Hello dear list,

I must say it was (is!) a very nice event here in Bern.

The wlan network here was very well used, also by people using CLEAR TEXT PROTOCOLS, which then let me discover MORE CLEAR TEXT PASSWORDS.

Just a little summary:

- about 5 people using POP3, FTP, HTTP AUTH (w/o https) - 4 E-Mail adresses containing partial customer data - one nagios system (Hey, the guy I mean should check his hosts, one has HTTPS down...) - One time phpmyadmin (!) used, the databases stored there contain clear text passwords (Partly). Btw, please fix your typo3 installation.

So far, I am happy not to have found more insecure connections.

Happy Hacking and a nice evening,

Nico

P.S.: For all those not sure, whether they are affected, simply change your password, I am perhaps not the only person that knows your passwords now.