from the chatty-little-things dept.
abell writes "Gravatar offers a global avatar service, using an MD5 hash of the user's email as avatar ID. This piece of information in some cases is enough to retrieve the original email address. Testing a simple attack on stackoverflow.com, I was able to determine the email addresses of more than 10% of the site's users."
If you push the "extra ice" button on the soft drink vending machine, you won't
get any ice. If you push the "no ice" button, you'll get ice, but no cup.