Re: [JoPHP] Cookies Security Threats with IE

Mon, 27 Feb 2006 23:13:01 -0800

Easy,

Encrypt your cookie info

 

From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ala'a Ibrahim
Sent: Monday, February 27, 2006 10:03
To: Jordan PHP User Group Mailing list
Subject: Re: [JoPHP] Cookies Security Threats with IE

 

Well, I don't care about myself, my main concern is my clients ...

On 2/26/06, Anubis HH <[EMAIL PROTECTED] > wrote:

Do you wanna solve it from a client or a server side?
I mean do you wanna protect yourself from this
happening to you when you go to a cafe? or do you want
to protect users of your website?

Ammar

--- Ala'a Ibrahim <[EMAIL PROTECTED]> wrote:

> Dear Group,
> Imagine this setuation, you are in an Internet Cafe,
> you logged in to some
> account on the internet (Even if it was HTTPS), a
> cookie, or a session id
> cookie would be put on your computer, in IE the
> cookies would be put in some
> file on your computer, now if the Internet cafe
> supervisor got into your
> computer, he can read all the cookies he wants, and
> then set them on his
> machine, and (in the case of sessions) he could use
> your account until one
> of you logs out (in case of cookies, it's gone
> forever).
> does anybody knows a way to solve that ...
>
> PS: in the Internet Cafe you both have the same IP,
> so it's useless to try
> to save the IP in your session.
> My Best solution is to tell everybody not to go to
> internet cafes ....
> --
>                                  Ala'a A. Ibrahim
> http://alaa83.blogspot.com/
> > _______________________________________________
> Jordan PHP Users Group
> http://php.jolug.org/
> Php mailing list
> [email protected]
> http://mail.jolug.org/mailman/listinfo/php_jolug.org
>


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around
http://mail.yahoo.com

_______________________________________________
Jordan PHP Users Group
http://php.jolug.org/
Php mailing list
[email protected]
http://mail.jolug.org/mailman/listinfo/php_jolug.org




--
                                 Ala'a A. Ibrahim
http://alaa83.blogspot.com/ 

_______________________________________________
Jordan PHP Users Group
http://php.jolug.org/
Php mailing list
[email protected]
http://mail.jolug.org/mailman/listinfo/php_jolug.org

Reply via email to