Clear Text

I'm wondering if there is a way to mod this to use an SSL connection so that usernames and passwords are not transmitted in clear text but then again I'm not sure they really are so I guess that's my first question.

Are usernames and passwords transmitted in clear text?

i see im not totally alone in wanting to wrap this in ssl good thing

I wouldn't worry too much about it as my friends and family can be limited to one login passwords can be changed and bandwidth can be controlled, but I added a download button for me and I don't want people downloading my music )

Well the autentication style is secure as it is, im sure it is. Jsut packet sniff yourself to check if it isnt.

ethreal doesn't like to sniff the loopback interface very much, is there another good sniffing program out there?

run a MITM attack on yourself then sniff. so you will be sure to capture all your packets

I haven't really seen a point yet with adding any security on the datatransfer between server and client, like SSL or HTTPS. Mostly cause I haven't though there's any private information to protect really..
but.., since there has been a few people wondering about implementing it, I'll look it up and see how much work it would mean to stuff it into the vibe server.. no promises made at all, but I'll get back to it when time allows..

well its no personal data transfered, but might be *whistles* some not as proper mp3's playing, and some people, who lives in countries where they've started a witch hunt for certain types of people, that doesnt want to show the header saying "Metallica.PROPER.MP3-LoL" being said all over their network or throu their ISP.

Guess this is easily solved by using VPN/SSH tunneling, but ssl or https would be an easier solution.