2 comments

[ 2.1 ms ] story [ 11.7 ms ] thread
DB username and password. Fuck - was pretty much waiting for something like this to happen. Just got one of these emails a few minutes ago myself. Luckily I was only using this for a toy app.
> if SSL is enabled for the agent, all data would be encrypted and could not be viewed by an attacker.

Allow me to paraphrase Ghostbusters 2:

"Ray, if an external service you're connecting your app to asks if you want to encrypt the transfer, you say YES!"