I went to the site and was able to search for any domain that has set
cookies on my computer. The full Amazon cookie could be pulled up
(thankfully, one-click is not enabled on this machine).
H.
=========================
Howard Owens
Web Producer
InsideVC.com
mailto:[EMAIL PROTECTED]
=========================
> -----Original Message-----
> From: Todd Ashworth [SMTP:[EMAIL PROTECTED]]
> Sent: Tuesday, May 16, 2000 3:36 PM
> To: [EMAIL PROTECTED]
> Subject: Re: "You have nice cookies .. mind if I have a look?"
>
> I'm not sure .. of course all the reports I've seen are going for shock
> value and leaving the technical details usefull to the rest of us out.
> You
> could test it I suppose. You could set such a cookie on your computer and
> then go to the test site mentioned in the article and see if the exploit
> can
> find your cookie .. it gives you the option to type in a speciffic domain
> name to search for. It would be really kinda cool if it wasn't a
> potential
> hazard.
>
> BTW, Amazon and friends encrypt their cookies, from what I've heard.
> Anyone
> have any CF related info on doing the same?
>
> .
------------------------------------------------------------------------------
Archives: http://www.eGroups.com/list/cf-talk
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
