
Major Slack Security Vulnerability Discovered - adamkchew
https://medium.com/@adamkchew/major-slack-security-vulnerability-discovered-513a9fd30864
======
mattkrea
This is simply a result of using a product for something it wasn't meant for
(i.e. a hack.. or else something like
[https://github.com/rauchg/slackin](https://github.com/rauchg/slackin)
wouldn't be necessary). Very 'clickbaity'.

~~~
adamkchew
Agreed, but people are creative making slack as their community group where
people are already used to Slack. For growth hackers planning to cold email
these members can be spammy and it has already been happening in some groups
but in a smaller scale.

------
newman8r
I'd always just assumed my basic information on slack was visible to other
users on my team. I don't see this as a vulnerability.

It would be like being upset that people can see your contact info when you
join webex or some other online conferencing app.

~~~
adamkchew
Private teams are okay because your teammates are not going to do anything
evil towards you. This is more of a focus on the open community slack groups,
like SSG and iOS Developer groups that contain 5000+ community members. Most
of these groups are just open invitation that allows people to just sneak in,
take thousands of emails and pce.

------
draw_down
Just a guess, but they probably care more about selling to companies and other
organizations where team members seeing your email address isn't a problem.

------
aethant
Feature, everyone who's spent 10 minutes with the interface knows about,
exists. Add click baity headline. Profit!

