Changes to ticket a24ec6005f
By drh on 2008-07-23 19:44:34. See also: artifact content, and ticket history
- Appended to comment:
drh added on 2008-07-23 19:44:34:
I started writing code to encrypt the email address field. But upon further thought I realized that a determined malefactor could clone the repository and then mount a dictionary attack to recover the encryption password. So while encryption does make email address harvesting more difficult, it does not make it impossible. I wonder if it is even worth the trouble....Perhaps the right solution is (as the OP suggests) to change the bug form to say that the contact information is not displayed on any webpage but can be recovered by miscreants who go to the trouble of cloning the repository.
- Change priority to "Immediate"
- Change resolution to "Open"
- Change subsystem to "one"
- Change type to "Code_Defect"