Mailing Lists: Apple Mailing Lists
Image of Mac OS face in stamp
 
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Anybody using Pantomime or mail-core framework?


On 13 May '08, at 5:40 PM, Matt Burnett wrote:

Now your talking about hackers instead of spammers.

There's not really a difference nowadays, since most spam is sent from pwned servers/PCs.

It is hard to sniff a HTTP session, you have to penetrate your victim's network enough to be able to do so.

We're talking about a downloadable app. All I have to do is download a copy of it and either sniff its network traffic, or run it in gdb and set breakpoints on likely API calls that set up HTTP authentication. Then I know the URL and password.

(None of this may be likely, but security requires thinking about the worst possible scenarios.)

—Jens

Attachment: smime.p7s
Description: S/MIME cryptographic signature

_______________________________________________

Cocoa-dev mailing list (email@hidden)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/cocoa-dev/email@hidden

This email sent to email@hidden
References: 
 >Anybody using Pantomime or mail-core framework? (From: email@hidden)
 >Re: Anybody using Pantomime or mail-core framework? (From: Omar Qazi <email@hidden>)
 >Re: Anybody using Pantomime or mail-core framework? (From: Jens Alfke <email@hidden>)
 >Re: Anybody using Pantomime or mail-core framework? (From: Matt Burnett <email@hidden>)
 >Re: Anybody using Pantomime or mail-core framework? (From: Jens Alfke <email@hidden>)
 >Re: Anybody using Pantomime or mail-core framework? (From: Matt Burnett <email@hidden>)



Visit the Apple Store online or at retail locations.
1-800-MY-APPLE

Contact Apple | Terms of Use | Privacy Policy

Copyright © 2007 Apple Inc. All rights reserved.