A collegue has asked me to make a webcam accessible to his iPhone. Unfortunately, the images from the webcam are displayed by a Java applet, if the browser announces itself as a "mozilla". So I had to take a look at the protocol.
Passwords are sent in cleartext. Upon a successful login the client receives a "key", also in cleartext, which is then used as a directory on the web server. Fortunately, no sensitive data is protected by this mechanism...
No comments:
Post a Comment