Comments on: The Good, the bad and the ugly: WordPress, Scribefire and Wireshark http://www.mckeay.net/2008/03/20/the-good-the-bad-and-the-ugly-wordpress-scribefire-and-wireshark/ The views of one man on security, privacy and anything else that catches his attention. The views expressed on this blog do not reflect the views of my employer or anyone other than myself. Thu, 02 Feb 2012 21:45:54 +0000 hourly 1 http://wordpress.org/?v= By: Mike http://www.mckeay.net/2008/03/20/the-good-the-bad-and-the-ugly-wordpress-scribefire-and-wireshark/comment-page-1/#comment-3941 Mike Sun, 07 Dec 2008 08:05:53 +0000 http://www.mckeay.net/2008/03/20/the-good-the-bad-and-the-ugly-wordpress-scribefire-and-wireshark/#comment-3941 Sort of disheartening to be reminded that for all the strength you can try to put into your passwords and accounts, in the end it's still up to the site or the application to make proper use of them and keep them secure while they get to where they're going. Also I see the https -> http issue quite often when logging in to email and other sites. Not something I like seeing either. Sort of disheartening to be reminded that for all the strength you can try to put into your passwords and accounts, in the end it’s still up to the site or the application to make proper use of them and keep them secure while they get to where they’re going. Also I see the https -> http issue quite often when logging in to email and other sites. Not something I like seeing either.

]]> By: Sebastian http://www.mckeay.net/2008/03/20/the-good-the-bad-and-the-ugly-wordpress-scribefire-and-wireshark/comment-page-1/#comment-1500 Sebastian Wed, 26 Mar 2008 03:19:26 +0000 http://www.mckeay.net/2008/03/20/the-good-the-bad-and-the-ugly-wordpress-scribefire-and-wireshark/#comment-1500 I ran into the issue with passwords also. One of the best tools that I have come across (and best of all it's free) is PasswordSafe. It's like ScribeFire, except it's a local program on your machine: http://passwordsafe.sourceforge.net/ I ran into the issue with passwords also. One of the best tools that I have come across (and best of all it’s free) is PasswordSafe. It’s like ScribeFire, except it’s a local program on your machine:
http://passwordsafe.sourceforge.net/

]]> By: Mark Palmer http://www.mckeay.net/2008/03/20/the-good-the-bad-and-the-ugly-wordpress-scribefire-and-wireshark/comment-page-1/#comment-1441 Mark Palmer Fri, 21 Mar 2008 16:38:37 +0000 http://www.mckeay.net/2008/03/20/the-good-the-bad-and-the-ugly-wordpress-scribefire-and-wireshark/#comment-1441 Have you experienced the following: 1. Login into secure webmail site (e.g. httpS://example.com) 2. Then auto-magically it drops the secure connection (e.g. http://example.com) My ISP's webmail service does this. That and the amount of ads they've placed onto the webmail interface is really annoying. You can read more about my rant at http://marktpalmer.com I was wondering if an ISP could be liable for any security issues related to having customer email pass through in clear text. I presume ISPs do this just to save a buck (are they really saving on the costs of SSL connections for webmail connections?). Regards, Mark Palmer Have you experienced the following:

1. Login into secure webmail site (e.g. httpS://example.com)
2. Then auto-magically it drops the secure connection (e.g. http://example.com)

My ISP’s webmail service does this. That and the amount of ads they’ve placed onto the webmail interface is really annoying. You can read more about my rant at http://marktpalmer.com

I was wondering if an ISP could be liable for any security issues related to having customer email pass through in clear text. I presume ISPs do this just to save a buck (are they really saving on the costs of SSL connections for webmail connections?).

Regards,
Mark Palmer

]]>