[thelist] cookies

Ron Thigpen rthigpen at nc.rr.com
Mon May 21 09:14:15 CDT 2001


more on MSN's cookie sharing behavior is available at:

<URL: http://www.newmediawhore.com/article.php?story=20010518172000930>

if i am understanding the mechanism correctly, MSN's method of propogating these
cookies across domains can be easily hijacked, in much the same way formmail
scripts are hijacked by spammers.  in other words, your site can apparently pick
off MSN GUIDs, and associate them with other user-specific data.  granted, this
doesn't necessarily give away anything to the hijacker site, but it does open
the door for data gathering that can be turned over to MSN and associated with
other user data being tracked under the GUID.

hello hailstorm, goodbye privacy.

--rt




More information about the thelist mailing list