ok, this isn't really about punishing email forwarding (actually quite useful) or breaking into dorms (already quite easy). it's about the personal information of princeton students, faculty, and staff being exposed by princeton's lax LDAP security settings. LDAP is what lets your email client auto-complete princeton email addresses, but as this site shows, it can do a lot more than that.

this site certainly raises privacy concerns of its own. that's why i picked vacation auto-reply messages and email forwarding addresses: they're relatively harmless pieces of information, but you probably expected them to be private. a more malicious version of me could have picked any number of other publicly accessible pieces of data, though: dorm room, mailing address, and university ID number, to name just a few.

(that said, if you're affiliated with princeton and would rather not have your information searchable through this site, just let me know.)

for even more about this issue, refer to my blog post introducing this site.

contact the oit person office, either via email or by creating a support request (princeton login required, select "Online Directory Information & FERPA"). let them know your opinion on whether or not the kinds of information mentioned in the previous paragraph should be public.

oh, and tell your friends about this site. thank you for helping!

concept inspired by please rob me. fonts by pablo impallari and steve matteson. data, of course, provided by oit.

thanks to z / y / f, this site isn't worse than it is.