Welcome Guest.   Make a donation to an author on the site October 01, 2014, 01:05:45 AM  *

Please login or register.
Or did you miss your validation email?


Login with username and password (forgot your password?)
Why not become a lifetime supporting member of the site with a one-time donation of any amount? Your donation entitles you to a ton of additional benefits, including access to exclusive discounts and downloads, the ability to enter monthly free software drawings, and a single non-expiring license key for all of our programs.


You must sign up here before you can post and access some areas of the site. Registration is totally free and confidential.
 
Read the Practical Guide to DonationCoder.com Forum Search Features
   
   Forum Home   Thread Marks Chat! Downloads Search Login Register  
Pages: [1]   Go Down
  Reply  |  New Topic  |  Print  
Author Topic: Would you trust this ... ?  (Read 5407 times)
joiwind
Participant
*
Posts: 480


carpe momentum

View Profile Give some DonationCredits to this forum member
« on: September 15, 2011, 05:36:15 AM »

Has anyone tried (I have and it works) using mail2web ... ? It looks really useful BUT would you give your email password to someone you don't know ?
Logged

.: I use K-Meleon - the browser you can control - but I love Pale Moon too :.
Renegade
Charter Member
***
Posts: 11,440



Tell me something you don't know...

see users location on a map View Profile WWW Give some DonationCredits to this forum member
« Reply #1 on: September 15, 2011, 06:23:36 AM »

...BUT would you give your email password to someone you don't know ?

No. Never.


Logged

Slow Down Music - Where I commit thought crimes...

Freedom is the right to be wrong, not the right to do wrong. - John Diefenbaker
4wd
Supporting Member
**
Posts: 3,337



see users location on a map View Profile Read user's biography. Give some DonationCredits to this forum member
« Reply #2 on: September 15, 2011, 07:17:18 AM »

I can't speak for them as of right this minute but I have used their service when I was overseas in the UK in 1997, 2000 & 2003.

I never had a problem with it and I've never had mysterious, unexplained weirdness with any email account I used via mail2web.
Logged

I do not need to control my anger ... people just need to stop pissing me off!
Renegade
Charter Member
***
Posts: 11,440



Tell me something you don't know...

see users location on a map View Profile WWW Give some DonationCredits to this forum member
« Reply #3 on: September 15, 2011, 07:56:39 AM »

It just seems weird to stick your password into some strange input box. tongue
Logged

Slow Down Music - Where I commit thought crimes...

Freedom is the right to be wrong, not the right to do wrong. - John Diefenbaker
joiwind
Participant
*
Posts: 480


carpe momentum

View Profile Give some DonationCredits to this forum member
« Reply #4 on: September 15, 2011, 08:04:46 AM »

It just seems weird to stick your password into some strange input box. tongue

Yes, that's what I thought - well, nearly ...  Grin

But on the other hand ... if this service is trustworthy then it's really useful.

More opinions ?

Logged

.: I use K-Meleon - the browser you can control - but I love Pale Moon too :.
cmpm
Charter Member
***
Posts: 2,025

View Profile Give some DonationCredits to this forum member
« Reply #5 on: September 15, 2011, 08:11:43 AM »

or would you trust this, with your cell phone number

http://www.wheresmycellphone.com/

via- http://cybernetnews.com/find-my-cell-phone/

looks like a handy service if you have no other phone around

I've cut my land line and have misplaced my cell phone once,
here at home,
without anyone around to contact and call the number.

I found it, and now I find this site.
So I may have to use it one day...hmmmm
Logged
mahesh2k
Supporting Member
**
Posts: 1,408



see users location on a map View Profile WWW Give some DonationCredits to this forum member
« Reply #6 on: September 15, 2011, 09:58:06 AM »

How this service is any different from thunderbird or any similar thunderbird like web interface software ?
Logged
jgpaiva
Global Moderator
*****
Posts: 4,710



Artificial Idiocy

see users location on a map View Profile WWW Read user's biography. Give some DonationCredits to this forum member
« Reply #7 on: September 15, 2011, 12:17:21 PM »

How this service is any different from thunderbird
In terms of security it poses a much larger risk, I think.
First of all, by default it doesn't use the SSL connection. That means that anyone can listen to you connection (think public wireless access points, for example) and get the username/password pair.
Even when you use the SSL login, the reward for hacking the server is large, the hacker would get access to a *very* large number of email boxes. Even if you trust the site, there's no guarantee that right this moment there isn't a trojan in their server logging every login.
The same could be said from your thunderbird, its binaries could have been hacked and be sending info to some third party. However, I believe that if this would have happened at least one of the millions (?) of people who use thunderbird would have noticed. The server situation is different: only the (few) server administrators can know what's happening with their server.

or any similar thunderbird like web interface software ?
I believe any web-based solution would suffer from the problem I mentioned above, and for me it would be the same situation as this. Like Renegade said,
...BUT would you give your email password to someone you don't know ?
No. Never.
Logged

daddydave
Supporting Member
**
Posts: 818



see users location on a map View Profile Give some DonationCredits to this forum member
« Reply #8 on: September 15, 2011, 01:10:56 PM »

Gmail can do this too, right? Or are their target consumers not supposed to know about web mail? I think you can even send from the non-Gmail SMTP address.
Logged
JavaJones
Review 2.0 Designer
Charter Member
***
Posts: 2,537



see users location on a map View Profile WWW Read user's biography. Give some DonationCredits to this forum member
« Reply #9 on: September 15, 2011, 03:07:52 PM »

Yes, Gmail does what this seems to do. The difference as far as I can see is they claim "no registration"? I certainly wouldn't use it, but then I *do* use Gmail so I don't need it. And I did give Gmail passwords for some other accounts...

- Oshyan
Logged

The New Adventures of Oshyan Greene - A life in pictures...
4wd
Supporting Member
**
Posts: 3,337



see users location on a map View Profile Read user's biography. Give some DonationCredits to this forum member
« Reply #10 on: September 15, 2011, 08:27:02 PM »

Gmail can do this too, right? Or are their target consumers not supposed to know about web mail? I think you can even send from the non-Gmail SMTP address.

This service was started at a time when GMail, (and a lot of web-based mail), didn't exist and a lot of people used the email address provided by their ISP - many of which didn't provide a web interface to email.

EDIT: The part below is a general reply, not related to the daddydave quote above.  (Just thought I'd add that for the sake of clarity.)

Put it this way:

If you need to access your email and
a) you don't have your 3kg laptop with Thunderbird because it was stolen along with all your carefully downloaded private emails, and
b) you don't have an email service with a web interface, and
c) all you've got is is your portable version of Tor/Firefox on a USB stick and you're at some disreputable internet cafe in Nigeria....

What are you going to do?

It's your choice whether you trust them or not.

I don't have a problem given what they provided me with in the past and the subsequent problems that arose from that use, ie. none.

It was asked whether you would trust that particular site; for that particular site, my answer is yes.

If it's that much of a concern whether they have access to your email account; forward it all to another with a different address/password and access that one.
Logged

I do not need to control my anger ... people just need to stop pissing me off!
J-Mac
Supporting Member
**
Posts: 2,864


see users location on a map View Profile Read user's biography. Give some DonationCredits to this forum member
« Reply #11 on: September 16, 2011, 02:11:53 PM »

I did use this service for a couple years back in 2006-2007. I had a premium account and it basically served as an Exchange server for me. It was pretty decent but then they changed their pricing structure and that chased me away.

Thank you.

Jim
Logged

"I am getting so tired of slitting the throats of people who say that I am a violent psychopath."
Renegade
Charter Member
***
Posts: 11,440



Tell me something you don't know...

see users location on a map View Profile WWW Give some DonationCredits to this forum member
« Reply #12 on: September 20, 2011, 01:22:31 AM »

Ahem... On the "let's give people the keys to the castle" note...

Seems like Facebook is asking for my email address and password...



Ahem... To make this a fun game of fill in the blanks, they can:

G_ f___ themselves.

Like really? WTF? Are they on crack?


Logged

Slow Down Music - Where I commit thought crimes...

Freedom is the right to be wrong, not the right to do wrong. - John Diefenbaker
mahesh2k
Supporting Member
**
Posts: 1,408



see users location on a map View Profile WWW Give some DonationCredits to this forum member
« Reply #13 on: September 20, 2011, 03:17:09 AM »

I'm getting google+ invite from those who sent me email just once in one of my gmail account. lol so as usual "G" is moar eveel tongue
Logged
J-Mac
Supporting Member
**
Posts: 2,864


see users location on a map View Profile Read user's biography. Give some DonationCredits to this forum member
« Reply #14 on: September 20, 2011, 04:47:04 AM »


Ahem... On the "let's give people the keys to the castle" note...

Seems like Facebook is asking for my email address and password...
 
Ahem... To make this a fun game of fill in the blanks, they can:

G_ f___ themselves.

lol!!   Grin

Quote
Like really? WTF? Are they on crack?

Aw c'mon! They're not asking for your blood... yet!  Plus, after all, this is for your friends?!?!  Maybe your mother's maiden name, then? Shoe size?  Anything???

Worse yet, they don’t give up!

Thanks!

Jim
Logged

"I am getting so tired of slitting the throats of people who say that I am a violent psychopath."
daddydave
Supporting Member
**
Posts: 818



see users location on a map View Profile Give some DonationCredits to this forum member
« Reply #15 on: September 21, 2011, 10:21:30 AM »

LinkedIn is even worse, because they have a prompt like this that makes it look like you're logged out of LinkedIn. I've accidentally typed a password there and submitted a few times.

The right way to do this is use some kind of authentication where it redirects you to the third party's web site so you can at least see the URL and be clear you are giving your password into Google and not Facebook or LinkedIn. Of course, not everyone is on Gmail, but all the web mail services ought to (which means they probably don't) have something similar in my opinion. Yes, I realize that is 1000 times more work. And by the way, why are iPhone/iPod Touch apps so dependent on shared passwords stored in the app? Oh, because they're in the cloud man, security is for old fogies who still want to sync to desktop.

Ahem... On the "let's give people the keys to the castle" note...

Seems like Facebook is asking for my email address and password...
 (see attachment in previous post)
Ahem... To make this a fun game of fill in the blanks, they can:

G_ f___ themselves.

Like really? WTF? Are they on crack?



« Last Edit: September 21, 2011, 10:31:20 AM by daddydave » Logged
Alk
Charter Member
***
Posts: 6

View Profile Give some DonationCredits to this forum member
« Reply #16 on: September 25, 2011, 08:48:18 AM »

It's been over 2 years ago since I used the service. Very handy if your service provider doesn't provide webmail and you don't want to setup an email client for the purpose of just reading the emails (without downloading them to your email client). Also very handy as a troubleshooting tool to independently verify that the email account details are working correctly.
Logged
rjbull
Charter Member
***
Posts: 2,760

View Profile Give some DonationCredits to this forum member
« Reply #17 on: September 25, 2011, 11:00:04 AM »

I too am in the UK and used the mail2web service for several years without problems, though not much in the last two years.  At one point my ISP (Plus.net) tried to set up their own Web mail service, made it insecure, and while they thought about improving it, recommended their customer use mail2web.

I was under the impression that passwords for e-mail were sent in plain text anyway.  Has SSL changed that?
Logged
Ath
Supporting Member
**
Posts: 2,223



see users location on a map View Profile WWW Give some DonationCredits to this forum member
« Reply #18 on: September 25, 2011, 11:02:43 AM »

I was under the impression that passwords for e-mail were sent in plain text anyway.  Has SSL changed that?
An SSL connection is encrypted by default, so even though the password goes into the comms channel in plain text, because of the entire channel being encrypted, nobody but the receiving end can read it. It's just like with https vs http websites.
Logged

rjbull
Charter Member
***
Posts: 2,760

View Profile Give some DonationCredits to this forum member
« Reply #19 on: September 25, 2011, 11:19:56 AM »

@Ath: Thanks!  I suspect 4wd's comment about mail2web pre-dating Gmail and other Web mail interfaces probably means it also pre-dates SSL, though they should now catch up and add it.
Logged
f0dder
Charter Honorary Member
***
Posts: 8,774



[Well, THAT escalated quickly!]

see users location on a map View Profile WWW Read user's biography. Give some DonationCredits to this forum member
« Reply #20 on: September 25, 2011, 01:52:13 PM »

An SSL connection is encrypted by default, so even though the password goes into the comms channel in plain text, because of the entire channel being encrypted, nobody but the receiving end can read it. It's just like with https vs http websites.
...unless there's a man-in-the-middle with a forged certificate... used to be "zomg tinfoilhat!" stuff, until the latest CA hacks (diginotar, anyone?). Also, HTTPS == HTTP-over-SSL.
Logged

- carpe noctem
4wd
Supporting Member
**
Posts: 3,337



see users location on a map View Profile Read user's biography. Give some DonationCredits to this forum member
« Reply #21 on: September 25, 2011, 08:18:12 PM »

@Ath: Thanks!  I suspect 4wd's comment about mail2web pre-dating Gmail and other Web mail interfaces probably means it also pre-dates SSL, though they should now catch up and add it.

Already there, just use https://www.mail2web.com - if you can believe Wikipedia, HTTPS was created in 1994, (3 years before mail2web), by Netscape but not formerly specified until 2000.
Logged

I do not need to control my anger ... people just need to stop pissing me off!
rjbull
Charter Member
***
Posts: 2,760

View Profile Give some DonationCredits to this forum member
« Reply #22 on: September 28, 2011, 02:42:38 PM »

@Ath: Thanks!  I suspect 4wd's comment about mail2web pre-dating Gmail and other Web mail interfaces probably means it also pre-dates SSL, though they should now catch up and add it.

Already there, just use https://www.mail2web.com - if you can believe Wikipedia, HTTPS was created in 1994, (3 years before mail2web), by Netscape but not formerly specified until 2000.
Well, well... sounds like one more reason to trust mail2web after all  smiley

Thanks!
Logged
Pages: [1]   Go Up
  Reply  |  New Topic  |  Print  
 
Jump to:  
   Forum Home   Thread Marks Chat! Downloads Search Login Register  

DonationCoder.com | About Us
DonationCoder.com Forum | Powered by SMF
[ Page time: 0.047s | Server load: 0.13 ]