Banner Logo
Home
The Real Kato
About Me
Twitter
Facebook
Frozen Lunches
Links
Kottke
Daring Fireball
Amalah
Secret Agent Josephine
Dooce
Contact



Archives
Most Recent

2024 March
2008 February
2008 January
2007 December
2007 November
2007 October
2007 September
2007 August
2007 July
2007 June
2007 May
2007 April
2007 March


Categories
All Categories 

bloggers 
books 
commentary 
dating 
food 
funnyhaha 
interesting 
life 
movies 
music 
politics 
reviews 
science 
site-business 
sports 
style 
techwatch 
television 
theater 
travel 


Recent Comments
On College Football 2022: Week 6 Recap and Week 7 Pre...
Ken said:
Yeah, we've both had our share of hope and disappointment in this game. Let's just hope for a good b...
On College Football 2022: Week 6 Recap and Week 7 Pre...
Dan* said:
I'm not sure how I feel about this game. On one hand, I feel pretty optimistic that we have the tale...
On College Football 2022: Week 1 Preview
Dan* said:
Glad to see you'll be back writing football again, Ken! Congrats on the easy win today. You didn't ...
On College Football 2021: Week 10 Recap and Week 11 P...
Ken said:
Yeah, sorry one of our teams had to lose. I've come to appreciate Penn State as a classy and sympath...
On College Football 2021: Week 10 Recap and Week 11 P...
Dan* said:
Hey Ken, congratulations on the win yesterday! Some really odd choices by our coaching staff in that...


<< Previous: Super Bowl Commercia... | Next: Breaking News: Romne... >>

Genius
Tuesday, 2008 February 5 - 10:56 pm
Google is famous, or perhaps infamous, for its strict hiring standards and its population of brilliant employees. So it was with some interest that I read about a security vulnerability in Gmail. Apparently, if someone manages to steal a Gmail session cookie (by snooping your network traffic), they can impersonate you and access your account.

The reason this is interesting to me is that here on realkato.com, I was very careful to prevent this vulnerability. I do use cookies so that you can remain logged in to the site, but the cookie is tied to the IP address you're using to log in, so it can't be used by anyone who's snooping your machine or your connection (unless they also manage to grab your IP address). Now granted, I don't use SSL on my site to further protect your connections, but that's just because I'm too cheap to pay for it, not because I didn't think about it.

So I have a security feature that Gmail doesn't. Nothing against all the geniuses at Gmail, but... hey, if I thought of it, shouldn't you have, too?
Permalink   Bookmark and Share
Posted by Ken in: site-businesstechwatch

Comments

There are no comments on this article.

Comments are closed for this post.
Login


Search This Site
Powered by FreeFind