This post is from one of several previous incarnations of this site and probably doesn’t quite fit the current format. In a former life this was a group blog and a tumblelog before it became a static jekyll site. If anything looks broken or is worded oddly that could be why. Pardon the dust.
After our recent recommendation of Audiogalaxy’s p2p filesharing software it’s interesting to see this article on Oreillynet detailing their fantastically idiotic security policy (or lack of). According to the article, logging in to Audiogalaxy points your browser at a url containing your username and password, clearly labelled and encryption free.
The extent of the problem has even been beautifully illustrated by Google’s indexing of a couple of these plaintext badboys.