One critical security flaw...
Daniel Atallah
daniel.atallah at gmail.com
Tue Jan 12 18:35:08 EST 2010
On Tue, Jan 12, 2010 at 18:33, Sarah Pillsbury
<shodan_is_grood at yahoo.com> wrote:
> Saved passwords are stored in plain, human-readable format. Why should this
> even be considered as a viable method of storing login information when we
> live in an age that malware often searches for such things on their infected
> hosts, using this info to open avenues with which to spread itself!? I'm no
> programmer and I know that the most major of issues with open-source
> software is the same as its benefit (anyone can look through its code to
> deconstruct how it works, ) which may negate most of the usefulness of
> encrypting such information, but surely some bit of encryption could at
> least partially stave off the prying eyes of real, living snoopers who know
> where to look for that vital information they need to screw their
> Pidgin-using target over with.
http://developer.pidgin.im/wiki/PlainTextPasswords
-D
More information about the security
mailing list