Submission + - Freedur VPN client exposes users
An anonymous reader writes: After investing why Freedur service ceased working inside the great firewall of china today i came across what i believe to be a "kick in the balls", a simple tcpdump reveals that the Freedur service client transmits login details containing identifying information such as email address and account password in clear form which retrieves its connection information. I believe this to be unacceptable for a service that promotes "ANONYMOUS SURFING" and "data ENCRYPTION 128bit" but yet transmit the shared key in plain text. here is what the dump contained http://freedur.pastebin.com/v44XY3A2