Disclose.tv doesn't use encryption for logins!

[Koopatroopa Profile]

However it is all basically a mind game for consumers who think it gives them security when it doesnt really, but its presence being there is basically just a sign to those who might hack/script that it may be better finding other targets. However it is basically nothing more than a sticker in the window in reality saying don't look in here. So it works both ways, those kind of certificates can also make those who are dark hats interested.

Not exactly. SSL is secure socket layer encryption. It uses the SHA-256 algorithm which is one of the hardest to break. Assange used AES-256 to encrypt his insurance files for wikileaks. It would take hundreds to thousands of days of gathering traffic and an extremely gifted mathematician to calculate the encryption key. I'm just letting people know that your username and password are exposed to anyone on the internet. I would suggest changing your password at a minimum if you use it with any other accounts.

Just think about how many accounts you use the same password as your disclose.tv for. All it would take it is to get a few of your usernames and this password to get into all of those accounts.

I suggest checking out LastPass it stores all your passwords in a hashed format that is browser indepedent and will randomly generate new passwords for you that you don't have to ever remember. Paired with a Yubi key you'll be safer than most NSA/FBI/CIA users.

https://lastpass.com/

and it's free

[Edgarrothstein Profile]

I must get me one of those Internet For Dummies Books, 'cause I havn't a clue what's being talked about here!

It's quite simple.
For example, if you use unprotected (or WEP protected) wireless connection, and assuming that he is armed with right software, any idiot can see your password when you login to DTV :



Although some software, such as Ettercap, are capable of sniffing secure passwords as well...

[Poooooot Profile]

Wow. It's not like anyone stores private information on here... But if you use the same password here as you do, say, for internet banking... Then things could get bad. Fast. I mean, if you signed up with the same email address you use for internet banking.... OR if your email password is the same as the password you use here, then someone can basically get into anything they wanted.

Scary shit, mayne.

I think I'll be changing my password to something really dumb.

[Edgarrothstein Profile]

Wow. It's not like anyone stores private information on here... But if you use the same password here as you do, say, for internet banking... Then things could get bad. Fast. I mean, if you signed up with the same email address you use for internet banking.... OR if your email password is the same as the password you use here, then someone can basically get into anything they wanted.

Scary shit, mayne.

I think I'll be changing my password to something really dumb.

Yeah. And with a bit of social engineering ( http://en.wikipedia.org/wiki/Social_eng ... ecurity%29 ) they can own your ass in the matter of hours...