yet another strike against match.com in my book.
On Thu, Jun 25, 2009 at 8:05 AM, Lisa Kachold<
lisakachold@obnosis.com> wrote:
> <p>
> Match.com, the popular paid online "secure" dating site, was found to
> reveal private email addresses during messaging.</p>
> <p>
> Email Reply headers in the Messages reading pane reveal the "outside"
> email of the dating parties to each other. So my reading pane shows
> clearly at the top of an email Match.com "Message" thread:</p>
> <p>
> Date: Wed, 24 Jun 2009 23:18:23 -0500</p><p>
> From: obnosis@talkmatch.com</p><p>
> To: pairaway@hotmail.com</p><p>
> Subject: Match.com Message: RE: Itsadate</p><p>
> </p>
> <p>
> So, I "obnosis@talkmatch" (obfuscated email Match.com only email
> address) would immediately know that a man identified only by his
> Match.com screen name, was really "pairaway@hotmail.com". And
> alternately he would also be able to see my outside email address in
> his Messages reading pane.</p>
> <p>
> While at the same time, the bottom of the email Match.com "Message"
> thread their application tacks on a nice DISCLAIMER:</p>
> <pre>
> ------start------
> Important tips: Protect your privacy
>
> Our email system strips away your real email address so that the
> recipient will NOT see it in the
> From: line; however, you must...
> • Remove any mention of your email address from the body of your message.
> • Remove or turn off any automatic signature at the end of your email.
> • Avoid using Cc: or Bcc: to help protect your identity.
> If you receive an email that you find offensive or contains
> advertisements for products or services other than Match.com, please
> forward the message immediately to abuse@cc.match.com.
> If you no longer wish to receive communication from this person you
> can block this user from further contact here.
>
>
> DISCLAIMER
> Match.com does not screen private email between members, nor are we
> liable for the content of these messages. All members are bound by the
> Match.com Service Agreement.
>
> ---end----
> </pre>
> <p>
> Match.com was informed on June 25, 2009 with screenshots. They have
> yet to respond to this serious security application layer issue.</p>
>
> Screenshot: http://www.obnosis.com/motivatebytruth/match_shows_outside_email.jpg
> --
> (503)754-4452 tribe.obnosis.com
> scientology.obnosis.com
> plug.obnosis.com
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
--
A mouse trap, placed on top of your alarm clock, will prevent you from
rolling over and going back to sleep after you hit the snooze button.
Stephen
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
%20would%20immediately%20know%20that%20a%20man%20identified%20only%20by%20his%0A>%20>%20Match.com%20screen%20name,%20was%20really%20%22pairaway@hotmail.com%22.%20%C2%A0And%0A>%20>%20alternately%20he%20would%20also%20be%20able%20to%20see%20my%20outside%20email%20address%20in%0A>%20>%20his%20Messages%20reading%20pane.</p>%0A>%20>%20<p>%0A>%20>%20While%20at%20the%20same%20time,%20the%20bottom%20of%20the%20email%20Match.com%20%22Message%22%0A>%20>%20thread%20their%20application%20tacks%20on%20a%20nice%20DISCLAIMER:</p>%0A>%20>%20<pre>%0A>%20>%20------start------%0A>%20>%20Important%20tips:%20Protect%20your%20privacy%0A>%20>%0A>%20>%20Our%20email%20system%20strips%20away%20your%20real%20email%20address%20so%20that%20the%0A>%20>%20recipient%20will%20NOT%20see%20it%20in%20the%0A>%20>%20From:%20line;%20however,%20you%20must...%0A>%20>%20%C2%A0%20%C2%A0%20%C2%A0%20%C2%A0%E2%80%A2%20Remove%20any%20mention%20of%20your%20email%20address%20from%20the%20body%20of%20your%20message.%0A>%20>%20%E2%80%A2%20Remove%20or%20turn%20off%20any%20automatic%20signature%20at%20the%20end%20of%20your%20email.%0A>%20>%20%E2%80%A2%20Avoid%20using%20Cc:%20or%20Bcc:%20to%20help%20protect%20your%20identity.%0A>%20>%20If%20you%20receive%20an%20email%20that%20you%20find%20offensive%20or%20contains%0A>%20>%20advertisements%20for%20products%20or%20services%20other%20than%20Match.com,%20please%0A>%20>%20forward%20the%20message%20immediately%20to%20abuse@cc.match.com.%0A>%20>%20If%20you%20no%20longer%20wish%20to%20receive%20communication%20from%20this%20person%20you%0A>%20>%20can%20block%20this%20user%20from%20further%20contact%20here.%0A>%20>%0A>%20>%0A>%20>%20DISCLAIMER%0A>%20>%20Match.com%20does%20not%20screen%20private%20email%20between%20members,%20nor%20are%20we%0A>%20>%20liable%20for%20the%20content%20of%20these%20messages.%20All%20members%20are%20bound%20by%20the%0A>%20>%20Match.com%20Service%20Agreement.%0A>%20>%0A>%20>%20---end----%0A>%20>%20</pre>%0A>%20>%20<p>%0A>%20>%20Match.com%20was%20informed%20on%20June%2025,%202009%20with%20screenshots.%20%C2%A0They%20have%0A>%20>%20yet%20to%20respond%20to%20this%20serious%20security%20application%20layer%20issue.</p>%0A>%20>%0A>%20>%20Screenshot:%20http://www.obnosis.com/motivatebytruth/match_shows_outside_email.jpg%0A>%20>%20--%0A>%20>%20(503)754-4452%20tribe.obnosis.com%0A>%20>%20scientology.obnosis.com%0A>%20>%20plug.obnosis.com%0A>%20>%20---------------------------------------------------%0A>%20>%20PLUG-discuss%20mailing%20list%20-%20PLUG-discuss@lists.plug.phoenix.az.us%0A>%20>%20To%20subscribe,%20unsubscribe,%20or%20to%20change%20your%20mail%20settings:%0A>%20>%20http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss%0A>%20>%0A>%20%0A>%20%0A>%20%0A>%20--%20%0A>%20A%20mouse%20trap,%20placed%20on%20top%20of%20your%20alarm%20clock,%20will%20prevent%20you%20from%0A>%20rolling%20over%20and%20going%20back%20to%20sleep%20after%20you%20hit%20the%20snooze%20button.%0A>%20%0A>%20Stephen%0A>%20---------------------------------------------------%0A>%20PLUG-discuss%20mailing%20list%20-%20PLUG-discuss@lists.plug.phoenix.az.us%0A>%20To%20subscribe,%20unsubscribe,%20or%20to%20change%20your%20mail%20settings:%0A>%20http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss%0A>%20%0A>%20 "Reply to this message")
(text/plain)