Erik Noble has found a security issue in how the Radio UserLand comments server associates names and e-mail addresses: If anyone posts a comment and puts your e-mail address in the Email field, their name will appear with your address on every comment you made in the past.

Try it yourself by posting a comment on Erik's weblog with the e-mail address justsayno@tospam.com.

Comments

Gee, thanks. ;-)

Add a Comment

All comments are moderated before publication. These HTML tags are permitted: <p>, <b>, <i>, <a>, and <blockquote>. This site is protected by reCAPTCHA (for which the Google Privacy Policy and Terms of Service apply).