On 25/08/2016 10:58, Hohl, Gerrit wrote:
But if that person sniffs the IP traffic on 127.0.0.1, he/she may be able to read the boot password as well as user and password.
And of course IP traffic to 127.0.0.1 should *never* go outside the local machine, according to the spec. So any sniffer would have to be logged in on the local machine itself, in which case you're probably in trouble anyway.
-- John English
