Slashdot Mirror

← Back to Stories (view on slashdot.org)

How Not To Design a Protocol

Posted by timothy on from the sweet-morsels-of-logged-in-ness dept.

An anonymous reader writes "Google security researcher Michael Zalewski posted a cautionary tale for software engineers: amusing historical overview of all the security problems with HTTP cookies, including an impressive collection of issues we won't be able to fix. Pretty amazing that modern web commerce uses a mechanism so hacky that does not even have a proper specification."

8 of 186 comments (clear)

  1. The main thing is ... by thomst · · Score: 2, Funny

    ... cookies are delicious!

    --
    Check out my novel.
  2. Re:Analogy by John+Hasler · · Score: 5, Funny

    > HTTP is like a manual lawn mower.

    No it isn't. A manual lawnmower is well-designed. The Web is like a lawnmower built by Rube Goldberg out of dozens of pairs of scissors, lots of string, some boards and a child's wagon, propelled by a large dog and powered by the wagging of his tail (the cookies are to get him to wag it). It's now had a clippings bag and a fertilizer cart added following the same design principles. An automatic dandilion remover, a dethatcher, and an aerator are coming soon (and several more dogs).

    --
    Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
  3. Re:Analogy by phillips321 · · Score: 4, Funny

    You forgot to mention that the dog taking a shit is an extra add-on........Flash!

  4. Re:Analogy by peragrin · · Score: 4, Funny

    am I the only one who now wants to see that built/build it myself?

    --
    i thought once I was found, but it was only a dream.
  5. Re:Analogy by Anonymous Coward · · Score: 1, Funny

    ...which smells so bad because the dog has been fed the worst dogfood, called PHP

  6. ohhh yeah by Anonymous Coward · · Score: 1, Funny

    A session is forever

    i love your design

  7. Re:Analogy by John+Hasler · · Score: 4, Funny

    Lawn mowers, by contrast, were a 2-stroke, then 4-stroke engine with a blade and housing.

    It would appear that you do not know what a manual lawnmower is.

    --
    Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
  8. Re:Does it work ? by Saint+Stephen · · Score: 2, Funny

    Thank you, Captain Hindsight! What a complete failure the designers of HTTP were. They should've done it so much different! :-)