"Paging Mr Webster for comment duty, Mr Webster please report for comment duty"

Maybe we can get the "Nice" Webster like we did a few days ago.

I know that Mac users generally feel that SPAM, Trojans and Virii happen to other people and, I'm sure, the OS is probably a lot more secure than windows (although I don’t know this for sure) but to (effectively) publish the email address of every user of this service is taking complacency a little too far?

Been a dot mac account holder for years, and I don't get any spam at all. Feel a bit left out here.

Read the full article (you too, El Reg !). It's not a crawler.

What this iDisk thing gives is a way of verifying a guess about a potential user name @mac.com. So you can generate a million possible address, then weed out the ones with no associated account easily.

The only reason I'd expect this to be worth the hassle is if Apple block IPs that send too much bounced email.

AFAIK spammers have been harvesting .mac email addresses for years, long before the .me changeover. However, Apple filter out the spam pretty well - I've rarely seen junk mail coming through.

Earlier in the year el Reg was reporting on Apple's security folks deciding against patching a security hole in Safari because they didn't really think it mattered. On top of that Paypal blocked Apple's browser, IIRC, for being too insecure, and now MobileMe is sticking a big note on its users' backs saying "Spam me!". Not to mention the bundling of MobileMe into all new iTunes installs whether you use it or not, and attempting to get Safari downloaded onto people's PCs earlier in the year too - it all reeks of bloat and force-feeding people their different solutions and disregard for consumer choice.

They certainly make a shiny, easy-to-use OS on such limited amounts of hardware that it never has to worry about drivers or incompatibility, and I was practically convinced that I was going to buy one last year. Now, however, I'm starting to think Apple need to step back and rethink what they see their customers as, because if the answer is "numbers on our bank balance" then they're just going to get closer and closer to being the people they currently oppose.

I can only hope that's not the answer, and this year's problems are 'bumps in the road' as Apple get used to being popular and realise it isn't all about people worshipping you and feeding you money. We'll see, I guess...

With great power comes great responsibility! And a cool costume... But Jobs doesn't have one of those yet... His ego's already inflated enough as is, right? :D

Aetyr, Safari isn't blocked, it works and has worked.

Here's the quote from the WSJ you may have misread:

Update: We just spoke to PayPal. It seems we in the media are reading too much into this. It will block people using old browsers and old operating systems, but contrary to many reports it will not block Apple’s Safari browser.

As for harvesting MoblieMe addresses, this is HARDLY a new tactic, my old Mindspring account (Or before that, Netcom) over TEN years ago had my username in it, and was an easy way to figure out my email. You need to get your tech news from more than the Reg if that's what you're doing, their reporting is not somehow less flawed than others :) As for spam, from what I know of friends who have .mac/MobileMe the spam filtering is very good. Personally I don't use M-Me, have no use for it.

The ability of bot armies to spam all permutations of e-mail addresses in parallel makes pre-validation unnecessary. Many spamming bots are also aware of misconfigured/broken mail servers that will route undeliverable mail to a second e-mail address to double the odds of delivery.

I doubt Apple's WebDAV is implemented in a way that allows harvesting of unknown accounts. WebDAV is a resource hog even when used correctly. Allowing deep traversal from the top level would wipe out their servers in no time.

If there's going to be WebDAV abuse, it will be for illegal file sharing. Will Apple play whack-a-mole with everybody using "12345" as their password or will they do like Google and let an algorithm badly guess what account is being abused?

Well I get 10 x as much spam on my gmail account as I do on .mac - and I've never distributed the gmail address - so I say this is yet another bogus Apple security story. Sorry the sky isn't falling, yet again.

BoohoohooI I get spam on my .Mac/.Me Mail only once in a blue moon! No court suit money here for me!

I've been a .mac user for a couple of years and have never, ever received spam mail to my mac address!

It may not be a crawler but one way it could work is just like a brute force password cracker. Starts with one character and adds more and more till it hits the right one.

On a side note maybe the real Webster was abucted by aliens which is why the new one is so nice. Dear god THEY KILLED WEBSTER. . .THOSE BASTARDS

Hmmm, new line for PC to Mac "Gee your Mobile Me is such a great system truly fantastic , but its best feature is that it does not work with either "Vista" or "Windows 7" and oh have a nice phishing day too !" .

Have to agree with the other users that actually have a MobileMe account, I've recieved 0 spam mails during my 1½ of having the service. Getting huge loads to my Gmail/Hotmail, it would be a lot easier to just spider the web for emails or simply guess the addresses than using the idisk folder for this.

"Non-story" and "Bandwagon".

There are a lot of ways of getting people's email addresses, and there are a lot of ways that are a darn-site easier than this.

Mine's the one that's just had "FAnboi!!1!" written on the back... in silly-string...