lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed Feb 22 02:12:29 2006
From: nodialtone at comcast.net (nodialtone)
Subject: Re: Re: Forum / Site redone


Lets all ensure that all the crumbs are vacuumed up as well.

On Tue, 2006-02-21 at 14:14, Dave Korn wrote:
> Nigel Horne wrote:
> >> Nigel Horne wrote:
> >>>> Thanks for the comments.  Site has been redone ( I re-didit )  Feel
> >>>> free to keep the comments coming.
> >>>>
> >>>> http://www.iatechconsulting.com
> >>>
> >>> Why does it attempt to store 2 cookies on my machine when all I do
> >>> visit your front page?
> >>
> >>   Because that's how PHP tracks your session ID.
> >>
> >>> Needless to say I said "no".
> >
> > Public access websites should not have session IDs just to visit their
> > frontpage.
> 
>   Like it matters the tiniest little bit at all.
> 
>   You can refuse the cookie if you want.
> 
>   You can accept it if you want the personalisation you'll get.
> 
>   You can set your browser to flush cookies at the end of the session if you 
> don't want the same server to identify you next time.
> 
>   You can hang on to it indefinitely if you do.
> 
>   It takes next to no space on your hard drive, is entirely under your 
> control, and it's not some kind of magical demon sent by the NSA to spy on 
> you, so who cares?
> 
>   You're presenting this claim that "Public access websites" (you mean 
> 'publicly accessible' websites, I take it) "should not have" session IDs. 
> Well, /WHY/ should they not?  This claim needs justifying.  Ethical reasons? 
> Financial reasons?  Health and safety reasons?  Aesthetic reasons?  Or just 
> because Nigel Horne says so, and whatever he says is so obviously patently 
> right and true that all right-thinking people will just accept your word for 
> it unquestioningly?
> 
> 
>     cheers,
>       DaveK

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ