Facebook insecure by design

Lou Katz lou at metron.com
Mon Oct 24 16:57:38 UTC 2011

The real question is why the referrer field was not under user control
in the first place. Having to never click on a link, but rather to
cut and paste it into the address bar is not a satisfactory work-around.

Still, why has it not been put under user control, now that we have a better
appreciation of the hazards of that information leakage?

Reassembled from random thought waves

This is not a signature line.

More information about the NANOG mailing list