[Aaronontheweb]

Here's the deal - as soon as your blog reaches any level of popularity, people are going to want to deface it / hack it any way they can just because it's that much bigger of a prize. If Posterous is this easy to hack, once you have a decent sized blog you're going to have a constant field day until they implement something better.

If you want to keep security simple enough that it doesn't strangle the service then hand out a unique email like post-45h231sxax23s1@posterous.com and have the user add that to their address book - viola, you've managed to add a layer of obscurity to posterous' posting mechanism at least, even though it's still not really a strong one.

[DanielStraight]

Apparently not, because his blog had "any level of popularity" long before it was hacked. Since this is the first I've ever heard of a Posterous hack, clearly it's not true that all decent sized blogs are being hacked constantly.

On the surface, what you say makes sense, but the real life data doesn't back it up.

Compare to: http://www.schneier.com/blog/archives/2010/05/why_arent_ther...

[Aaronontheweb]

Way to totally put up a strawman argument. I did not argue that all popular blogs are ALWAYS being hacked constantly - I just said that it's that much bigger of a prize and people are going to give it a shot, and if the blog system is this easy to hack, you're going to have to regularly (perhaps I should have used regularly instead of constantly, given that a lot of people on this board, like you I suspect, have a bad habit of taking things too literally) deal with hacks.