Login Information sent via Plain Text
How about not sending our login information over Plain Text?
How about not blocking my Twitter when I tweeted at Tupper about this major security issue?
Before anyone says I violated ToS to get this information:
This can easily be seen through any sort of network packet management software.
Specially those designed to inform you when your information is being sent in an insecure way.
Log In
MrAlex
I can understend why they would be angry about saying stuff like this in pubblic (even if it's extremely eccessive to block you)
You should disclose major security issues in a private manner, for example: mailing vrchat about this
I'm not against the fact that you want vrchat to be better but know that you are putting at risk everyone by making people aware of this, and yes, the bad guys are included
Next time, disclose it privately and wait a bit, if there is no response/fix, feel free to pubblish it publicly
+1 from me
MrAlex
I didn't know that, you probably made the right choice
★ Klonoa ★
MrAlex: Gonna be honest, but i dont agree. If people's login info are just being thrown around like pieces of paper in the wind without even any sort of encryption, then people really should know about it. Especially if it hasn't been addressed in a long time. Thats how people get their account hijacked. And even worse for them if they have the same passsord for multiple accounts, which is already a bad idea.
The more people that know, the more pressure to do something about it.
MrAlex
★ Klonoa ★: i was just pointing the "safest way??" from my prospective, since it's a old issue, i agreed with herp (yea im bad at explaining myself)