Loading Profile...
Use https instead of http for twitter.com
Tweetie communication with twitter.com goes over http instead of https.. Which means the password can easily be hijacked.
I’m happy
81
people have this problem
I have this problem, too!
Tell me when someone solves it.
The more people who report this problem, the more it gets noticed.
The more people who report this problem, the more it gets noticed.
The company marked this problem solved.
The best solution from the company
-
1.0.1 is out, fixes this.
Tweetie -> Check for Updates...
Sorry about that - really bad goof on my part.
I’m sorry!
The company and 12 other people say
this solves the problem
Create a customer community for your own organization
Plans starting at $19/month
-
Inappropriate?This needs to be changed. I use Twitter at work and don't want my password getting sniffed.
I’m angry
-
-
-
Inappropriate?plaintext password being sent over http? yeah, i don't really like that
I’m disappointed
-
Inappropriate?My company blocks http so I can't even try it if I wanted to. Please add https support. Thanks.
I’m sad
3 Comments Add a comment
This solves the problem
-
Your company blocks HTTP but allows HTTPS? -
Yes, they do the same with Meebo and Gmail. Strange.
-
Clarification, they don't block all http connections just to some specific sites.
-
-
Inappropriate?OAuth! ;)
1 person says
this solves the problem
2 Comments Add a comment
This solves the problem
-
OAuth makes absolutely no sense on a desktop application. I'm sorry.
-
I completely agree - OAuth should be used in this case - it suits desktop apps as well as web apps
-
Inappropriate?I do most of my work in a cafe environment, so having any twitter traffic transmitted in the clear is really unacceptable. I'll continue to explore Tweetie for the Mac at home, where I control the network but for the bulk of my time Tweetie won't be usable because of this.
I’m disappointed
-
-
Inappropriate?Definitely in agreement https needs to be used for security reasons. Given the polish the iPhone app got, I'd expect this will be updated soon enough.
I’m patient
-
Inappropriate?Eek. Didn't know about this! Definitely don't like my twitter password's transmitted over non/ssl. I only work not-at-home 1ce a week, but I'm still concerned :)
I’m certain this'll be fixed soon because loren is awesome ;)
-
Inappropriate?If the password is being passed over plain text this is a major and shocking problem. If OAuth is being used that is a different story. Please make sure our communication is secure.
I’m anxious
-
Inappropriate?1.0.1 is out, fixes this.
Tweetie -> Check for Updates...
Sorry about that - really bad goof on my part.
I’m sorry!
The company and 12 other people say
this solves the problem
5 Comments Add a comment
This solves the problem
-
Awesome. Thanks for the quick fix!
-
Awesome feedback response atebits. Thanks for keeping us updated! I also noticed there's an auto-update added to 1.0.1. Good job on quickly squashing this issue!
-
Way to fix that within 12 hours! AMAZING!!!! @atebits Rocks!!!
-
Thanks for being so responsive to this issue.
-
Fantastic thanks!
-
Inappropriate?how good is that - atebits fixed it within hours. One more bout of responsiveness like that and I'm going to pay for a license ;)
I’m thankful
1 person says
this solves the problem
1 Comment Add a comment
This solves the problem
-
Agreed.
-
Inappropriate?Great, thanks! I can confirm that it does connect to twitter.com on port 443, according to my logs. Is it only using this for initial login purposes, or are all communications with the site via https? I'd prefer the latter -- as much encryption as possible, even for something basic like Twitter.
I’m undecided
1 Comment Add a comment
This solves the problem
-
Using Little Snitch it looks like all traffic use https except for searching and some image storage stuff.
