Hello! Life is grand is using DISQUS, a powerful comment system, to manage its comments. Learn more.
Community Page
- paulmwatson.com/journal Jump to website »
-
Subscribe -
Community
-
Top Commenters
-
Popular Threads
-
Recent Comments
- Make songbird look like spotify: http://addons.songbirdnest.com/addon/1440
- Got it, thanks Paul!
- Email me your email address so I can invite you Mike (paul@paulmwatson.com)
- Happy New Year to you, as well! I was stopping by to see if you would be willing to lend a reader a Spotify invitation. I am desperately hoping to be able try out the service. Thanks! Mike
- Nice one Jamie. Even more ironic is that that "mass production" is probably still underpaid, underage workers in some 3rd world country sweat-shop.
Jump to original thread »
While nosing around Netvibes the other day I noticed that its email widget doesn’t use HTTPS to send usernames and passwords back to the server. It is right there in the HTTP stream in clear text.
Seems a bit insecure no? You might want to avoid any sensitive data like your GMail ... Continue reading »
Seems a bit insecure no? You might want to avoid any sensitive data like your GMail ... Continue reading »
1 year ago
For something crazier, see Wordpress.com, a very popular blog site, with plain text login data sent to an http endpoint from their https page !
Madness.
Worse now imo, folks are using their wordpress.com blog address as an OpenID.
Kinda mental to think that if you make the mistake of posting about, say your ski holiday in St. Anton from a Café while your there, somebody could sniff your password, and have access to all the on-line services you use OpenId with.
I have emailed Wordpress, and posted on my test blog there, they have not responded, and today it's still not fixed !