A while back I was messing with tunneling iTunes sharing through SSH. During that experimentation I noticed that there was a dynamic dns name showing up on my system of my dotMac username in this format: username.members.mac.com I found it by looking at Bonjour, aka mDNS traffic. That is kind of scary to think that anyone who knows your @me.com or @mac.com email address or iChat login could find the active IP address you are on just by resolving that name.
I revisited the issue today because I was thinking of the problem with syncing data between iPhone/iPod applications and their desktop mac cousins. Like syncing 1Password from my desktop to my iPod touch. They could theoretically leverage my MobileME user dynamic dns name to sync back to my desktop as long as I opened a custom port on my router.
Interestingly I can no longer resolve username.members.mac.com or username.members.me.com. So I am not sure if they just haven’t fixed that since the MobileME migration. Or did they realize the clear scriptable way someone could target mac users. Toss a dictionary at the front of members.mac.com/members.me.com and fire off an exploit just for Mac users. *shudder*