[thelist] cookies
Ron Thigpen
rthigpen at nc.rr.com
Mon May 21 09:14:15 CDT 2001
more on MSN's cookie sharing behavior is available at:
<URL: http://www.newmediawhore.com/article.php?story=20010518172000930>
if i am understanding the mechanism correctly, MSN's method of propogating these
cookies across domains can be easily hijacked, in much the same way formmail
scripts are hijacked by spammers. in other words, your site can apparently pick
off MSN GUIDs, and associate them with other user-specific data. granted, this
doesn't necessarily give away anything to the hijacker site, but it does open
the door for data gathering that can be turned over to MSN and associated with
other user data being tracked under the GUID.
hello hailstorm, goodbye privacy.
--rt
More information about the thelist
mailing list