Ah ok, I thought it was something special because of all the PGP/encryption stuff.
Don't know if Yahoo or Gmail can do PGP stuff, so wont bother with that.
Was thinking of looking for a scanner thing to automatically pick up vulnerabilities before they hit security places - we use one at work, but it's expensive... I'm sure there's a free one somewhere though.
I've been using Acunetix WVS5 recently but the free version is quite heavily restricted and will only check for the more basic XSS exploits plus it takes an aeon to do anything so scanning for flaws takes at least several hours, especially on a project like Beehive.
I know nothing about this stuff, including what it is and isn't safe to say in public without giving too much away, but I'm curious to know more. What damage could someone do with this vulnerability? Big damage?