HTTP cookies, or how not to design protocols
From http://lcamtuf.blogspot.com/2010/10/...to-design.html by Google security researcher Michael Zalewski
Quote:
For as long as I remember, HTTP cookies have been vilified as a grave threat to the privacy of online browsing; wrongly so. That said, the mechanism itself is a very interesting cautionary tale for security engineers - and that will be the theme of today's feature.
|
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
|