There is nothing difficult about the right course of action here: Don't send the password. Disable this silly default.
The attitude expressed in these replies is a disgrace to the profession of software security, and a disgrace to the list. It doesn't matter whether or not I "should" be using a unique password. I might not be, and even if I am, a nerd next to me shouldn't be able to change my subscription settings because of the listserv's idiotic setting. It is NOT the user's responsibility to compensate for the incompetence of sys admins or software developers. They are the ones who are failing their jobs. - Greg -- Please do not email me anything that you are not comfortable also sharing with the NSA. On Oct 1, 2013, at 12:03 PM, Lodewijk andré de la porte <l...@odewijk.nl> wrote: > It's reasonable as it's not a security sensitive environment. Please for the > love of god let some environments stay low-sec. > > > 2013/10/1 Nick <cryptography-l...@njw.me.uk> > On Tue, Oct 01, 2013 at 10:28:48AM -0400, Greg wrote: > > So, my password, iPoopInYourHat, is being sent to me in the clear by your > > servers. > > All mailman lists do this by default. It does tell you on the sign > up page that it will do so, and that you shouldn't use a 'valuable' > (e.g. used elsewhere) password - see > http://www.metzdowd.com/mailman/listinfo/cryptography > > It is an annoying default, but so long as you don't use a password > attached to anything else you care about, I don't think it should be > too much of a worry. > _______________________________________________ > The cryptography mailing list > cryptography@metzdowd.com > http://www.metzdowd.com/mailman/listinfo/cryptography > > _______________________________________________ > The cryptography mailing list > cryptography@metzdowd.com > http://www.metzdowd.com/mailman/listinfo/cryptography
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography
