|
|
|
|
|
|
by maxidorius
2556 days ago
|
|
|
To clarify: the paper does not claim a list with email addresses is made public or anything of the sort. Only that they can be queried without restriction or authentication. Once again, it's not about brute listing things. It's about knowing a 3PID from another source, like a dump of email/phone number on the darkweb which can then be used to query for a mapped Matrix ID. Or simply an email given for another purpose to the same server. It is all fun and games until you start correlating data sets, like claudius points out correctly with other public lists. |
|
|