[SLL] Gmail Security Hole
Chuck Wolber
chuckw at quantumlinux.com
Fri Jun 1 12:02:23 PDT 2007
On Fri, 1 Jun 2007, Dan Wilder wrote:
> The link is to a 2004 article about cookie file snatching.
>
> One might be forgiven for assuming the mechanism for the problem below
> is something different, as it presumably did not involve Jerry's brother
> operating a website which Jerry browsed to.
>
> A bit of sleuthing is maybe called for. I expect Google will be quite
> interested.
That's an old issue. Cookies rely on the physical security of a machine.
If you log in and a cookie is saved, someone with physical access can
snatch the cookie, copy it to their machine and be logged in too. It's not
rocket science.
..Chuck..
--
http://www.quantumlinux.com
Quantum Linux Laboratories, LLC.
ACCELERATING Business with Open Technology
"The measure of the restoration lies in the extent to which we apply
social values more noble than mere monetary profit." - FDR
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
More information about the linux-list
mailing list