Pages: [1] :: one page |
|
Author |
Thread Statistics | Show CCP posts - 0 post(s) |
Tobias Sjodin
Ore Mongers BAT PHONE
|
Posted - 2010.11.22 17:20:00 -
[1]
Seriously, there are forums that were made in the 90'ies that supported simple cookies that work. Having to log in every damn time to make a post is infuriating. *gRAaaaaAHh*
|
red iffunk
Gallente RennTech
|
Posted - 2010.11.22 17:24:00 -
[2]
*logging in to say "hi"*
and yes, +1
|
tgl3
Gallente BrightStar Technologies
|
Posted - 2010.11.22 18:36:00 -
[3]
It is kind of annoying... -- It's all about the improvisation. |
Yuki Kulotsuki
|
Posted - 2010.11.22 18:45:00 -
[4]
SoonÖ
Originally by: CCP Lemur THIS IS GOD: ... IF YOU HAVE ANY MORE REQUESTS I'M AVAILABLE SUNDAY FROM 10:30 TO 12:00 TO RECEIVE YOUR PRAYERS.
|
Cinnamon Candy
|
Posted - 2010.11.22 18:48:00 -
[5]
Edited by: Cinnamon Candy on 22/11/2010 18:47:59 Europe is behind the US on most technology things vOv especially Iceland, they're like 15 years behind. Maybe when they get GPS they'll start driving on the right side of the road.
|
baltec1
Antares Shipyards Angry Dogs
|
Posted - 2010.11.22 18:54:00 -
[6]
Originally by: Cinnamon Candy Edited by: Cinnamon Candy on 22/11/2010 18:47:59 Europe is behind the US on most technology things vOv especially Iceland, they're like 15 years behind. Maybe when they get GPS they'll start driving on the right side of the road.
But iceland can control volcanos...
|
Magnus Orin
Minmatar United Systems Navy Wildly Inappropriate.
|
Posted - 2010.11.22 18:55:00 -
[7]
I absolutely agree.
Especially due to the fact that my password is annoyingly complicated to deter hacks as well...
I just reactivated with the 5 free day thingy (which wont even extend to the first portion of the new expansion!? wtf is up with that) and I could hardly remember my password... Thank goodness I had it stored in my PW vault on my blackberry :) Sarcasm - Because i'm too far away to strangle you. |
Othran
Brutor tribe
|
Posted - 2010.11.22 19:21:00 -
[8]
Edited by: Othran on 22/11/2010 19:21:51 sidejacking 4tw obviously
This table is quite a nice summary of the issues caused by "simple cookies that work".
|
Lurana Lay
Gallente
|
Posted - 2010.11.22 21:26:00 -
[9]
Resetting forum settings constantly is annoying too.
|
Malaclypse Muscaria
|
Posted - 2010.11.22 21:43:00 -
[10]
Originally by: Othran This table is quite a nice summary of the issues caused by "simple cookies that work".
Facebook does not provide SSL login yet? And they nonetheless have this "Facebook Connect" thing allowing their users to authenticate on other websites using their Facebook credentials?
*head explodes*
|
|
Ebisu Kami
|
Posted - 2010.11.22 21:46:00 -
[11]
Edited by: Ebisu Kami on 22/11/2010 21:46:24
Originally by: Magnus Orin I absolutely agree.
Especially due to the fact that my password is annoyingly complicated to deter hacks as well...
I just reactivated with the 5 free day thingy (which wont even extend to the first portion of the new expansion!? wtf is up with that) and I could hardly remember my password... Thank goodness I had it stored in my PW vault on my blackberry :)
Oh yeah, right, cookies containing your PWs on your PC and textfiles with PWs on your Blackberry are totally going to make you hacker-proof.
|
BinaryIdiot
Dreddit Test Alliance Please Ignore
|
Posted - 2010.11.22 22:00:00 -
[12]
Originally by: Othran Edited by: Othran on 22/11/2010 19:29:26 Edited by: Othran on 22/11/2010 19:21:51 sidejacking 4tw obviously
This table is quite a nice summary of the issues caused by "simple cookies that work".
Edit - full "report" which table was taken from : http://www.digitalsociety.org/2010/11/online-services-security-report-card/ Do note that this is utterly trivial stuff done daily to probably thousands of people - hell there's even a Firefox plugin to help
If you send data through non-SSL channels then, of course, you're exposed. You know the password you use to login to eveonline.com? If someone was running a program to sniff your data they would see it in clear text. A password exposure is worse than an authentication token exposure.
The obvious solution is to: 1. Correctly implement cookies to keep browser sessions. 2. Enable SSL or require SSL.
Originally by: Ebisu Kami Edited by: Ebisu Kami on 22/11/2010 21:46:24
Originally by: Magnus Orin I absolutely agree.
Especially due to the fact that my password is annoyingly complicated to deter hacks as well...
I just reactivated with the 5 free day thingy (which wont even extend to the first portion of the new expansion!? wtf is up with that) and I could hardly remember my password... Thank goodness I had it stored in my PW vault on my blackberry :)
Oh yeah, right, cookies containing your PWs on your PC and textfiles with PWs on your Blackberry are totally going to make you hacker-proof.
Cookies DO NOT and SHOULD NEVER contain your password.
|
BinaryIdiot
Dreddit Test Alliance Please Ignore
|
Posted - 2010.11.22 22:02:00 -
[13]
Originally by: Yuki Kulotsuki SoonÖ
Care to elaborate? There is nothing in that list that suggests this change...
|
BeanBagKing
Terra Incognita Black Star Alliance
|
Posted - 2010.11.22 22:06:00 -
[14]
Originally by: BinaryIdiot
Originally by: Yuki Kulotsuki SoonÖ
Care to elaborate? There is nothing in that list that suggests this change...
Quote: New Forums to EVE Gate Read about the hottest topics and latest events in the new full-featured forum system, now integrated directly into EVE Gate.
|
BinaryIdiot
Dreddit Test Alliance Please Ignore
|
Posted - 2010.11.22 22:11:00 -
[15]
Originally by: BeanBagKing
Originally by: BinaryIdiot
Originally by: Yuki Kulotsuki SoonÖ
Care to elaborate? There is nothing in that list that suggests this change...
Quote: New Forums to EVE Gate Read about the hottest topics and latest events in the new full-featured forum system, now integrated directly into EVE Gate.
Those are forums for your corps and alliances. They have nothing to do with the main eve forums...
|
Triple Entendre
|
Posted - 2010.11.22 22:12:00 -
[16]
Originally by: Tobias Sjodin Seriously, there are forums that were made in the 90'ies that supported simple cookies that work. Having to log in every damn time to make a post is infuriating. *gRAaaaaAHh*
Spider-Sense suggests someone snagged Sjodin's snipe.
|
Lanais Suleia
|
Posted - 2010.11.22 22:35:00 -
[17]
Given that Gate applies negative atmospheric pressure gently to the reproductive organs of diminutive equus, I can't say having new forums based on it excites me in any way. |
Othran
Brutor tribe
|
Posted - 2010.11.22 22:52:00 -
[18]
Originally by: BinaryIdiot
Originally by: Othran Edited by: Othran on 22/11/2010 19:29:26 Edited by: Othran on 22/11/2010 19:21:51 sidejacking 4tw obviously
This table is quite a nice summary of the issues caused by "simple cookies that work".
Edit - full "report" which table was taken from : http://www.digitalsociety.org/2010/11/online-services-security-report-card/ Do note that this is utterly trivial stuff done daily to probably thousands of people - hell there's even a Firefox plugin to help
If you send data through non-SSL channels then, of course, you're exposed. You know the password you use to login to eveonline.com? If someone was running a program to sniff your data they would see it in clear text. A password exposure is worse than an authentication token exposure.
The obvious solution is to: 1. Correctly implement cookies to keep browser sessions. 2. Enable SSL or require SSL.
Pretty much every* website I've ever used that required a login only ever used ssl for the login. After that its plaintext. Thats what sidejacking is - capture the cookie and use it for that session. You don't need the login and password and depending on the site there is a possibility of changing the default email addy then triggering a "forgot password" routine.
Trust me on this, its endemic.
Even with ssl its still possible to sidejack.
*not my banking/financial sites, they're ssl throughout. I changed bank because one used ActiveX - I'm not joking about moving banke either.
|
Ultim8Evil
Oblivion Chaos Fleet Oblivion United
|
Posted - 2010.11.22 23:04:00 -
[19]
Originally by: Cinnamon Candy Europe is behind the US on most technology things
Give us a shout when you've ditched leaf springs and live axles, stopped throwing V8s in things to "go fast" in place of correct tuning and built a car that can go round corners... then we'll talk. --------------------------------------------------------------------------------
|
Jovan Geldon
Gallente Lead Farmers Kill It With Fire
|
Posted - 2010.11.22 23:48:00 -
[20]
Edited by: Jovan Geldon on 22/11/2010 23:48:13
Originally by: Cinnamon Candy Europe is behind the US on most technology things
The metric system also says hi.
|
|
Brian Ballsack
|
Posted - 2010.11.22 23:57:00 -
[21]
you really are one lazy bastrd if you cant be bothered to type in a password. My money in on OP being american abd obese
|
Astenion
Blame The Bunny Reverberation Project
|
Posted - 2010.11.23 00:03:00 -
[22]
Originally by: Ultim8Evil
Originally by: Cinnamon Candy Europe is behind the US on most technology things
Give us a shout when you've ditched leaf springs and live axles, stopped throwing V8s in things to "go fast" in place of correct tuning and built a car that can go round corners... then we'll talk.
I think she was being facetious, as Europe is actually ahead of the US in that respect. Europe was behind the US in the late 90's and early 00's with internet technology but has since caught up and surpassed the US in terms of both speed, availability, and service.
But comparing cars to computers is apples and oranges. We don't put V8s in things to "go fast"...you can put a turbo on a lawnmower and it will still go fast, which is what many European car makers do, aside from luxuries such as Mercedes, BMW, etc. The Mazda RX-8 is an American car (now at least) and features a small engine (albeit a rotary) and blows the doors off just about any other similarly priced car. We put V8s in our cars because they're muscle cars and they're supposed to have a V8 in it. I've yet to see a Toyota sedan with a V8 in it. We like our cars with torque, the kind that feels like a jet taking off when you dump the clutch. You can't get that with any European car under 40k euros.
Tuner cars may actually go faster and handle better, but they're smaller, lighter, and have so much crap added onto them that they aren't even the same car anymore. We don't want a car that sounds like a weedeater motor attached to a shopping cart with lights underneath.
Now, the average European car wins hands-down over the average American car, in almost every aspect. Renault, Citroen, Lancia, Alfa Romeo, VW, etc. are all great affordable cars that I would take any day over the average American family car. But a Ford Mustang Cobra/Chevy Camaro SS vs. well, what? The closest thing Europe has to that would be a Porsche, and it costs at least twice the money. The big difference is that you can buy a muscle car in the US for less than what idiot Europeans pay for SUVs they don't know how to drive and in cities they can't park.
|
Othran
Brutor tribe
|
Posted - 2010.11.23 00:09:00 -
[23]
Amusingly the (real-world) answer to sidejacking won't please the OP. You have to click "logout"
Fairly seriously though - do make a point of clicking the "log out" button as it'll expire session/cookie.
Also don't go doing what some people suggest - forcing SSL by typing https:// at a website. In most cases it'll work but its not really an answer. Use it sparingly if you have to.
|
Akita T
Caldari Caldari Navy Volunteer Task Force
|
Posted - 2010.11.23 00:16:00 -
[24]
NERD RAAAAAaaaaaapathy... meh. _
Beginner's ISK making guide | Manufacturer's helper | All about reacting _
|
|
|
|
Pages: [1] :: one page |
First page | Previous page | Next page | Last page |