115
you are viewing a single comment's thread
view the rest of the comments
[-] glans@hexbear.net 1 points 1 year ago* (last edited 1 year ago)

@PaX & @EatPotatoes I tried neonmodem. Was eventually able to login to hexbear.

username and password stored plain text wtf

  • who needs spyware with such abysmal security?
  • you are much better off with a web browser
  • no mention of this in the installer, the --help, the readme, the application
  • I only found it because I was trying to troubleshoot another bug so I looked in the config file
  • PR open since June 2023; no work since July
  • another PR by different user attempting to solve the same problem but it was closed due to existing (still today unmerged) PR
  • The devs are aware since many months. Have not even bothered in any way to alert users.
  • Lack of notice demonstrates total lack of concern for users which I'm sure is manifested in lots of other ways

Lots of people share computers, they have unencrypted hdds, they have auto cloud backup etc. Hopefully no need to describe all reasons why plain text credential storage is Bad.

Like the advice to prefer clients over web, this project in its current state is plain irresponsible.

Clear from the github/website that this is intended primarily to adhere to devs' aesthetic tastes and nothing more.

this post was submitted on 04 Nov 2023
115 points (100.0% liked)

chapotraphouse

13556 readers
934 users here now

Banned? DM Wmill to appeal.

No anti-nautilism posts. See: Eco-fascism Primer

Gossip posts go in c/gossip. Don't post low-hanging fruit here after it gets removed from c/gossip

founded 3 years ago
MODERATORS