Re: [liberationtech] Allout.org requires email address in "anonymous" LGBT survey
As a social engineer, one wonders about the agenda of an organization that calls itself "all out" doing this kind of BS so...coyly. What an unfortunate mistake on their part! Imagine if someone had set such a thing up as a honeypot. Indeed. Some people believe we should be all out...it would be better for all of us as queerfolk... I can see where such a mistake might make people uneasy. SN Shava Nerad shav...@gmail.com On Mar 19, 2013 4:54 PM, "Uncle Zzzen" wrote: > The latest news at https://aopriv.jottit.com/ is that allout.org have > deleted the problematic survey. > The interesting thing is that Andre Banks from AllOut says: > > I just heard about the potential security issue you wrote about below > through an advisor who is on the LibTech list > > So thanks to whoever it was for explaining to AllOut how serious the > problem was. > > This is a fine example of the importance of this list. > > Cheers, > The Dod. > > On Tue, Mar 19, 2013 at 12:33 AM, Uncle Zzzen > wrote: > > AllOut.org, a large LGBT org, are asking their members to join an > > "anonymous survey" that asks for sensitive information, and an email > > address is one of the required fields. > > > > One of the members wrote them an email about it, got an unsatisfactory > > reply, mailed them again, no reply since. > > > > I've advised this person to put the whole email exchange etc. on a > > jottit page so that it's easier to spread via social media etc. > > > > It's at https://aopriv.jottit.com/ > > > > Any idea how to proceed from here? > > > > Thanks, > > The Dod > -- > Too many emails? Unsubscribe, change to digest, or change password by > emailing moderator at compa...@stanford.edu or changing your settings at > https://mailman.stanford.edu/mailman/listinfo/liberationtech > -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Allout.org requires email address in "anonymous" LGBT survey
The latest news at https://aopriv.jottit.com/ is that allout.org have deleted the problematic survey. The interesting thing is that Andre Banks from AllOut says: > I just heard about the potential security issue you wrote about below through > an advisor who is on the LibTech list So thanks to whoever it was for explaining to AllOut how serious the problem was. This is a fine example of the importance of this list. Cheers, The Dod. On Tue, Mar 19, 2013 at 12:33 AM, Uncle Zzzen wrote: > AllOut.org, a large LGBT org, are asking their members to join an > "anonymous survey" that asks for sensitive information, and an email > address is one of the required fields. > > One of the members wrote them an email about it, got an unsatisfactory > reply, mailed them again, no reply since. > > I've advised this person to put the whole email exchange etc. on a > jottit page so that it's easier to spread via social media etc. > > It's at https://aopriv.jottit.com/ > > Any idea how to proceed from here? > > Thanks, > The Dod -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Allout.org requires email address in "anonymous" LGBT survey
Thanks. I'll tell the folks. On Tue, Mar 19, 2013 at 12:53 AM, R. Jason Cronk wrote: > Thanks for the heads up. > > FWIW, I tweeted it. > > https://twitter.com/PrivacyMaverick > > I may followup with a blog post about it. > > Jason > > > On 3/18/2013 1:33 PM, Uncle Zzzen wrote: > > AllOut.org, a large LGBT org, are asking their members to join an > "anonymous survey" that asks for sensitive information, and an email > address is one of the required fields. > > One of the members wrote them an email about it, got an unsatisfactory > reply, mailed them again, no reply since. > > I've advised this person to put the whole email exchange etc. on a > jottit page so that it's easier to spread via social media etc. > > It's at https://aopriv.jottit.com/ > > Any idea how to proceed from here? > > Thanks, > The Dod > -- > Too many emails? Unsubscribe, change to digest, or change password by > emailing moderator at compa...@stanford.edu or changing your settings at > https://mailman.stanford.edu/mailman/listinfo/liberationtech > > > > R. Jason Cronk, Esq., CIPP/US > Privacy Engineering Consultant, Enterprivacy Consulting Group > > phone: (828) 4RJCESQ > twitter: @privacymaverick.com > blog: http://blog.privacymaverick.com > > > -- > Too many emails? Unsubscribe, change to digest, or change password by > emailing moderator at compa...@stanford.edu or changing your settings at > https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Allout.org requires email address in "anonymous" LGBT survey
Thanks for the heads up. FWIW, I tweeted it. https://twitter.com/PrivacyMaverick I may followup with a blog post about it. Jason On 3/18/2013 1:33 PM, Uncle Zzzen wrote: AllOut.org, a large LGBT org, are asking their members to join an "anonymous survey" that asks for sensitive information, and an email address is one of the required fields. One of the members wrote them an email about it, got an unsatisfactory reply, mailed them again, no reply since. I've advised this person to put the whole email exchange etc. on a jottit page so that it's easier to spread via social media etc. It's at https://aopriv.jottit.com/ Any idea how to proceed from here? Thanks, The Dod -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech *R. Jason Cronk, Esq., CIPP/US* /Privacy Engineering Consultant/, *Enterprivacy Consulting Group* * phone: (828) 4RJCESQ * twitter: @privacymaverick.com * blog: http://blog.privacymaverick.com -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
[liberationtech] Allout.org requires email address in "anonymous" LGBT survey
AllOut.org, a large LGBT org, are asking their members to join an "anonymous survey" that asks for sensitive information, and an email address is one of the required fields. One of the members wrote them an email about it, got an unsatisfactory reply, mailed them again, no reply since. I've advised this person to put the whole email exchange etc. on a jottit page so that it's easier to spread via social media etc. It's at https://aopriv.jottit.com/ Any idea how to proceed from here? Thanks, The Dod -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech