Monday, July 12, 2004

The Mailinator

Ever want to download something or sometimes even just get into a site, but the doors are locked until you fill out a form, get a confirmation email, and click on a link to 'activate' whateverthehell it is you want to do? Personally I've got a few hotmail and yahoo accounts for these, because I don't need any more junk mail on my personal mail account, and nowadays you can't fill out a form without ending up in a database somewhere that gets sold to marketers.

There's a new service called Mailinator that sidesteps this problem neatly. When you go to that page, there will be a random autogenerated email address over on the left side. Copy that email address and use it for filling in the forms. You can then go back to the same page at Mailinator, paste in the email address you used, and see what mail has arrived. In a couple of hours, the email account disappears.

As far as security goes, there are no forms to fill in, no passwords, nothing. This shouldn't matter too much, since you'd mostly be using the service to feed bullshit data to the marketing machines, but it also means that (theoretically) anyone could read the email sent to that address. If, that is, they could figure out the address...

It appears to me that they use a randomly generated string of 10-14 letters for the username. That means there are 2610 + 2611 + 2612 + 2613 + 2614 = 6.70903*1019 unique addresses, so it would be pretty hard for anyone to even find a Mailinator address that was in use, let alone one that had your email in it. If every person on the planet was simultaneously trying to discover your secrets, they'd have to each try more than 11 billion addresses, and the account only lasts for a few hours...

... but then again it's possible (not probable mind you) that someone could hit it on the first try. So use this tool to fuck the bozos, but protect sensitive information... if you use Mailinator to join a group or register at a website, after going through the confirmation process change your password on that site (this is a good idea any time a password is sent to you in plaintext email).