[Fwd: ebay sends passwords in the clear]
der.hans
PLUGd@LuftHans.com
Sun, 27 Feb 2000 18:11:39 -0700 (MST)
moin, moin,
if they're putting private info into the cookies it's not safe. Those
cookies, unless set properly, also get sent for non-ssl
connections. Hence, if you check in via ssl, but then go to a non-secure
section of the web site all of the info saved in those cookies is readily
sniffable :(.
ciao,
der.hans
--
# +++++++++++=================================+++++++++++ #
# der.hans@LuftHans.com www.excelco.com #
# http://home.pages.de/~lufthans/ #
# Linux sys_adm class, 29Feb - 03Mar at Viking Systems #
# http://www.VikingSystems.com/ #
# When I work, I work hard #
# When I play, I play hard #
# When I sit, I sleep. - Embe Kugler #
# ===========+++++++++++++++++++++++++++++++++=========== #