Giter Site home page Giter Site logo

zacharydavidsaunders / pseudoname Goto Github PK

View Code? Open in Web Editor NEW
2.0 2.0 0.0 4.3 MB

Pseudoname is a free, disposable email alias generating service.

Home Page: https://pseudoname.io

License: Mozilla Public License 2.0

HTML 58.28% CSS 12.86% JavaScript 28.86%
anonymity email privacy pseudoname security

pseudoname's People

Contributors

zacharydavidsaunders avatar

Stargazers

avatar avatar

Watchers

avatar

pseudoname's Issues

Prepare for PseudonameAPI 1.4 release

The PseudonameAPI is preparing for release 1.4. This release adds rate limiting and API method changes that will necessitate Pseudoname updates. This change also solves the problem discussed in #9 and the existing CAPTCHA system can now be removed.

Alias creation not working

I have created an alias, I've got the «Success!» message but in reality it doesnt work, all the mails sent to it are always returned with a message «address: unknown user».

Need a CAPTCHA system

Sometime, over the course of the last 4 days, the system was brute forced and 800+ illegitimate aliases were created.

This incident did not impact system uptime and the illegitimate aliases will be purged by end of day, however this serves to highlight the need for a CAPTCHA type system.

Luckily, the attack wasn't sophisticated enough to vary the pattern of alias names, making them easy to identify (see examples below):

03a2853c-0863-45db-900e-000a6a4fc8a6
03f135e5-f43d-4fd0-9237-aa99193a0cc2
041f25d8-b8e2-4fbf-ab17-086d78751098
043e3db5-d854-446f-86b2-3da0145e93fd
045f748b-a454-4a22-889e-7e044c903415
047545b2-5cad-4cfa-9d83-8468ea181498
0481e11d-33da-4971-919e-0045d83fbf2b
048557bd-b578-4684-86a7-ed102f3a742f
04ce971a-a91f-49e0-a202-30b956ecd9dc
04fbd611-d4ce-4636-a0b8-9463a47b6ea5
051aab40-6b3b-401e-8512-ee16ef52826e
0529ef90-65e7-4132-a21e-990cdbaed701
05b4c99d-de67-4b80-8515-6a371bff1725
05bed30e-adec-41bc-a863-c5a89f742661
05fcb679-61c1-407a-9637-921570743b06
05fee2e1-50a4-4b8d-9f02-ab8d9fa8d7b9
06161794-c900-43c1-b294-fa8bebb7ae7c
06226bad-62c4-4b71-a75a-9cf17d4f8250
0632f075-a736-4ac7-9d72-03fe969f309e
06e48c70-ae45-4428-9879-d5a322a658c3
06e5f982-735e-4640-8308-a1705470f545

This is obviously a subset of the 800+ aliases, but as you can see, they follow a common structure. Given the low number of aliases created (~800 is pretty small, all things considered), I suspect that this was a proof of concept test and not a full scale attack. Regardless, a CAPTCHA seems necessary.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.