top | item 8302937

(no title)

jdludlow | 11 years ago

I'm not sure how that would help. They would have to generate a matching hash on their end, giving them a lookup table to work backwards from hash to email address.

Now if they wanted to supply a list of hashes to the public, then you could check your own without knowing any of the other addresses used to generate the remaining hashes.

discuss

kevinoconnor7|11 years ago

Yes, but they would already have your e-mail address anyway. Lookup by hash precludes the case where you're giving them information they didn't already have.

jdludlow|11 years ago

True. I was more referring to it being a confirmation that this is an email address that anyone cares about.

If I wanted to be truly malicious I'd have my online checker return a "Nope, you're all good" and then add that email address to the short list of accounts to go after.

bitJericho|11 years ago

But you're still feeding into the "this is a good working address" and "this is a security newb" email lists.