If you consider that Slashdot's advertisers include the likes of Microsoft, then this list of their poster's e-mail addresses is a very valuable Google search indeed: "by * 0..1e+07 * gmail|hotmail|yahoo com|org|net on" site:slashdot.org
google.com/search?num=100& ...
Whatever address obfuscation system they are using is not being applied very consistently. |
yeah thats a pretty nasty thing to be left open!1 |
It looks like more people on /. is using Gmail than Yahoo and Hotmail. |
Or google.com/search?num=100& ...
Slashdot has an option to "Show your real email address without cowering behind childish anonymity or obfuscation." but I doubt many people actually selected it. My own address is presently listed in those Google results (although I have now disabled it on Slashdot)
Since obfuscation techniques are applied randomly to each shown address, you only have to look through a small sample of slashdot e-mail addresses in order to learn of all them.
Here are the techniques you have to decode:
user domain.com `moc.user' `ta' `domain' userNO SPAMdomain.com user domain.cLISPom minus language (LISP, COBOL, etc...) user domainQUOTE.com minus punct user![[put at-character here]](image/at.gif) ![[put at-character here]](image/at.gif) domain...com user AT domain DOT com user NospAm.domain.com (user) (at) (domain.com) [user] [at] [domain.com] user&domain,com user dom3.14ain.com minus pi user do[ ]n.com ['mai' in gap]
This is security by obscurity at its worst. What is the use of randomly inserting LISP or COBOL into such a lame obfuscation technique?
For those that read this far, here's the code I used. It's only two hours away from having every single e-mail on slashdot: pastebin.ca/309575
|
This is possibly even worse on Wikipedia. If you "Enable e-mails from other users," there is a special form that you can fill out that does not expose that user's e-mail address to you. But if you then check "Send me copies of emails I send to other users," then the e-mail address is available as plain text in the copy of the e-mail you receive.
An e-mail harvester would only have to create a dummy account and cycle through every single account, trying to send e-mails. |
The example queries of Brian Mingus and Jake's View include information about the Safari browser...
google . com/search?num=100&hl=en&lr=&__client=safari&__ etc.
It doesn't affect to the results, but Google get information about Safari clients when people click these links, and they are not Safari users ;-) |
And I am actually using Konqueror, not Safari :) I used to strip all that out, but why bother? |
I use Firefox when I can, but right now I am on the Kubuntu live cd. |
Brian can you explain the "0..1e+07" part of your search query? |
Brian, this was only related to statistics collected by Google. You can forget the issue! |
It's just an expression that says "match any number."
Technically, it's: 0..1.797693134862e+308
(Returning 17 billion docs) |