http://realkato.com/blog.php?pid=1335 Real Kato Comments en-us Sat, 25 Apr 2026 04:55:31 +0000 http://blogs.law.harvard.edu/tech/rss Ken's RSS Script http://realkato.com/blog.php?pid=1335 Google is famous, or perhaps infamous, for its strict hiring standards and its population of brilliant employees. So it was with some interest that I read about a <a href="http://www.news.com/8301-10789_3-9862242-57.html?part=rss&subj=news&tag=2547-1_3-0-20">security vulnerability in Gmail</a>. Apparently, if someone manages to steal a Gmail session cookie (by snooping your network traffic), they can impersonate you and access your account.<br/><br/>The reason this is interesting to me is that here on realkato.com, I was very careful to prevent this vulnerability. I do use cookies so that you can remain logged in to the site, but the cookie is tied to the IP address you're using to log in, so it can't be used by anyone who's snooping your machine or your connection (unless they also manage to grab your IP address). Now granted, I don't use SSL on my site to further protect your connections, but that's just because I'm too cheap to pay for it, not because I didn't think about it.<br/><br/>So I have a security feature that Gmail doesn't. Nothing against all the geniuses at Gmail, but... hey, if I thought of it, shouldn't you have, too? Ken Tue, 05 Feb 2008 22:56:07 +0000 http://realkato.com/blog.php?pid=1335