Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> Maybe I don't want my employer to know that I have an account on competitor-service.com, or my partner to know that I have an account on kinky-thing.website.

In that case, maybe employ the basic opsec measure of having a separate email account for competitor-service.com and kinky-thing.website?



Sure, but if we are talking about improving user experience, I don't see how this helps.


OPSEC and user experience are completely unrelated things.

If you have something to hide (from anyone at all), you have to employ opsec measures. Using an email account that can't be immediately linked back to you is the most basic of them (and would be perfectly sufficient in the scenario described).

It wouldn't even matter if the website didn't leak in any way that an email is registered with them, because data breaches happen, and should one happen, you'd be fucked from that perspective anyway. Remember the Ashley Madison leak?


Are they unrelated?

The article is about a tradeoff between security and user experience, claiming that a given practice is bad experience without any security gain.

The Ashley Madison leak shows that there are plenty of vulnerable users who are not educated to even "the most basic" things to do to protect their privacy.

It's also a question of user experience to protect users against themselves, or against threats they don't know about.

Saying "it's up to the user to do the right thing" isn't really helpful in the context of discussing account creation/login UIs.


> Are they unrelated?

Perhaps not when considering only the points made in the article, but in the grand scheme of things, yes.

If you’re worried about your opsec (not the sites, and if you’re worried about your opsec, you should treat the site as having no security measures whatsoever), ux is secondary to you, because in the case of a leak you should be in a position where you can plausibly deny everything. And you shouldn’t expect the site to help you with it.


While I agree in general that this is the better way, it’s in the end out of the sites control. The could notify the user, but cannot implement any measures that can help to protect the user. Avoiding information leaks is under the sites control - you just need to consider whether you can truly avoid this leak.


For the vast majority of people, this is a bridge too far.

It is an advantage of using things like the apple-generated randomized emails for accounts.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: