I always chuckle when people claim that being able to compile from source is helpful in securing their stuff. How many people have actually bothered to review open source anyway? It has taken until now to actually get a review of TrueCrypt, a program that almost everyone uses for encryption and open source.
Along those lines, we should all switch to Gentoo and never get compromised again! *rolls eyes*
This isn't a Microsoft specific problem. The fact that it works on Office 360 is Microsoft's problem, but the fact that other (read "non-microsoft") websites are not handling their cookies in a more secure manner is not a Microsoft problem.
This type of cookie behavior is not at the OS or even web server level. Microsoft has nothing to do with this. This type of interaction will be at the application level and up to the individual websites to handle. Its been widely known that many sites have not bothered to secure their cookies in this way. But this isn't something you can blame on Microsoft.
Slashdot Mirror
Bets for how long it is until this technology is used for porn, anyone?
I always chuckle when people claim that being able to compile from source is helpful in securing their stuff. How many people have actually bothered to review open source anyway? It has taken until now to actually get a review of TrueCrypt, a program that almost everyone uses for encryption and open source. Along those lines, we should all switch to Gentoo and never get compromised again! *rolls eyes*
This isn't a Microsoft specific problem. The fact that it works on Office 360 is Microsoft's problem, but the fact that other (read "non-microsoft") websites are not handling their cookies in a more secure manner is not a Microsoft problem.
This type of cookie behavior is not at the OS or even web server level. Microsoft has nothing to do with this. This type of interaction will be at the application level and up to the individual websites to handle. Its been widely known that many sites have not bothered to secure their cookies in this way. But this isn't something you can blame on Microsoft.
Wireshark - $0. Packet Capture - $0. Reading ability - $0. Publicity gained from slashdotting an article - Priceless