Peach uses TLS to secure comms to their peachapi servers, yet transmits username and password unencrypted over it = easy mitm attack :(

Alex Waddell @alexwaddell