Educause Security Discussion mailing list archives
Re: Email marketing keys and contact information privacy
From: Jason Frisvold <frisvolj () LAFAYETTE EDU>
Date: Wed, 1 Apr 2009 06:57:01 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Jason Frisvold wrote:
If it's unsolicited, then personally, I find it completely unacceptable. I have no control in that situation and there's no guarantee I'll even get the initial email. And while random tokens are relatively secure from an enumeration standpoint, there is always the random chance that someone stumbles upon it and gains access to my information.
Thinking more on this... It might be acceptable if the initial token triggered an email with a secondary token to gain access to the system... This may be too complex, or too in-depth for the average user, though. Either way, an unsolicited email with a link leading me to my personal information makes me think scam/phish scheme.. - -- - --------------------------- Jason Frisvold Network Engineer frisvolj () lafayette edu - --------------------------- "What I cannot create, I do not understand" - Richard Feynman -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with CentOS - http://enigmail.mozdev.org iD8DBQFJ00h9O80o6DJ8UvkRAgBJAJ9ByqoMYjYuQ3Omh84qL808S4TE+ACbBxn4 A7gwVoRktXxxD/WYt8ckpBk= =Omz8 -----END PGP SIGNATURE-----
Current thread:
- Re: Email marketing keys and contact information privacy Jason Frisvold (Apr 01)
- <Possible follow-ups>
- Re: Email marketing keys and contact information privacy Jason Frisvold (Apr 01)