[sudo-workers] lack of mailling list security

Eric Haszlakiewicz erh+sudo at nimenees.com
Thu May 1 11:51:27 EDT 2008


Does anyone else fine it ironic that a mailing list for a very security 
 oriented program sends out everyone's passwords in plain text emails?
Logging into the website isn't all that secure either.  The certificate
 for the site is for a completely different hostname, but it doesn't matter
 because even if you type in "https", the form on that page _forces_ you 
 back to a non-SSL login.

eric



More information about the sudo-workers mailing list