So, what would suffice to maintain anonymity AND the ability to send the user email notifications?
I'm guessing Hashing (not MD5 though) + Salting + throwing away the salt and bruteforcing it every time you need the plain email (you will lose the option to mass mail your users)
Even then the whole concept of anonymity AND email bound account seems kind of silly. Even if the user uses a secondary email address just for this, he still has to trust the email provider (and if he uses a throwaway, what is the point of collecting it anyway?)
This crack is proof that services that provide a fake sense of anonymity can do a lot of harm.
I'm guessing Hashing (not MD5 though) + Salting + throwing away the salt and bruteforcing it every time you need the plain email (you will lose the option to mass mail your users)
Even then the whole concept of anonymity AND email bound account seems kind of silly. Even if the user uses a secondary email address just for this, he still has to trust the email provider (and if he uses a throwaway, what is the point of collecting it anyway?)
This crack is proof that services that provide a fake sense of anonymity can do a lot of harm.