“Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning.” - Rich Cook
Alco-Haul: We move spirits.
Demented Deliberations of a Dilettante
Originally posted by Paul Bourdeaux:
What exactly is the rumor you heard? We cant dispell or confirm any rumor about security vulnerabilities and cookies if we dont know what rumor you are referring to1![]()
[ July 13, 2005: Message edited by: Paul Bourdeaux ]
“Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning.” - Rich Cook
Originally posted by Paul Bourdeaux:
Cookies are stored on the clients computer, and are easily accessible (and editable) by both the user and any webpages they may be visiting. For this reason, you should not store any personal data in cookies, or at least not store any data that should not be shared with others.
Session hijacking is also sometimes a concern, and if so you should use SSL as Sharad suggested.
Other than that, I am not aware of any security problems with cookies.
Originally posted by David O'Meara:
There are also issues involving
* developers being careless about the data placed in cookies - imagine the ranch just put your user number in our cookie, you could become anyone just be editing the file. Don't laugh it happens to often.
“Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning.” - Rich Cook
Did you see how Paul cut 87% off of his electric heat bill with 82 watts of micro heaters? |