Pages: [1]   Go Down
Author Topic: [SOLVED] Security BUG Report: Topline shows password!  (Read 1337 times)
0 Members and 1 Guest are viewing this topic.
Copenhagen, Denmark
Offline Offline
Edison Member
*
Karma: 32
Posts: 1211
Have you testrun your INO file today?
View Profile
 Bigger Bigger  Smaller Smaller  Reset Reset

The top line shows the password, not the username, there where it says "Logged in as xyz" This also implies the password is constantly being sent in clear text.

(And no, I am not sending a screen shot ... smiley-razz)

NB: Using IE8 on WinXP in case its is browser specific
« Last Edit: January 26, 2011, 05:45:33 pm by David Cuartielles » Logged

Washington
Offline Offline
God Member
*****
Karma: 38
Posts: 790
Firefox & Arduino rocks
View Profile
 Bigger Bigger  Smaller Smaller  Reset Reset

It looks fine to me.
Of course I a using firefox which is vastly superior.
BTW the new forum is SLOW AS MOLASSES.
Logged

Avoid throwing electronics out as you or someone else might need them for parts or use.
Solid state rectifiers are the only REAL rectifiers.
Resistors for LEDS!

Copenhagen, Denmark
Offline Offline
Edison Member
*
Karma: 32
Posts: 1211
Have you testrun your INO file today?
View Profile
 Bigger Bigger  Smaller Smaller  Reset Reset

I have now tested and confirmed the error on both Firefox (Win7) and Safari (on a Mac)

I tried to attach a screen shot (slightly edited to pretoect the guilty smiley-cool ) but it failed to post with it.
Logged

Washington
Offline Offline
God Member
*****
Karma: 38
Posts: 790
Firefox & Arduino rocks
View Profile
 Bigger Bigger  Smaller Smaller  Reset Reset

I am using Windows Vista home premium with firefox 3.6.8 and it looks fine.


Uploaded with ImageShack.us
Logged

Avoid throwing electronics out as you or someone else might need them for parts or use.
Solid state rectifiers are the only REAL rectifiers.
Resistors for LEDS!

Forum Administrator
MMX
Offline Offline
Edison Member
*****
Karma: 37
Posts: 1139
hallo kompis
View Profile
WWW
 Bigger Bigger  Smaller Smaller  Reset Reset

Hej,

could you send that screenshoot to dDOTcuartielles [aT] arduino_DOT_cc ? in that way I could check it out ... your password would also help. We encode everything with MD5 and there is no way we are going to crack it.

/d
Logged

Pages: [1]   Go Up
Jump to: