Re: leaking

[KUIJPERS Jimmy <jimmy.kuijpers () swift com>]

Why a "cryptographically-secure way of generating new email" ??

I will just use a clean installation of an e-mail client and configure it with a freshly created e-mail account. (not a 
free one,
but from my ISP so I know it won't be targeted by spam senders already).

Then in that e-mail account I will open the e-mail message and "render the html", letting the sender know my e-mail 
address exists.

I see no reason whatsoever why I should generate the e-mail address in a cryptographic manner... .whatever that may 
mean (since when
do we create an email address via a "cryptographically-secure" way and what is the relevance?

There is no way for the sender of the mail to know whether or not my created e-mail address is part of the FD list or 
not since they
are not disclosed, if that's your concern.

Sorry if I'm totally missing the obvious or something, but I don't understand your point.


Regards,
Jimmy

Dave Horsfall wrote:

> On Wed, 12 May 2004, KUIJPERS Jimmy wrote:
>
> > I will open the e-mail with a mail client with a new e-mail address
> > (when I get home tonight) and see how much spam I will receive. I will
> > give a report when I receive some significant spam or if I have not
> > received any spam for days and days.
>
> Unless you have a cryptographically-secure way of generating new email
> addresses, you will not have proved anything.
>
> -- Dave
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html