Re: [Linphone-developers] Fwd: Website not secured

Hi,

Thank for you for noticing that the page free-sip-service.html was not served forcibly over https.

We just modified the apache configuration and our script and now it works over https.

The password choosed by users is stored in ha1 format in the database.

Best regards,

Simon

2016-11-30 17:18 GMT+01:00 Ovopack <address@hidden>:

I've just got the answer to my second question : NO!

A robot just sent me bask my password via mail... no serious!
-------- Forwarded Message --------

Subject: Website not secured

Date: Wed, 30 Nov 2016 17:14:44 +0100

From: Ovopack <address@hidden>

To: address@hidden
Hi the developper team.

After registering in your website to get a sip adress, i've been 
surprised to see that your website in not secured!

How can you accept to let the users subscribe to use Linphone (a good 
app that can use a crypto algorythm) if the connection to register in 
not even secured by SSL?

In your database, are the passwords hashed (SHA) or let in a visible way?

Because of this 2 points, some may says that there is no difference 
between Skype (as everybody know to be spy) and Linphone.

I let you check the attachement picture.

Otherwise, keep going, that a nice app!

Regards, Ovopack.
_______________________________________________
Linphone-developers mailing list
address@hidden
https://lists.nongnu.org/mailman/listinfo/linphone-developers

From:	Simon MORLAT
Subject:	Re: [Linphone-developers] Fwd: Website not secured
Date:	Thu, 1 Dec 2016 12:04:57 +0100

Subject:	Website not secured
Date:	Wed, 30 Nov 2016 17:14:44 +0100
From:	Ovopack <address@hidden>
To:	address@hidden