Gravatars Can Leak Users' Email Addresses

abell writes "Gravatar offers a global avatar service, using an MD5 hash of the user's email as avatar ID. This piece of information in some cases is enough to retrieve the original email address. Testing a simple attack on stackoverflow.com, I was able to determine the email addresses of more than 10% of the site's users."

Re:So let's change the algorithm.

[palegray.net]

Really? Are you familiar with MD5 collisions?

Re:So let's change the algorithm.

[Long1986]

Hi,Dear Ladies and Gentlemen,Here are the most popular, most stylish and avantgarde shoes,handbags,Tshirts,jacket,Tracksuitw ect... http://www.kkshoe.com/ /productlist.asp?id=s76(Tracksuit) Christmas is approaching, your Christmas gifts ready? kkshoe com mall for you, which involves a number of well-known brands from the Asia-Pacific region the trend of merchandise. Promotional discounts should be, come SHOPPING bar!Christmas sale, free shipping discounts are beautifully gift ,Christmas gifts,look, Best quality, Best reputation , Best services Service is our Lift. Nike shox $35,Handbags(Coach lv fendi d&g) $35 Tshirts (Polo ,ed hardy,lacoste) $16 ugg boot,POLO hoody,Jacket,ect... For details, please consult http://www.kkshoe.com/ Thanks!!! Advance wish you a merry Christmas.