I saw a bunch of people posting about how this is a list for the nefarious to mine for data. I've helped build an integration with these registries, and there's some reasons it's infeasible to do so.
The registries aren't the actual email address, they're md5s of a salted version of the lower case email address. On an unspecified interval the salt changes, so if a particular salt ever becomes compromised, I'd assume they can switch to the next salt. Also, when you send your list in, you generate the salted md5 first, so the email addresses are never transmitted. Even the md5s are sent ssl.
Now I suppose if you were willing to set up a list that contained a bazillion automatically generated email addresses, that you could make an attempt to brute force their list, however that's somewhat financially infeasible, since every single email address costs you money which is billed to a credit card at the time of the transaction.
Also, I'm told that when you sign up for the usage of the service, that they do a background check to make sure you're a valid company with legitimate reasons to use their services.
So I suppose if you had unlimited financial resources, as checking a millions of email addresses isn't cheap, and a company that could hold up to a background check for ligitimate purposes, you could use the list in nefarious ways. Of course, you'd be a company in the states, with trackable owners, and the laws for using the list illegally are rather serious.
The biggest concern I have is someone compromising their system, gaining access to the current list of md5's, and then brute forcing email addresses against the md5 list. Of course, if you were going to go to that much effort, I'm sure there's easier solutions to send spam.
IMO, It's better to start out in your development with the most readable code. Once you have created something larger, you have to go back and analyze what portions of your code can benefit from a optimized re-factor as opposed to which portions of code a refactor would only squeeze in a few ticks.
In addition, as compilers get better, your optimizations may only slow down your program in newer compilers, or introduce unusual bugs.
Slashdot Mirror
I saw a bunch of people posting about how this is a list for the nefarious to mine for data. I've helped build an integration with these registries, and there's some reasons it's infeasible to do so.
The registries aren't the actual email address, they're md5s of a salted version of the lower case email address. On an unspecified interval the salt changes, so if a particular salt ever becomes compromised, I'd assume they can switch to the next salt. Also, when you send your list in, you generate the salted md5 first, so the email addresses are never transmitted. Even the md5s are sent ssl.
Now I suppose if you were willing to set up a list that contained a bazillion automatically generated email addresses, that you could make an attempt to brute force their list, however that's somewhat financially infeasible, since every single email address costs you money which is billed to a credit card at the time of the transaction.
Also, I'm told that when you sign up for the usage of the service, that they do a background check to make sure you're a valid company with legitimate reasons to use their services.
So I suppose if you had unlimited financial resources, as checking a millions of email addresses isn't cheap, and a company that could hold up to a background check for ligitimate purposes, you could use the list in nefarious ways. Of course, you'd be a company in the states, with trackable owners, and the laws for using the list illegally are rather serious.
The biggest concern I have is someone compromising their system, gaining access to the current list of md5's, and then brute forcing email addresses against the md5 list. Of course, if you were going to go to that much effort, I'm sure there's easier solutions to send spam.
IMO, It's better to start out in your development with the most readable code. Once you have created something larger, you have to go back and analyze what portions of your code can benefit from a optimized re-factor as opposed to which portions of code a refactor would only squeeze in a few ticks. In addition, as compilers get better, your optimizations may only slow down your program in newer compilers, or introduce unusual bugs.