Existing users, 
re: sends password + email in cleartext to a third-party server - lensovet
The problem, however, is that this information is not disclosed anywhere and violates both the website Terms of Use and the developers platform Terms of Service.Apart from that, you can tell me as much as you want that the data is "safe".
Wednesday, August 08 2007 @ 01:19 AM PDT
re: sends password + email in cleartext to a third-party server - johnjacobjingleheimerschmidt
Given that facebook does sometimes ask for credit card information or cell phone numbers, I would regard cleartext passwords over the wire an inexcusable security hole. There is no shortage of easy-to-use openssl implementations.I haven't downloaded the client myself, but if the installer doesn't specifically state in a terms of service document that user logins and passwords will be stored on a third-party server, might there a violation of privacy acts in certain parts of the globe, including the US and the EU? I wonder what kind of evidence is used to file search warrants and seizure of computer equipment when someone chooses to sniff passwords off the wire, "just for fun"?
--not that Mac users have a history of excessive ligitations filed or anything.
Cheers.
Reply to This | Parent
Sunday, July 22 2007 @ 11:06 PM PDT