7"));
www.amrosama.com | the unholy methods of javascript

#4 ArekBulski

ArekBulski

    CC Devotee

  • Senior Member
  • PipPipPipPipPipPip
  • 480 posts

Posted 17 April 2009 - 10:08 AM

I think Amrosama has a good point. If sending one email will take enough time and effort, then people will give up after few tries. That is an acceptable solution. ;)

But I still think that my solution seems a bit more, hmm, interesting. :)
  • 0

#5 Guest_Jordan_*

Guest_Jordan_*
  • Guest

Posted 17 April 2009 - 10:21 AM

I was thinking of allowing only registered members to "remind" themselves. It would use the email they subscribed with instead of allowing them to enter an email address.
  • 0

#6 WingedPanther73

WingedPanther73

    A spammer's worst nightmare

  • Moderator
  • 17757 posts
  • Location:Upstate, South Carolina
  • Programming Language:C, C++, PL/SQL, Delphi/Object Pascal, Pascal, Transact-SQL, Others
  • Learning:Java, C#, PHP, JavaScript, Lisp, Fortran, Haskell, Others

Posted 17 April 2009 - 11:13 AM

I would say that:
1) you have to be logged in
2) you can only "spam" yourself.
  • 0

Programming is a branch of mathematics.
My CodeCall Blog | My Personal Blog

My MineCraft server site: http://banishedwings.enjin.com/






Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download