joiwind
Participant
Posts: 449
carpe momentum
 
|
 |
« on: September 15, 2011, 05:36:15 AM » |
|
Has anyone tried (I have and it works) using mail2web ... ? It looks really useful BUT would you give your email password to someone you don't know ? |
|
|
|
|
Logged
|
.: I use K-Meleon - the browser you can control - but I love IRON too :. |
|
|
|
Renegade
|
|
« Reply #1 on: September 15, 2011, 06:23:36 AM » |
|
...BUT would you give your email password to someone you don't know ?
No. Never. |
|
|
|
|
Logged
|
|
|
|
|
4wd
|
|
« Reply #2 on: September 15, 2011, 07:17:18 AM » |
|
I can't speak for them as of right this minute but I have used their service when I was overseas in the UK in 1997, 2000 & 2003.
I never had a problem with it and I've never had mysterious, unexplained weirdness with any email account I used via mail2web.
|
|
|
|
|
Logged
|
Four wheel drive: Helping you get stuck faster, harder, further from help...........and it's no different on this forum  |
|
|
|
|
Renegade
|
|
« Reply #3 on: September 15, 2011, 07:56:39 AM » |
|
It just seems weird to stick your password into some strange input box.  |
|
|
|
|
Logged
|
|
|
|
joiwind
Participant
Posts: 449
carpe momentum
|
|
« Reply #4 on: September 15, 2011, 08:04:46 AM » |
|
It just seems weird to stick your password into some strange input box. Yes, that's what I thought - well, nearly ...  But on the other hand ... if this service is trustworthy then it's really useful. More opinions ? |
|
|
|
|
Logged
|
.: I use K-Meleon - the browser you can control - but I love IRON too :. |
|
|
|
cmpm
|
|
« Reply #5 on: September 15, 2011, 08:11:43 AM » |
|
or would you trust this, with your cell phone number http://www.wheresmycellphone.com/via- http://cybernetnews.com/find-my-cell-phone/looks like a handy service if you have no other phone around I've cut my land line and have misplaced my cell phone once, here at home, without anyone around to contact and call the number. I found it, and now I find this site. So I may have to use it one day...hmmmm |
|
|
|
|
Logged
|
|
|
|
|
mahesh2k
|
|
« Reply #6 on: September 15, 2011, 09:58:06 AM » |
|
How this service is any different from thunderbird or any similar thunderbird like web interface software ?
|
|
|
|
|
Logged
|
|
|
|
|
jgpaiva
|
|
« Reply #7 on: September 15, 2011, 12:17:21 PM » |
|
How this service is any different from thunderbird
In terms of security it poses a much larger risk, I think. First of all, by default it doesn't use the SSL connection. That means that anyone can listen to you connection (think public wireless access points, for example) and get the username/password pair. Even when you use the SSL login, the reward for hacking the server is large, the hacker would get access to a *very* large number of email boxes. Even if you trust the site, there's no guarantee that right this moment there isn't a trojan in their server logging every login. The same could be said from your thunderbird, its binaries could have been hacked and be sending info to some third party. However, I believe that if this would have happened at least one of the millions (?) of people who use thunderbird would have noticed. The server situation is different: only the (few) server administrators can know what's happening with their server. or any similar thunderbird like web interface software ?
I believe any web-based solution would suffer from the problem I mentioned above, and for me it would be the same situation as this. Like Renegade said, ...BUT would you give your email password to someone you don't know ?
No. Never. |
|
|
|
|
Logged
|
|
|
|
|
daddydave
|
|
« Reply #8 on: September 15, 2011, 01:10:56 PM » |
|
Gmail can do this too, right? Or are their target consumers not supposed to know about web mail? I think you can even send from the non-Gmail SMTP address.
|
|
|
|
|
Logged
|
|
|
|
|
JavaJones
|
|
« Reply #9 on: September 15, 2011, 03:07:52 PM » |
|
Yes, Gmail does what this seems to do. The difference as far as I can see is they claim "no registration"? I certainly wouldn't use it, but then I *do* use Gmail so I don't need it. And I did give Gmail passwords for some other accounts...
- Oshyan
|
|
|
|
|
Logged
|
|
|
|
|
4wd
|
|
« Reply #10 on: September 15, 2011, 08:27:02 PM » |
|
Gmail can do this too, right? Or are their target consumers not supposed to know about web mail? I think you can even send from the non-Gmail SMTP address. This service was started at a time when GMail, (and a lot of web-based mail), didn't exist and a lot of people used the email address provided by their ISP - many of which didn't provide a web interface to email. EDIT: The part below is a general reply, not related to the daddydave quote above. (Just thought I'd add that for the sake of clarity.) Put it this way: If you need to access your email and a) you don't have your 3kg laptop with Thunderbird because it was stolen along with all your carefully downloaded private emails, and b) you don't have an email service with a web interface, and c) all you've got is is your portable version of Tor/Firefox on a USB stick and you're at some disreputable internet cafe in Nigeria.... What are you going to do? It's your choice whether you trust them or not. I don't have a problem given what they provided me with in the past and the subsequent problems that arose from that use, ie. none. It was asked whether you would trust that particular site; for that particular site, my answer is yes. If it's that much of a concern whether they have access to your email account; forward it all to another with a different address/password and access that one. |
|
|
|
|
Logged
|
Four wheel drive: Helping you get stuck faster, harder, further from help...........and it's no different on this forum |
|
|
|
J-Mac
|
|
« Reply #11 on: September 16, 2011, 02:11:53 PM » |
|
I did use this service for a couple years back in 2006-2007. I had a premium account and it basically served as an Exchange server for me. It was pretty decent but then they changed their pricing structure and that chased me away.
Thank you.
Jim
|
|
|
|
|
Logged
|
J-Mac
|
|
|
|
Renegade
|
|
« Reply #12 on: September 20, 2011, 01:22:31 AM » |
|
Ahem... On the "let's give people the keys to the castle" note... Seems like Facebook is asking for my email address and password...  Ahem... To make this a fun game of fill in the blanks, they can: G_ f___ themselves. Like really? WTF? Are they on crack? |
|
|
|
|
Logged
|
|
|
|
|
mahesh2k
|
|
« Reply #13 on: September 20, 2011, 03:17:09 AM » |
|
I'm getting google+ invite from those who sent me email just once in one of my gmail account. lol so as usual "G" is moar eveel |
|
|
|
|
Logged
|
|
|
|
|
J-Mac
|
|
« Reply #14 on: September 20, 2011, 04:47:04 AM » |
|
Ahem... On the "let's give people the keys to the castle" note...
Seems like Facebook is asking for my email address and password...
Ahem... To make this a fun game of fill in the blanks, they can:
G_ f___ themselves.
lol!! Like really? WTF? Are they on crack? Aw c'mon! They're not asking for your blood... yet! Plus, after all, this is for your friends?!?! Maybe your mother's maiden name, then? Shoe size? Anything??? Worse yet, they don’t give up! Thanks! Jim |
|
|
|
|
Logged
|
J-Mac
|
|
|
|
daddydave
|
|
« Reply #15 on: September 21, 2011, 10:21:30 AM » |
|
LinkedIn is even worse, because they have a prompt like this that makes it look like you're logged out of LinkedIn. I've accidentally typed a password there and submitted a few times. The right way to do this is use some kind of authentication where it redirects you to the third party's web site so you can at least see the URL and be clear you are giving your password into Google and not Facebook or LinkedIn. Of course, not everyone is on Gmail, but all the web mail services ought to (which means they probably don't) have something similar in my opinion. Yes, I realize that is 1000 times more work. And by the way, why are iPhone/iPod Touch apps so dependent on shared passwords stored in the app? Oh, because they're in the cloud man, security is for old fogies who still want to sync to desktop. Ahem... On the "let's give people the keys to the castle" note... Seems like Facebook is asking for my email address and password... (see attachment in previous post)Ahem... To make this a fun game of fill in the blanks, they can: G_ f___ themselves. Like really? WTF? Are they on crack? |
|
|
|
« Last Edit: September 21, 2011, 10:31:20 AM by daddydave »
|
Logged
|
|
|
|
|
Alk
|
|
« Reply #16 on: September 25, 2011, 08:48:18 AM » |
|
It's been over 2 years ago since I used the service. Very handy if your service provider doesn't provide webmail and you don't want to setup an email client for the purpose of just reading the emails (without downloading them to your email client). Also very handy as a troubleshooting tool to independently verify that the email account details are working correctly.
|
|
|
|
|
Logged
|
|
|
|
|
rjbull
|
|
« Reply #17 on: September 25, 2011, 11:00:04 AM » |
|
I too am in the UK and used the mail2web service for several years without problems, though not much in the last two years. At one point my ISP (Plus.net) tried to set up their own Web mail service, made it insecure, and while they thought about improving it, recommended their customer use mail2web.
I was under the impression that passwords for e-mail were sent in plain text anyway. Has SSL changed that?
|
|
|
|
|
Logged
|
|
|
|
|
Ath
|
|
« Reply #18 on: September 25, 2011, 11:02:43 AM » |
|
I was under the impression that passwords for e-mail were sent in plain text anyway. Has SSL changed that?
An SSL connection is encrypted by default, so even though the password goes into the comms channel in plain text, because of the entire channel being encrypted, nobody but the receiving end can read it. It's just like with https vs http websites. |
|
|
|
|
Logged
|
|
|
|
|
rjbull
|
|
« Reply #19 on: September 25, 2011, 11:19:56 AM » |
|
@Ath: Thanks! I suspect 4wd's comment about mail2web pre-dating Gmail and other Web mail interfaces probably means it also pre-dates SSL, though they should now catch up and add it.
|
|
|
|
|
Logged
|
|
|
|
|
f0dder
|
|
« Reply #20 on: September 25, 2011, 01:52:13 PM » |
|
An SSL connection is encrypted by default, so even though the password goes into the comms channel in plain text, because of the entire channel being encrypted, nobody but the receiving end can read it. It's just like with https vs http websites. ...unless there's a man-in-the-middle with a forged certificate... used to be "zomg tinfoilhat!" stuff, until the latest CA hacks (diginotar, anyone?). Also, HTTPS == HTTP-over-SSL. |
|
|
|
|
Logged
|
 - carpe noctem |
|
|
|
4wd
|
|
« Reply #21 on: September 25, 2011, 08:18:12 PM » |
|
@Ath: Thanks! I suspect 4wd's comment about mail2web pre-dating Gmail and other Web mail interfaces probably means it also pre-dates SSL, though they should now catch up and add it. Already there, just use https://www.mail2web.com - if you can believe Wikipedia, HTTPS was created in 1994, (3 years before mail2web), by Netscape but not formerly specified until 2000. |
|
|
|
|
Logged
|
Four wheel drive: Helping you get stuck faster, harder, further from help...........and it's no different on this forum |
|
|
|
rjbull
|
|
« Reply #22 on: September 28, 2011, 02:42:38 PM » |
|
@Ath: Thanks! I suspect 4wd's comment about mail2web pre-dating Gmail and other Web mail interfaces probably means it also pre-dates SSL, though they should now catch up and add it. Already there, just use https://www.mail2web.com - if you can believe Wikipedia, HTTPS was created in 1994, (3 years before mail2web), by Netscape but not formerly specified until 2000. Well, well... sounds like one more reason to trust mail2web after all  Thanks! |
|
|
|
|
Logged
|
|
|
|
|
