agileaholic :)

Java, groovy, grails, hacking and more…

«
»

NONOH – NO Security

Posted by Prabhu Beeman on July 8, 2008

I stay away from India and had to use some cheap voip service to call back home.

I used nonoh, pretty cheap so you have to compromise on the quality.

Well, i realized very recently that i need to compromise even on the security aspect of it.

When I login to the application they are passing the username and password as part of the url (a GET request). Well, the username and password is encrypted. But it didn’t take me more than 10 secs to know that they use ROT13. Probably might help you protect from lame users but not from the ever watching nerds.

This entry was posted on July 8, 2008 at 7:33 pm and is filed under agile. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <pre> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

«
»