I think everyone reading this post has accidentally messed up when sending an email, right? I noticed this story recently: The Metropolitan Police has apologised to victims of the Westminster "honeytrap" scandal after it accidentally sent an email which named all of them. … the sender, a detective sergeant in the Met’s Diplomatic and Parliamentary Protection unit, included the recipients’ names …
Continue reading →
Some people like to receive this blog via email. I previously used JetPack to send out subscriber messages - but it became increasingly clear that Automattic isn't a good steward of such things. I couldn't find any services which would let me send a few thousand subscribers a few emails per week, at zero cost. So, redecentralise! I installed phpList which is an open source email campaign tool. …
Continue reading →
The Interactive Advertising Bureau (IAB) is a standards development group for the advertising industry. Their members love tracking users. They want to know where you are, who you're with, what you're buying, and what you think. All so they can convince you to spend slightly more on toothpaste. Or change your political opinions. Either way, they are your adversaries. The IAB's tech lab is…
Continue reading →
Marketing really is crap. Recently, SE Railways sent this piece of email drivel to my wife: We don't have any kids, thankfully - and are not having any in the future. My wife was literally recovering from a sterilisation procedure when the email arrived. So it seemed a bit weird that they'd send her a message like that. My wife has never booked a child's fare. She's done nothing to indicate to …
Continue reading →
Every so often, I get a glimpse into the thought processes of someone who has a very different view of the world to me. I don't deal with people's personal information often. So I was surprised to receive an email with a multi-megabyte spreadsheet called "Pay and Bonuses 2020". The email contained this doozy of a sentence: “Due to GDPR the attached file is password protected, I will send the p…
Continue reading →
My Chinese takeaway delivery was late. Very late. I flipped open the confirmation email sent by Just-Eat to double-check I had all the details correct. At the bottom was a "click to call" link. Hurrah! I clicked dial, and this is what filled my screen: An absurdly long phone number. Bemused, I went to inspect the link I'd clicked. This is what it showed: The tel: URl scheme is brilliant. …
Continue reading →
For years, my email address was registered with our electricity supplier. I got the monthly bills sent to me. My wife's email was used for the water supplier. This made sense when we were a young couple with separate finances - but now we're a smug an old married couple, with a joint bank account, it's a bit annoying. We both want to see the bills, and we don't want to rely on the other…
Continue reading →
Six years ago, I developed Android apps (APKs) which I emailed to myself. When I try to download them from Gmail today, I get this rather annoying error. Anti-virus warning – 1 attachment contains a virus or blocked file. Downloading this attachment is disabled. Google, in its efforts to protect me from myself, have retroactively blocked certain filetypes from being downloaded. If you try to f…
Continue reading →
Like all security minded people, I use a unique email address for every service I sign up to. This week, I noticed I had started receiving spam to an email address associated with my Join.me account. Join.me is a screen sharing service now owned by LogMeIn. I signed up for a trial of Join.me back in 2012(!) and as far as I'm aware, never used it again. Checking my records, this piece of spam…
Continue reading →
Another day, another Gmail bug which won't get fixed. The original Android phone - HTC Dream - had 192MB of RAM. The latest Android phones tend to have 6GB. A 32 times increase in a decade. Laptops have also leapt forwards in speed and memory. Sadly, no one on the Gmail team has noticed. It's 2019, and Gmail app users are still seeing the dreaded "[Message Clipped] View entire message"…
Continue reading →
There's a new bug bounty provider in town! The Belgian company Intigriti. This is a quick write-up of how I found a trivial bug in their own system. The EU has announced that it is providing funding for bug bounties on critical open source projects. They've split the programme between HackerOne and Intigriti. I signed up to Intigriti, and instantly received a confirmation email. Can you…
Continue reading →
An annoying privacy violation from leading email newsletter company MailChimp. Responsibly disclosed on 2017-12-04. When you click a link on a webpage or an email, your browser opens up that link and sends the newly visited webpage a Referer Header. (The misspelling is a historical artefact.) This says "Hello new site, I was referred here by this previous website." This has some privacy…
Continue reading →