Conversation

Notices

1. Embed this notice
   javi@goblin.band's status on Thursday, 25-Jul-2024 16:52:20 JST javi

   Oh look at this
   
   So automattic/Tumblr's CEO is making the company email servers to redirect all mail from teamblind.com to his own personal address instead of the actual person who registered to Blind, so he can know who signed up using their corporate email (the only way to sign up).
   
   Not only that, but by doing this, he could just go through the company email address list, hit the "forgot your password" link, and find out who already has an account, and even steal it.
   
   Update: it looks like blind doesn't allow recovering your password via email, so at least he couldn't do this to existing accounts.
   
   Very sane, not creepy, absolutely not sociopath move, sire. Absolutely normal and not crazy maniac behavior.
   
   ‡ If you don't know blind, it's a platform that let employees of a company to anonymously talk between them about their employer

   • Embed this notice
     LisPi (lispi314@udongein.xyz)'s status on Thursday, 25-Jul-2024 16:52:19 JST LisPi

     in reply to

     • Rich Felker
     @javi @dalias The entire concept sounds hilariously unsafe and low-anonymity.
     
     Corporate network monitoring should be entirely capable of correlating when an email was sent to Blind with a particular workstation.
     Sick Sun likes this.
   • Embed this notice
     Jonathan Kamens (jik@federate.social)'s status on Thursday, 25-Jul-2024 16:52:38 JST Jonathan Kamens

     in reply to

     @javi One would have thought that the folks at Blind would have considered this threat model when requiring people to sign up using their corporate email.

     Sick Sun likes this.