HTTP cookies, or how not to design protocols
by Google security researcher Michael Zalewski
For as long as I remember, HTTP cookies have been vilified as a grave threat to the privacy of online browsing; wrongly so. That said, the mechanism itself is a very interesting cautionary tale for security engineers - and that will be the theme of today's feature.
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump