Banner Logo
Home
The Real Kato
About Me
Twitter
Facebook
Frozen Lunches
Links
Dooce
Sweat Pants Mom
Secret Agent Josephine
Vindauga
Contact



Archives
Most Recent

2020 November
2008 February
2008 January
2007 December
2007 November
2007 October
2007 September
2007 August
2007 July
2007 June
2007 May
2007 April
2007 March


Categories
All Categories 

bloggers 
books 
commentary 
dating 
food 
funnyhaha 
interesting 
life 
movies 
music 
politics 
reviews 
science 
site-business 
sports 
style 
techwatch 
television 
theater 
travel 


Recent Comments
On Big Ten Football 2020: Week 4 Recap and Week 5 Pre...
Dan* said:
Ooof. What a horrible season for both of us so far.

At this point, I've mostly lost interest in thi...
On Big Ten Football 2020: Week 1 Recap
Ken said:
I stand corrected. I looked at the ESPN play-by-play to count IU's timeouts and they must have not i...
On Big Ten Football 2020: Week 1 Recap
Dan* said:
Hi Ken, good to see you back for another season of commentary! Looking forward to some football.

C...
On College Football 2019: Final
Ken said:
Hey Dan, thanks for being my only subscriber! Yeah I'll be rooting for Penn State (Memphis is a weir...
On College Football 2019: Final
Dan* said:
Thanks for the great articles this year Ken! I hope the Big 19 kicks ass in the bowl games. See you...


Articles: site-business: 2008 February

<< Previous: 2008 January | Back to Most Recent | Next: 2008 March >>

Page 1

Genius
Tuesday, 2008 February 5 - 10:56 pm
Google is famous, or perhaps infamous, for its strict hiring standards and its population of brilliant employees. So it was with some interest that I read about a security vulnerability in Gmail. Apparently, if someone manages to steal a Gmail session cookie (by snooping your network traffic), they can impersonate you and access your account.

The reason this is interesting to me is that here on realkato.com, I was very careful to prevent this vulnerability. I do use cookies so that you can remain logged in to the site, but the cookie is tied to the IP address you're using to log in, so it can't be used by anyone who's snooping your machine or your connection (unless they also manage to grab your IP address). Now granted, I don't use SSL on my site to further protect your connections, but that's just because I'm too cheap to pay for it, not because I didn't think about it.

So I have a security feature that Gmail doesn't. Nothing against all the geniuses at Gmail, but... hey, if I thought of it, shouldn't you have, too?
Permalink   Bookmark and Share
Posted by Ken in: site-businesstechwatch


Page 1


Login


Search This Site
Powered by FreeFind