Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Dangers of Improper Cookie Use

Posted by CmdrTaco on

shifted89 writes "Over the last year, the security community have exposed web application security for what it is — extremely lacking. However, for all the focus on XSS, CSRF, history stealing, etc., not much attention has been given to the cookie. Unfortunately, cookie misuse can be just as dangerous, if not more so than XSS attacks and InformIT illustrates why. In short, the author clearly demonstrates what can happen when a website improperly uses cookies for customer tracking — including a working illustration."

4 of 191 comments (clear)

  1. Old News by MyLongNickName · · Score: 4, Funny

    Cookie misuse has been chronicled here

    --
    See my journal for slashdot ID's by year. Mine created in 2005. http://slashdot.org/journal/289875/slashdot-ids-by-year
  2. Cookies? Javascript? Etc? by Anonymous Coward · · Score: 5, Funny

    I disable them all because I hate any innovation of the web past 1991. Anyone who disagrees with me is wrong. This article is proof.

    1. Re:Cookies? Javascript? Etc? by kalaf · · Score: 4, Funny

      High resolution porn? No wait, I take it back!

  3. Obligatory Simpsons reference.... by Illusion2269 · · Score: 5, Funny

    Mindy: What's wrong?
    Homer: Oh, yeah, like you don't know. We're gonna have sex!
    Mindy: Oh...well, we don't have to.
    Homer: Yes we do! The cookie told me so.
    Mindy: Well...desserts aren't always right.
    Homer: But they're so sweet!