LordOphidian
Adjutant On-Line
Ok, Apples implementation of WebDAV violates the standards for WebDAV and sends passwords in plaintext. This means that when you connect to your iDisk your password is sent in paintext over the net, making it possilbe to sniff your password and get access to your iDisk, and mac.com email account.
Read more about it here:
http://www.securemac.com/macosxidisk.php
Read more about it here:
http://www.securemac.com/macosxidisk.php