NEWS FROM THE LAB - Tuesday, January 26, 2010

Facebook Mischief Posted by Sean @ 14:18 GMT

Facebook recently published a nice new feature: Reply to this email to comment on this status.

This seems like a very handy feature to have if you're trying to converse with friends on the go.

But is it secure?

As it turns out, based on our testing, anyone can use the Reply To address, from any e-mail account.

Of course, the notification links are only sent to the account holder's primary e-mail, but we all know just how often e-mail accounts are phished/hacked, right?

Matti Meik�l�inen

Try it yourself. Send an e-mail message to this address, include a subject message, and you'll see the results, posted in Matti's name, here.

Coming soon to a comment near you — EMAIL REPLY SPAM.