Feeds

back to article Tumblr's iOS fix for clear-text password login howler was WEEKS LATE

Tumblr has urged users of its iOS app to put down that latte and start updating their software and changing their passwords. But it appears the selfies-rich pic app only copped to the problem and issued the fix a full two weeks after a Reg reader had first contacted it about the issue. Our source had told The Reg that he'd run …

COMMENTS

This topic is closed for new posts.
Coffee/keyboard

I don't believe it!

You (or maybe the cat) made me laugh at the sidebar photo - do I need help?

0
0
Silver badge
Paris Hilton

Re: I don't believe it!

No, but is that cat

1) Being electrocuted

2) Yawning in front of the latest episode of Itchy & Scratchy

3) Issuing a clear command to nuke the site from the orbit it's the only way to be sure

I'm not sure which.

1
0
Bronze badge
Facepalm

That's terrible!

Could you imagine sending login information over plain text when SSL is so easy and cheap to implement.

Some website owners are clueless to the risk even on forums...

You'd never catch a site like The Register, for example, doing something so basic as that... oh wait they do and expose their user's details while doing it.

Could this outrage from an El Reg user and the subsequent story not be more than a little hypocritical?

6
0

Re: That's terrible!

Yeah, it's not like i can't see my register form post with the following fields in

email

password

remember

...

Personally, i think those at the register should know better and actually fix it for the same reason. I don't care for the irony or any of that shit since as users our privacy should be respected regardless of whether we like irony or not.

You should sort that out and fast since a vulnerability is indeed a vulnerability and same passwords do exist for many people. No doubt your apps are just as guilty, but i can;t be arsed to check for you.

Get it sorted.

3
0
Paris Hilton

FileZilla still stores passwords in plain text...

And oddly that is regarded as OK. Not a security howler.

0
0
This topic is closed for new posts.