Facebook insecure by design
Lou Katz
lou at metron.com
Mon Oct 24 16:57:38 UTC 2011
The real question is why the referrer field was not under user control
in the first place. Having to never click on a link, but rather to
cut and paste it into the address bar is not a satisfactory work-around.
Still, why has it not been put under user control, now that we have a better
appreciation of the hazards of that information leakage?
--
-=[L]=-
Reassembled from random thought waves
This is not a signature line.
More information about the NANOG
mailing list