Banner Logo
Home
The Real Kato
About Me
Twitter
Facebook
Frozen Lunches
Links
Dooce
Sweat Pants Mom
Secret Agent Josephine
Vindauga
Contact



Archives
Most Recent

2020 July
2008 February
2008 January
2007 December
2007 November
2007 October
2007 September
2007 August
2007 July
2007 June
2007 May
2007 April
2007 March


Categories
All Categories 

bloggers 
books 
commentary 
dating 
food 
funnyhaha 
interesting 
life 
movies 
music 
politics 
reviews 
science 
site-business 
sports 
style 
techwatch 
television 
theater 
travel 


Recent Comments
On College Football 2019: Final
Ken said:
Hey Dan, thanks for being my only subscriber! Yeah I'll be rooting for Penn State (Memphis is a weir...
On College Football 2019: Final
Dan* said:
Thanks for the great articles this year Ken! I hope the Big 19 kicks ass in the bowl games. See you...
On College Football 2019: Week 9 Preview
DANIEL STAHLMAN* said:
Almost 2 weeks later, and I finally watched my recording of the game. It's probably good that I didn...
On College Football 2019: Week 8 Preview
Dan* said:
Great summaries of the games as usual, Ken. Penn State struggled in a lot of phases, but I was encou...
On College Football 2019: Week 3 Preview
Dan* said:
Hey Ken. Glad you are back for another year of college football! As always, I appreciate the insight...


<< Previous: Super Bowl Commercia... | Next: Breaking News: Romne... >>

Genius
Tuesday, 2008 February 5 - 10:56 pm
Google is famous, or perhaps infamous, for its strict hiring standards and its population of brilliant employees. So it was with some interest that I read about a security vulnerability in Gmail. Apparently, if someone manages to steal a Gmail session cookie (by snooping your network traffic), they can impersonate you and access your account.

The reason this is interesting to me is that here on realkato.com, I was very careful to prevent this vulnerability. I do use cookies so that you can remain logged in to the site, but the cookie is tied to the IP address you're using to log in, so it can't be used by anyone who's snooping your machine or your connection (unless they also manage to grab your IP address). Now granted, I don't use SSL on my site to further protect your connections, but that's just because I'm too cheap to pay for it, not because I didn't think about it.

So I have a security feature that Gmail doesn't. Nothing against all the geniuses at Gmail, but... hey, if I thought of it, shouldn't you have, too?
Permalink   Bookmark and Share
Posted by Ken in: site-businesstechwatch

Comments

There are no comments on this article.

Comments are closed for this post.
Login


Search This Site
Powered by FreeFind