[Gllug] Sticky cookies

Chris Bell chrisbell at overview.demon.co.uk
Fri Aug 15 10:15:12 UTC 2008


On Fri 15 Aug, Simon Wilcox wrote:
> 
> Chris Bell wrote:
> >    I impose a general "no cookies" rule for best security, but a
> > neighbourhood site isists on using them. I am considering setting up a
> > dedicated account that will allow a cookie on another local box so that the
> > cookie is confined to that account. Would this still work if I then access
> > that account through a window on another box using ssh/screen remote access?
> 
> Cookies are just bits of text. The only threat from cookies is that they 
> may be used to track your browsing behaviour (c.f. doubleclick)

   that is almost certainly what it is there to do as the site claims that
it supplies sanitised data to their advertisers.

> or that 
> they may encode sensitive information that would be useful if obtained 
> (e.g. some dumb websites that put user login information in the cookie).

   probably not, but who can tell?


> If you examined the cookie and are happy that it doesn't do this then it 
> should be fine to enable cookies from that one site.
> 
> S.



-- 
Chris Bell NEW alternative address: chrisbell at chrisbell.org.uk
Microsoft sells you Windows ... Linux gives you the whole house.

-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug




More information about the GLLUG mailing list