[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Facebook insecure by design

Subject: Facebook insecure by design
From: lou at metron.com (Lou Katz)
Date: Mon, 24 Oct 2011 09:57:38 -0700
In-reply-to: <[email protected]>
References: <CAK4no05kjX8Uy+iOy-nOOt5TsFcA8CSufLJ8WUc4D1OX5gj5FA@mail.gmail.com> <[email protected]>

The real question is why the referrer field was not under user control
in the first place. Having to never click on a link, but rather to
cut and paste it into the address bar is not a satisfactory work-around.

Still, why has it not been put under user control, now that we have a better
appreciation of the hazards of that information leakage?
-- 

-=[L]=-
Reassembled from random thought waves

This is not a signature line.

References:
- Facebook insecure by design
  - From: steve at pirk.com (steve pirk [egrep])
- Facebook insecure by design
  - From: bonomi at mail.r-bonomi.com (Robert Bonomi)

Prev by Date: HE.Net 6TO4 relay
Next by Date: HE.Net 6TO4 relay
Previous by thread: Facebook insecure by design
Next by thread: Facebook insecure by design
Index(es):
- Date
- Thread