Security: No Encryption for Sync between Mac and iPhone

From the closed 'Things' forum:

There's no encryption for the synced data between 'Things' on the Mac and 'Things' on the iPhone (or iPod Touch):

[www.macmacken.com]

An encrypted wi-fi network is only a protection against this security flaw if only one user or only trusted users are only in this particular network. In public wi-fi networks or in networks where you cannot trust every other user, 'Things' sync is a security risk.

When is Cultured Code going to address this security issue? Why was this bug even allowed to become part of a release version?

The Things sync mechanism uses Wifi connections only. As a result, the syncing process is as secure as any other network traffic within the same Wifi network. If you, or your system administrator, enabled encryption in your wireless network, any data transmission already happens securely.

In cases where only unsecured Wifi networks are available, you always have the option to create a Computer-to-Computer network (see our FAQs: [culturedcode.com]). In this case, only your Mac and your iPhone/iPod touch share a secured network.

In addition, the next major release of Things for the iPhone (1.4) will not transmit data in human-readable form anymore.

In addition, the next major release of Things for the iPhone (1.4) will not transmit data in human-readable form anymore.

ROT13? ;)

Seriously, how do you define 'non human-readable'?

Could well be binary or something. Depends on the data format no? I'd think compressed blocks would be a lot more efficient on the wire than clear text XML, so it could be a win-win.