r/Simplelogin

Apple ‘Hide My Email’ Vulnerability Reveals Peoples’ Real Email Addresses
▲ 1.0k r/Simplelogin+1 crossposts

Apple ‘Hide My Email’ Vulnerability Reveals Peoples’ Real Email Addresses

A vulnerability in Apple’s “Hide My Email” tool lets almost anyone discover a person’s real email address that is supposed to be hidden by the feature, and Apple has failed to fix it for more than a year, according to a security researcher and 404 Media’s own tests.

404media.co
u/eve-collins — 4 days ago
▲ 6 r/Simplelogin+1 crossposts

Should I use an alias for gaming purposes?

My Playstation account was stolen from me recently so I'm doubling down on privacy when it comes to emails and such.

I'm wondering if using an alias with simplelogin for gaming purposes be better, or just make a secondary Protonmail email address?

reddit.com
u/stnapymtahs — 7 days ago

SimpleLogin MTA-STS Policy Still Set to "Testing" After 5 Years

Over five years ago, I reached out to Proton regarding a security vulnerability in SimpleLogin: the lack of MTA-STS enforcement. Without an enforced policy, mail servers are not required to use encrypted connections, leaving email traffic vulnerable to interception.

Initially, there was no policy in place. After multiple follow-ups, they implemented a "testing" mode policy roughly two years ago. However, a testing policy does not enforce encryption, meaning the traffic remains vulnerable to interception.

Fixing this requires changing the MTA-STS policy from "testing" to "enforce."

Given how straightforward this configuration change is, why would a privacy-focused company leave it in testing mode for years?

reddit.com
u/Level-Profile-7841 — 11 days ago

Gmail started marking as spam

Hello, in the past week or so I've noticed that gmail is marking the inbound email using simplelogin as SPAM. Emails that previously were not!

Anyone else having this issue and know what's going on?

reddit.com
u/graflo — 12 days ago