Banner Logo
Home
The Real Kato
About Me
Twitter
Facebook
Frozen Lunches
Links
Dooce
Sweat Pants Mom
Secret Agent Josephine
Vindauga
Contact



Archives
Most Recent

2018 July
2008 February
2008 January
2007 December
2007 November
2007 October
2007 September
2007 August
2007 July
2007 June
2007 May
2007 April
2007 March


Categories
All Categories 

bloggers 
books 
commentary 
dating 
food 
funnyhaha 
interesting 
life 
movies 
music 
politics 
reviews 
science 
site-business 
sports 
style 
techwatch 
television 
theater 
travel 


Recent Comments
On New CBS Show Scorpion Riddled with Errors
e.* said:
also, 7a: disk-based backup targets don't work that way. you don't back up anything to one single so...
On New CBS Show Scorpion Riddled with Errors
Stephen J* said:
Wasn't planning on watching, now definitely won't.

19a: if the whole Ethernet cord to sportscar th...
On College Football 2013: Week 10 Preview
Ken said:
Update: Bryan Underwood is out with an injury. Umm, that's not good.
On It's Just (a) Lunch (Scam)?
kiki* said:
Run! Do not join this service! It is a waste of money. I was scheduled for several different dates. ...
On It's Just (a) Lunch (Scam)?
Informed* said:
Guys and women,

Amost everybody seems to be scammed by this company. Why then are they in business ...


<< Previous: Super Bowl Commercia... | Next: Breaking News: Romne... >>

Genius
Tuesday, 2008 February 5 - 10:56 pm
Google is famous, or perhaps infamous, for its strict hiring standards and its population of brilliant employees. So it was with some interest that I read about a security vulnerability in Gmail. Apparently, if someone manages to steal a Gmail session cookie (by snooping your network traffic), they can impersonate you and access your account.

The reason this is interesting to me is that here on realkato.com, I was very careful to prevent this vulnerability. I do use cookies so that you can remain logged in to the site, but the cookie is tied to the IP address you're using to log in, so it can't be used by anyone who's snooping your machine or your connection (unless they also manage to grab your IP address). Now granted, I don't use SSL on my site to further protect your connections, but that's just because I'm too cheap to pay for it, not because I didn't think about it.

So I have a security feature that Gmail doesn't. Nothing against all the geniuses at Gmail, but... hey, if I thought of it, shouldn't you have, too?
Permalink   Bookmark and Share
Posted by Ken in: site-businesstechwatch

Comments

There are no comments on this article.

Comments are closed for this post.
Login


Search This Site
Powered by FreeFind