The Dangers of Improper Cookie Use 191
shifted89 writes "Over the last year, the security community have exposed web application security for what it is — extremely lacking. However, for all the focus on XSS, CSRF, history stealing, etc., not much attention has been given to the cookie. Unfortunately, cookie misuse can be just as dangerous, if not more so than XSS attacks and InformIT illustrates why. In short, the author clearly demonstrates what can happen when a website improperly uses cookies for customer tracking — including a working illustration."
Old News (Score:5, Funny)
Cookies? Javascript? Etc? (Score:5, Funny)
Re:Cookies? Javascript? Etc? (Score:2, Funny)
As Scott McNealy once said, "Privacy is dead, deal with it". I've extended that to security which is why I enable javascript and install the binary-only flash player which is configured to auto execute bytecode from any server on the web. In my vision of the future, anybody with disabilities, privacy concerns, security concerns or who is running something other than Windows isn't worth bothering with. Viva innovation, especially from Microsoft!
Remember.. (Score:2, Funny)
The Real Danger of Improper Cookie Use (Score:2, Funny)
Two Words: Crumby Milk
Thank You and Tip your Servers.
Obligatory Simpsons reference.... (Score:5, Funny)
Homer: Oh, yeah, like you don't know. We're gonna have sex!
Mindy: Oh...well, we don't have to.
Homer: Yes we do! The cookie told me so.
Mindy: Well...desserts aren't always right.
Homer: But they're so sweet!
Re:Cookies? Javascript? Etc? (Score:4, Funny)
Re:Old News (Score:1, Funny)
Re:Old News (Score:2, Funny)
Re:practical, perhaps? (Score:3, Funny)
Where the hell do you live? Soviet Russia?
You lie! FUD! FUD! (Score:4, Funny)
If you were really that old-fashioned, you wouldn't have to disable JavaScript. The graphical web browser was invented in 1992, so you'd be compelled to use a text-only browser, such as Lynx. And those don't have any JavaScript to disable.
You are obviously part of an Evil Conspiracy. Please rant some more so I can figure out which one.
Re:What about clipboard theft? (Score:3, Funny)
From that site:
Damn Microsoft for removing features in IE7!
Re:Cookies? Javascript? Etc? (Score:3, Funny)