Slashdot Mirror

← Back to Stories (view on slashdot.org)

Safari Security Hole Allows Cookie Theft

Posted by pudge on from the shut-it-down dept.

An anonymous reader writes "MacSlash posted a story about a vulnerability in Safari. The exploit allows someone to steal any of your domain-based cookies (passwords, private info, etc.) from any website. Mozilla and Internet Explorer had the same bug in the past."

3 of 70 comments (clear)

  1. Should watch similar products by shaka999 · · Score: 3, Insightful

    Just goes to show that companies should closely monitor security holes in competing products.

    --
    One should not theorize before one has data. -Sherlock Holmes-
  2. Re:Sweet karma by Anonymous Coward · · Score: 0, Insightful

    Too much effort - it's so much easier than that. Apple rules! They handled it better than MS would have! Now mod me up.

  3. Fix it, but... what's the fuss? by jtheory · · Score: 4, Insightful

    The exploit allows someone to steal any of your domain-based cookies (passwords, private info, etc.) from any website.

    Any security hole should be fixed, but this is not as serious as they make it sound.

    Passwords? Private info? What serious web developer would be keeps these in a cookie? Cookies are not secure. They are stored unencrypted on the user's hard drive (where they are easily rifled through), and (as mentioned) there have been plenty of bugs in the past that have made their data accessible to John Q. Hacker.

    Cookies are mostly used for storing session ids, or another meaningless number that links back to the real info stored in a database on the server (yes, you don't want a hacker reading your session id, but this is a much lower risk).

    This is not just for security reasons -- it's because cookies are not reliable. Cookies get wiped out all the time (all browsers that I know of let you delete them, and I see lots of ads for software that offers to manage, delete, filter, or "clean them up" for me.

    Also, cookie size is limited (and does this differ on the diff browsers? I know GET request size does), so you could screw yourself over if you were storing a user's personal info and their address was really long.

    Why would you store username/password data in a cookie anyway? Most browsers do this for you now, *and* they are more secure about it. Hm.

    These are the best practices I was taught, at any rate. I didn't checked slashcode before posting this... and I suppose it is true that best practices are not always followed.

    Does anyone have a real sense of how often sensitive data is stored unencrypted in a cookie?

    --
    There are only 10 types of people: those who understand decimal, those who don't, and, uh, 8 other types I forget.