IM, Email Passwords Are Stored as Plain Text
 

See bug 8146

Re: Warning - Exploit found, keep N900 to yourself until it's fixed!
 

Well, this doesn't seem to apply to my device. Isn't this only if you've taken a full backup?

Re: Warning - Exploit found, keep N900 to yourself until it's fixed!
 

file:///home/user/.rt-accounts/accounts.cfg
could not find there but here:
file:///home/user/.rtcom-accounts/accounts.cfg

Re: Warning - Exploit found, keep N900 to yourself until it's fixed!
 

Oh.. now i see... That's just plain stupid...

Re: Warning - Exploit found, keep N900 to yourself until it's fixed!
 

Very nice catch, already verified that

file:///home/user/.rtcom-accounts/accounts.cfg

in Web let me know all my friends' IM passwords in their N900.

Re: Warning - Exploit found, keep N900 to yourself until it's fixed!
 

also I've noticed that the autocomplete function caches my passwords too. Yesterday a frend of mine was composing an email with my N900 and the device suggested my passwords to him. Grr

Re: Warning - Exploit found, keep N900 to yourself until it's fixed!
 

Well, to put things into perspective I believe that not having them there in plaintext would only serve as making it slightly more difficult to do this as the software still has to decrypt and send the passwords when logging in and it would not be a major problem to snatch them if you have physical access to the system said software is running on.

Re: Warning - Exploit found, keep N900 to yourself until it's fixed!
 

I just tried that and as far as personal information goes it only contained my login, not password (never taken a backup if that were to make a difference).

Re: Warning - Exploit found, keep N900 to yourself until it's fixed!
 

i have skype and google talk installed and it seems like i have google talk passowrd in plain text.

.edit
skype is also in plain text and i have made backup

Re: Warning - Exploit found, keep N900 to yourself until it's fixed!
 

Think it's already been reported and was fixed in PR1.1?