http://www.macnn.com/articles/01/12/05/reader:.idisk/
Reader: iDisk passwords safely transmitted
updated 08:00 am EST, Wed December 5, 2001
",
0, 0);
A MacNN reader writes about a quiet update in OS X 10.1.1:
"I just upgraded to 10.1.1 while doing some work on my home network, (I'm setting up a firewall) and I noticed something...In the course of sniffing my network traffic I noticed that my iDisk name and password is not sent in the clear (basic authentication) anymore. It seems that Apple must have switched the authentication scheme to digest when they released 10.1.1 Now iDisk is as secure as all those banking and online broker sites. DIgest is a secure one way hash that can't be decrypted. Both sides use the algorithm to encrypt the name and password and compare the result."
