Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
evgen
on Feb 10, 2010
|
parent
|
context
|
favorite
| on:
Facebook Chat supports Jabber now
Jabber support for FB Chat is nice, but failing to support SSL/TLS is not really acceptable...
aaronblohowiak
on Feb 10, 2010
|
next
[–]
When would you use FB chat and care about the privacy of the communication?
evgen
on Feb 10, 2010
|
parent
|
next
[–]
When I am using a real Jabber client.
compay
on Feb 10, 2010
|
parent
|
prev
|
next
[–]
At work, probably.
aw3c2
on Feb 10, 2010
|
parent
|
prev
|
next
[–]
This includes the login I guess...
philfreo
on Feb 10, 2010
|
root
|
parent
|
next
[–]
can someone confirm that login info is sent in the clear? that's pretty terrible.
kam
on Feb 11, 2010
|
root
|
parent
|
next
[–]
They claim they're using DIGEST-MD5, so not quite plaintext, but a broken hash algorithm
http://www.facebook.com/help/?faq=16742
http://www.facebook.com/help/?faq=16741
j0
on Feb 11, 2010
|
root
|
parent
|
prev
|
next
[–]
yep. they could have at least supported SASL to have the login info encrypted and then transport the rest of the stream unencrypted, but they did not.
presto10
on Feb 10, 2010
|
prev
|
next
[–]
Where does it say SSL/TLS is not supported?
natrius
on Feb 10, 2010
|
parent
|
next
[–]
When you try to connect with "Require SSL/TLS" enabled.
zppx
on Feb 10, 2010
|
parent
|
prev
|
next
[–]
Just check the instructions for iChat it clearly says to uncheck SSL.
rlpb
on Feb 11, 2010
|
prev
[–]
Has the AJAX-based chat built into the web application ever been encrypted?
Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
