|
|
|
|
|
|
by planckscnst
4657 days ago
|
|
|
So, in my office, we needed a way to communicate passwords with each other; we hadn't gotten everyone on board the GPG train yet, so we setup an IRC server with SSL for that purpose. ...then we found out someone was connecting to it with a web-based IRC client. |
|
|
The general opinion appears to be that people really don't give a rat's ass about securing themselves on IRC. People run IRCd's and their IRC clients on multi-user shell services for a suspicious little amount of money per month just to be able to claim they have their own server and to get a cool virtual host from the huge list that many of these shell providers have.
Recently people are starting to use "bouncer" like web services that keeps them connected even when their browser isn't attached to their session. This basically means that you do not own your connection to the IRC server which also have security and privacy implications.
We can't change people over night, but hopefully we can slowly plant a seed that will make people think about what they do and how they do it.