Password should not be transmitted in clear text
Bug #457942 reported by
Gerard Dethier
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
telepathy-butterfly (Ubuntu) |
Invalid
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: telepathy-butterfly
Package version: 0.5.0-0ubuntu3
Distribution: Ubuntu 9.10 Karmic
Architecture: i386
When connecting to an MSN account, password is transmitted in clear text, which is a very bad thing...
description: | updated |
To post a comment you must log in.
msnConnection.log contains a snippet of a log generated using following command : telepathy/ telepathy- butterfly 2>&1 | tee butterfly.log
BUTTERFLY_PERSIST=1 BUTTERFLY_DEBUG=all /usr/lib/
I extracted the part where password is transmitted to the server and replaced my password by the string "[passwordInCle ar!]".