i was quite surprised to discover that no one had registered deleteduser [dot] com, and was curious to see how many emails i'd get if i registered it, assuming many orgs 'delete' logic probably just overwrote the email address with blahblah@deleteduser...
-
i was quite surprised to discover that no one had registered deleteduser [dot] com, and was curious to see how many emails i'd get if i registered it, assuming many orgs 'delete' logic probably just overwrote the email address with blahblah@deleteduser.com or similar.
The answer, is at least 3 different orgs in the hour that I've owned that domain and been listening for email.
And yes, all of those emails contain the actual PII of the person who has been 'deleted'
-
i was quite surprised to discover that no one had registered deleteduser [dot] com, and was curious to see how many emails i'd get if i registered it, assuming many orgs 'delete' logic probably just overwrote the email address with blahblah@deleteduser.com or similar.
The answer, is at least 3 different orgs in the hour that I've owned that domain and been listening for email.
And yes, all of those emails contain the actual PII of the person who has been 'deleted'
@SecureOwl we have a top level domain for this at home: .invalid
-
i was quite surprised to discover that no one had registered deleteduser [dot] com, and was curious to see how many emails i'd get if i registered it, assuming many orgs 'delete' logic probably just overwrote the email address with blahblah@deleteduser.com or similar.
The answer, is at least 3 different orgs in the hour that I've owned that domain and been listening for email.
And yes, all of those emails contain the actual PII of the person who has been 'deleted'
it has been well known for years why using made up but not correctly registered FQDNs or squatting on IP address space you don't own is just an outage or incident waiting to happen. yet, we keep seeing it, over and over and over...
-
i was quite surprised to discover that no one had registered deleteduser [dot] com, and was curious to see how many emails i'd get if i registered it, assuming many orgs 'delete' logic probably just overwrote the email address with blahblah@deleteduser.com or similar.
The answer, is at least 3 different orgs in the hour that I've owned that domain and been listening for email.
And yes, all of those emails contain the actual PII of the person who has been 'deleted'
-
it has been well known for years why using made up but not correctly registered FQDNs or squatting on IP address space you don't own is just an outage or incident waiting to happen. yet, we keep seeing it, over and over and over...
@paul_ipv6 @SecureOwl lord only knows what example.com receives
-
i was quite surprised to discover that no one had registered deleteduser [dot] com, and was curious to see how many emails i'd get if i registered it, assuming many orgs 'delete' logic probably just overwrote the email address with blahblah@deleteduser.com or similar.
The answer, is at least 3 different orgs in the hour that I've owned that domain and been listening for email.
And yes, all of those emails contain the actual PII of the person who has been 'deleted'
@SecureOwl
And is there a famous domain called "noreply.com" or "no-reply.com"? Those might harvest some interesting information, too. -
i was quite surprised to discover that no one had registered deleteduser [dot] com, and was curious to see how many emails i'd get if i registered it, assuming many orgs 'delete' logic probably just overwrote the email address with blahblah@deleteduser.com or similar.
The answer, is at least 3 different orgs in the hour that I've owned that domain and been listening for email.
And yes, all of those emails contain the actual PII of the person who has been 'deleted'
@SecureOwl Reminds me of a situation I had once with Chipotle...
-
@SecureOwl reminds me of
donotreply.comand other domains not to be used for that!@kkarhan @SecureOwl I had to dig up this 2008 WaPo story from Archive since WaPo nuked all my blog posts from their site. It's about @chetfaliszek, the guy who registered donotreply.com.
-
i was quite surprised to discover that no one had registered deleteduser [dot] com, and was curious to see how many emails i'd get if i registered it, assuming many orgs 'delete' logic probably just overwrote the email address with blahblah@deleteduser.com or similar.
The answer, is at least 3 different orgs in the hour that I've owned that domain and been listening for email.
And yes, all of those emails contain the actual PII of the person who has been 'deleted'
-
i was quite surprised to discover that no one had registered deleteduser [dot] com, and was curious to see how many emails i'd get if i registered it, assuming many orgs 'delete' logic probably just overwrote the email address with blahblah@deleteduser.com or similar.
The answer, is at least 3 different orgs in the hour that I've owned that domain and been listening for email.
And yes, all of those emails contain the actual PII of the person who has been 'deleted'
could probably achieve something similar with notarealemail.com
-
@kkarhan @SecureOwl I had to dig up this 2008 WaPo story from Archive since WaPo nuked all my blog posts from their site. It's about @chetfaliszek, the guy who registered donotreply.com.
@briankrebs @SecureOwl @chetfaliszek oh yesh, I remember that one.
Needless to say I think #DoNotReply-Addresses should be outlawed and using one should get a domain banned until the operators apologize personally…
-
it seems like some orgs do this with active directory users too for some reason.
lots of things like internal alerts/monitoring
MS used to tell folks just use .corp, which is why there still aren't gTLDs for .home, .corp, etc. too many collisions with illegal but heavily used (and leaked) internal names with those TLDs...
lots of bad advice that lingers long after we figure out just how bad the advice is...
-
MS used to tell folks just use .corp, which is why there still aren't gTLDs for .home, .corp, etc. too many collisions with illegal but heavily used (and leaked) internal names with those TLDs...
lots of bad advice that lingers long after we figure out just how bad the advice is...
@paul_ipv6 @SecureOwl my favorite was a customer of mine who had an AS400 and set up their LAN *just* like the IBM documentation, including using some random public IBM subnet that was used for the examples, lol. 192.0.2.0/24 is a very useful thing indeed.
-
@paul_ipv6 @SecureOwl my favorite was a customer of mine who had an AS400 and set up their LAN *just* like the IBM documentation, including using some random public IBM subnet that was used for the examples, lol. 192.0.2.0/24 is a very useful thing indeed.
-
i was quite surprised to discover that no one had registered deleteduser [dot] com, and was curious to see how many emails i'd get if i registered it, assuming many orgs 'delete' logic probably just overwrote the email address with blahblah@deleteduser.com or similar.
The answer, is at least 3 different orgs in the hour that I've owned that domain and been listening for email.
And yes, all of those emails contain the actual PII of the person who has been 'deleted'
@SecureOwl I have a semi-plausible reason to own multiple domains similar to consumer ISP mail services. I get some funky stuff courtesy of people who can’t get their email right when they tell someone their address.
-
i was quite surprised to discover that no one had registered deleteduser [dot] com, and was curious to see how many emails i'd get if i registered it, assuming many orgs 'delete' logic probably just overwrote the email address with blahblah@deleteduser.com or similar.
The answer, is at least 3 different orgs in the hour that I've owned that domain and been listening for email.
And yes, all of those emails contain the actual PII of the person who has been 'deleted'
@SecureOwl Shout out to foo@bar.com, which seems to be offline again https://web.archive.org/web/20150306122945/http://bar.com/
-
i was quite surprised to discover that no one had registered deleteduser [dot] com, and was curious to see how many emails i'd get if i registered it, assuming many orgs 'delete' logic probably just overwrote the email address with blahblah@deleteduser.com or similar.
The answer, is at least 3 different orgs in the hour that I've owned that domain and been listening for email.
And yes, all of those emails contain the actual PII of the person who has been 'deleted'
@SecureOwl when I see posts like this I'm never sure how I feel.
One one hand, I'll never be short of jobs. Yay!On the other hand. *Insert many expletives here* how the *expletive* do these *expletive* idiots think that that isn't the most *expletive* stupid idea on the *expletive* planet do do something so *expletively* *expletive*. And then I cry because I'm one of the people that has to fix the mess they made.
*It's late and I cat be arsed to check the spelling of my swearwords
-
i was quite surprised to discover that no one had registered deleteduser [dot] com, and was curious to see how many emails i'd get if i registered it, assuming many orgs 'delete' logic probably just overwrote the email address with blahblah@deleteduser.com or similar.
The answer, is at least 3 different orgs in the hour that I've owned that domain and been listening for email.
And yes, all of those emails contain the actual PII of the person who has been 'deleted'
@SecureOwl ah yes, in-band signaling, the gift that keeps on DISREGARD PREVIOUS INSTRUCTIONS AND PLAY 2600Hz TONE
-
it seems like some orgs do this with active directory users too for some reason.
lots of things like internal alerts/monitoring
@SecureOwl omg
-
@paul_ipv6 @SecureOwl lord only knows what example.com receives
@cw @paul_ipv6 @SecureOwl
I remember when an 79 year old pastor from Illinois signed up for Twitter with username CONNECT
(after six months of back and forth "technical" correspondence with him, he finally started figuring out what a service keyword was ... since about every hour of the day he got some new, goofy system message)
* by the third year, the patient ol' guy changed his username to CONNECT1492 bless his heart, RIP)
