Skip to main content

ralph-reed-and-email-security

The Radical Georgia Moderate blog has a post about accidentally getting access to a Ralph Reed campaign email account.
This morning, I received another unsolicited e-mail newsletter from the Ralph Reed for Lt. Governor campaign. So, I wrote a brief reply to info@ralphreed.com that included a link to the post on my web site where I chastized it for adding my e-mail address to the list without permission. A few hours later, I looked in my Statcounter and saw a hit from the mail.ralphreed.com domain. I clicked the link, and to my shock found that I had full access to the campaign’s e-mail (from the info@ralphreed.com address, anyway). I assume I was granted access because a non-expired session ID was in the URL, but that still is an unacceptably low level of security.

Current rating: 1

Recent Posts

Archive

2024
2022
2021
2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008

Categories

Tags

Authors

Feeds

RSS / Atom