> It's called "sarcasm". No security professional could have *possibly* > predicted that using a URL that looks like > > https://www.big-bank.com/account=134233433 > > could possibly be attacked, and it's *so* hard to design your web > interface to prepare for that sort of session hijacking....
What are you talking about?! It has the magic "s" after "http", which means "Secure". Peter _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
