what data transmission with tor is a security risk ?

[Brendan Dolan-Gavitt]

On 8/18/06, Arichy <arichy at fernmeldung.de> wrote:
> [...]
> I think with .htaccess authentication the passwort is transmitted
> encrypted? But if the Password is weak, the sniffer can easily do an
> brute force attack at home...

It depends on the authentication scheme used--Basic authentication
just sends the username and password encoded in base64, and is
basically as bad as plaintext auth. If the server uses digest
authentitication, however, you're correct.

-Brendan