Hello
Maybe you already know Badoo
(https://secure.wikimedia.org/wikipedia/en/wiki/Badoo), a one-night
stand community. I receive every day mails like this:
http://i.imgur.com/1CvVY.png
By clicking on the link "Sieh nach ob ihr zusammenpasst..." I am
automatically logged in in my profile (with full authorization).
The link is (anonymized here):
http://eu1.badoo.com/access.phtml?UID=474159433&secret=z8chfrtWmI&g=50&m=47&mid=43bd81cr005032477005004d13e26att
the first part is always the same, but mid=* changes every mail. Old
links (already visited) also work.
How they garantee the security? It means if I sniff a Badoo mail, I am
able to login as other person? Anybody knows more how this auth process
works?
regards
Alex
_______________________________________________
Pauldotcom mailing list
[email protected]
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
