Stories
Slash Boxes
Comments
NOTE: use Perl; is on undef hiatus. You can read content, but you can't post it. More info will be forthcoming forthcomingly.

All the Perl that's Practical to Extract and Report

The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
 Full
 Abbreviated
 Hidden
More | Login | Reply
Loading... please wait.
  • I found the following sentence in the article on bulk email:
    It's incredibly rude to send an email address from an email address that won't accept replies.
    Surely the first occurrence of "address" shouldn't be there?
    • Similar:

      The second option is less secure as anyone can intercept the email address and get access to the link, so the first option should be prefered. [dave.org.uk]

      I think you meant "anyone can intercept the email."

      Also, it was not apparent to me why the second option was less secure until I read rule 2. It was news to me (welcome news) that option 1 could be made more secure by leaving out the user name. You might want to reorder or reword things to make this more notable, because I'm betting a lot of otherwise perfectly competent people haven't realized this, and won't be thinking about it at the time that you remark on the difference in security.

      Of course, for the ultimate in security, your users should upload a public key during registration. Then you can send their password encrypted with their registered public key, perhaps to any email address they specify. This even overcomes the problem of users who have changed email addresses and have no access to the old address! But I expect it will be a long time before this approach becomes common, let alone regular.

      --
      J. David works really hard, has a passion for writing good software, and knows many of the world's best Perl programmers
      • I was going to name and shame the site that I dealt with this afternoon, but I wrote them a polite email explaining the problems and in less than 45 minutes I got a reply saying that these problems had already been noted and that they should be fixed by the end of the week. That's pretty good customer service so I won't embarass them by telling everyone who they are.

        Oh, and I think you should name and praise them, assuming this is actually fixed!

        --
        J. David works really hard, has a passion for writing good software, and knows many of the world's best Perl programmers
      • I saw that too, after I posted my comment here.

        It looks like davorg has a thing for the phrase "email address" when he just means "email". :)