Skip to main content

ralph-reed-and-email-security

(0 comments)

The Radical Georgia Moderate blog has a post about accidentally getting access to a Ralph Reed campaign email account.
This morning, I received another unsolicited e-mail newsletter from the Ralph Reed for Lt. Governor campaign. So, I wrote a brief reply to info@ralphreed.com that included a link to the post on my web site where I chastized it for adding my e-mail address to the list without permission. A few hours later, I looked in my Statcounter and saw a hit from the mail.ralphreed.com domain. I clicked the link, and to my shock found that I had full access to the campaign’s e-mail (from the info@ralphreed.com address, anyway). I assume I was granted access because a non-expired session ID was in the URL, but that still is an unacceptably low level of security.

Currently unrated

Comments

There are currently no comments

New Comment

required

required (not published)

optional

Recent Posts

Archive

2021
2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008

Categories

Tags

Authors

Feeds

RSS / Atom