The audiogalaxy satellite itself also sends your username/password in cleartext, I think we're just supposed to assume it's not secure. The only attacks I can think of if you know the username/password is a DoS attack by filling the user's hard drive with mp3s. > Well, the cookie of audiogalaxy (www.audiogalaxy.com) on the user > system, > reveal the username and password in plain text. This maybe a small > problem, > but it will better even steal the session cookie; i think. > -- ------SupplyEdge------- Greg Hunt 800-733-3380 x 107 gregat_private
This archive was generated by hypermail 2b30 : Thu May 16 2002 - 14:23:04 PDT