Uh, that's not cool at all.
You know SMTP is a plain-text based protocol, right? The main reason no one has done one of these before is due to the security implications. Not only that, but everybody who uses your client is potentially giving away their password.
2002-07-24 01:37 pm (UTC)
You know that http is a plain-text protocol as well, right? Logging in to lj via the web browser or a client is no more or less secure than via email. When lj starts using either digest http authentication, or authenticating over an ssl connection, then i'll worry about the plain-textedness of the other clients i work with/on.
And... you're going to have this issue with -any- proxy based access to lj, be it through your corporate proxy server, or any of the wap clients (which never go directly to lj either), etc...
I wrote this specifically on the request of a handful of people i know who only have email access at work (and built off of a similar core base to an email aim client that i wrote). Figured other people might find it useful. (And in the near future, the code will be up for downloading, so if one is worried about the 'passwords going through someone else's server' thing, they can run it for themselves).
I'm sure you'll have similar objections to the aim-lj client that i'll probably be posting up in the next few days, consider this reply to apply to that as well.
Actually, when you login on a client, your password never goes to the server ... the MD5 hash does.
Right in the middle of when LiveJournal is promoting SAFE password handling and having not-easy-to crack passwords, this comes out. I don't know if this is meant to help the LiveJournal community or not, it surely seems like it wouldn't. I'd imagine the only users that'll use this are ones totally oblivious to the major security implications that arise with this method of posting.
MD5 or not, the Web client (which is what a mere 77% of LJ posts were made with) uses HTTP cleartext.
While I don't think an email client is particularly secure, I hardly find an email client to be any *more insecure* than what's currently out there.
Also, since you didn't know about all the other clients using MD5 hashing, I support your back-end just completes the request to LJ in plaintext. So anybody on the same network/host as hitjam.com could sniff all outgoing connections from your server and gobble them up.
2002-07-24 02:02 pm (UTC)
I actually do know about the hash, but you know what, if someone sniffs the hash, it can still be used. All it protects is against someone getting the password itself, but if i have the hash, it's trivial to hack a client to send whatever hash i tell it to, as opposed to the password. It's slightly more secure, but not significantly so.
(And yes, my library doesn't hash at the moment because there was other, more basically functionality i wanted in place first, and i didn't see the hash as being significant enough to getting things working).
You want more secure? Go challenge/response. Still crackable, but it'd be much more work than just sniffing it. Want even more secure? Wrap the whole thing up in ssl so that sniffing isn't even an option. Support that, and i'll add it into my clients. In the meantime md5 hash will be added when i get to it (which should be soonish anyway).
In the future, trying being a little less condescending and reactionary in your initial post... this -could- have been a good conversation about client security and alternative methods of client access (and it could still turn into that if you calm down a little bit) - which is always a good conversation.
Uh, Livejournal told me my password wasn't secure and suggested I change it. Then when I changed it it emailed it back to me in plain text. Yeah, real secure there.
mm, yes, but I got the same message and my password was a non-phonetically-spelt Japanese word with random punctuation and capitalisation. Muh. If that's in their dictionary, I'm scared.
Ok, I'm an east coaster and use the LJ Win client but thought I'd give the email a try, only problem is that I posted an entry with my pc's date of 12:47 and the mail gateway is trying to post a new entry that's timed 40 minutes prior and giving me fits because I'm not using the backdate feature. Is that a non-supported option or did I not read my /help carefully enough?
2002-07-26 11:51 am (UTC)
Ahhh - i see the problem - I wasn't explicetly setting the time. I don't have my dev laptop with me here at work, but that'll be an easy thing to work in. (And actually, that'll go into the generic library i'm using - i'm still debating whether or not to release the library when it's mostly finished, or whether i should convert the whole thing over to using the xml-rpc interface)
(The time difference strikes me as a bit odd, 40 minutes off is strange - my box is sync'ing its time via xntp).
The question is, should i go by the time that's in the mail sent to me, or the time on the gateway *ponder*
Actually, the 40 minutes only appears strange. I wrote my entry at 12:40 my time (9:40 Pacific). Then I was trying to email at 15:00 my time (12:00 Pacific) which is why it appears 40 minutes off.
I'd recommend either use the time in the mail sent and/or add a /date function.
2002-08-25 09:22 pm (UTC)
Any chance this is open source? I'm looking at implementing my own for personal (and more secure) use. I like the concept, and this is the missing link in my planned SMS -> email -> LJ functionality. I'm considering hardcoding the username and password (since it's for personal use) so that I can maximise the number of available characters from a mobile phone.
I guess it would be implementation specific though. (mine will be linux/perl based from a procmail filter)
I know I'm coming a little late to this party, but let me just say, I second the motion... I would like to be able to mail entries to my own server where a script is waiting to turn them into LJ entries. Something like a perl script that uses existing mail-parser modules and LJ::simple might work... but I don't want to write it if someone has already done it.
Applause for creating the gateway, and please don't mind the nay-sayers.
Does this still work? I tried it today but the update hasn't showed up.
Also, you might want to know that the mailto address in the /help email is misspelled, resulting in "error: tapam.net is an unroutable host" when one tries to click it to send a msg. :)