[Haskell] Haskell Digest, Vol 174, Issue 15

姓名 falsandtru at gmail.com
Wed Feb 28 13:20:07 UTC 2018 

> GNU mailman passwords are explicitly _*NOT*_ secure!
>
> _*DO NOT REUSE MAILING LIST PASSWORDS!*_
>
>
> They ARE stored in plaintext and will be mailed back to you periodically
> on some setups to confirm that you want to remain subscribed.

I didn't know that. Thanks for letting me know. However, I feel it is
unfriendly and dangerous for beginners.

Sorry for replying to the digest mail. I've strangely received no mail from
this mailing list without digests.
I'll try to unsubscribe and resubscribe this mailing list.
Thanks.


2018-02-28 21:00 GMT+09:00 <haskell-request at haskell.org>:

> Send Haskell mailing list submissions to
>         haskell at haskell.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
>         http://mail.haskell.org/cgi-bin/mailman/listinfo/haskell
> or, via email, send a message with subject or body 'help' to
>         haskell-request at haskell.org
>
> You can reach the person managing the list at
>         haskell-owner at haskell.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Haskell digest..."
>
>
> Today's Topics:
>
>    1. Re: Security problem of email registration page (Thomas Jakway)
>    2. Re: Security problem of email registration page (Thomas Jakway)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Tue, 27 Feb 2018 08:23:42 -0800
> From: Thomas Jakway <tjakway at nyu.edu>
> To: haskell at haskell.org
> Subject: Re: [Haskell] Security problem of email registration page
> Message-ID: <7b17a89d-8fb9-634e-ab9b-7839f4d893d9 at nyu.edu>
> Content-Type: text/plain; charset="utf-8"; Format="flowed"
>
> GNU mailman passwords are explicitly _*NOT*_ secure!
>
> _*DO NOT REUSE MAILING LIST PASSWORDS!*_
>
>
> They ARE stored in plaintext and will be mailed back to you periodically
> on some setups to confirm that you want to remain subscribed.
>
>
> On 02/25/2018 12:44 AM, 姓名 wrote:
> > Hi there,
> >
> > I become aware of the problem that
> > https://mail.haskell.org/mailman/listinfo/haskell send a password to
> > http://mail.haskell.org/cgi-bin/mailman/subscribe/haskell. Probably it
> > means this page will send a password without encryption. Could you use
> > https instead of http, or remove this duplicate page? I had used
> > https://mail.haskell.org/cgi-bin/mailman/listinfo/haskell instead.
> >
> >
> > _______________________________________________
> > Haskell mailing list
> > Haskell at haskell.org
> > http://mail.haskell.org/cgi-bin/mailman/listinfo/haskell
>
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <http://mail.haskell.org/pipermail/haskell/attachments/
> 20180227/a6e0ab4f/attachment-0001.html>
>
> ------------------------------
>
> Message: 2
> Date: Tue, 27 Feb 2018 08:27:39 -0800
> From: Thomas Jakway <tjakway at nyu.edu>
> To: haskell at haskell.org
> Subject: Re: [Haskell] Security problem of email registration page
> Message-ID: <a5ded8ae-3dcf-ce17-7f0c-120f7e653d17 at nyu.edu>
> Content-Type: text/plain; charset="utf-8"; Format="flowed"
>
> ...it's true that without HTTPS someone could man-in-the-middle you and
> get you to join a secret, ILLEGAL haskell mailing list, for NEFARIOUS
> purposes.  Some say demons wander those hills, seeking to lure the
> unwary to the unhallowed lands of javascript...
>
>
> On 02/27/2018 08:23 AM, Thomas Jakway wrote:
> >
> > GNU mailman passwords are explicitly _*NOT*_ secure!
> >
> > _*DO NOT REUSE MAILING LIST PASSWORDS!*_
> >
> >
> > They ARE stored in plaintext and will be mailed back to you
> > periodically on some setups to confirm that you want to remain
> subscribed.
> >
> >
> > On 02/25/2018 12:44 AM, 姓名 wrote:
> >> Hi there,
> >>
> >> I become aware of the problem that
> >> https://mail.haskell.org/mailman/listinfo/haskell send a password to
> >> http://mail.haskell.org/cgi-bin/mailman/subscribe/haskell. Probably
> >> it means this page will send a password without encryption. Could you
> >> use https instead of http, or remove this duplicate page? I had used
> >> https://mail.haskell.org/cgi-bin/mailman/listinfo/haskell instead.
> >>
> >>
> >> _______________________________________________
> >> Haskell mailing list
> >> Haskell at haskell.org
> >> http://mail.haskell.org/cgi-bin/mailman/listinfo/haskell
> >
>
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <http://mail.haskell.org/pipermail/haskell/attachments/
> 20180227/c9fdb691/attachment-0001.html>
>
> ------------------------------
>
> Subject: Digest Footer
>
> _______________________________________________
> Haskell mailing list
> Haskell at haskell.org
> http://mail.haskell.org/cgi-bin/mailman/listinfo/haskell
>
>
> ------------------------------
>
> End of Haskell Digest, Vol 174, Issue 15
> ****************************************
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.haskell.org/pipermail/haskell/attachments/20180228/b8a66e72/attachment.html>

More information about the Haskell mailing list