1996-12-18 - Re: NSClean

Header Data

From: Mike McNally <m5@tivoli.com>
To: vipul@pobox.com
Message Hash: 7ccbffe58e8887052304d601e608aa7b3b77eec07cdd145006e1194a7c3e129a
Message ID: <32B80925.5BB0@tivoli.com>
Reply To: <199612181422.OAA00228@fountainhead.net>
UTC Datetime: 1996-12-18 15:10:22 UTC
Raw Date: Wed, 18 Dec 1996 07:10:22 -0800 (PST)

Raw message

From: Mike McNally <m5@tivoli.com>
Date: Wed, 18 Dec 1996 07:10:22 -0800 (PST)
To: vipul@pobox.com
Subject: Re: NSClean
In-Reply-To: <199612181422.OAA00228@fountainhead.net>
Message-ID: <32B80925.5BB0@tivoli.com>
MIME-Version: 1.0
Content-Type: text/plain


Vipul Ved Prakash wrote:
> 
> *** NSCLean, IECLean provide privacy for surfers
> 
> Heightened awareness of cookies ...

I see complaints about cookies all the time, and I just have to
wonder why the fuss seems so relatively, well, unsophisticated,
for lack of a better word.

The cookie idea, in and of itself, is really a pretty good one and
can provide some useful features.  Things like auto-configuring
web sites ("my Yahoo", though I don't know for sure how that works)
can exploit the cookie capability to provide convenience.  I just
can't get worked up over it.  The cookie issuer still doesn't really
know who the visitor is, of course, unless the visitor explicitly
hands over that information.

"Naughty" uses of cookies for tracking sites visited might be
objectionable, I suppose.  It's easy enough to do selective
editing of the cookie file of course (maybe this NSClean product
can do that).

One of the scary things might be that though cookies can be made
hard to forge, it's clearly impossible for cookie issuers to 
ensure the cookies aren't stolen or deliberately distributed.  If
a site uses a "secure" cookie as a means of identifying the web
visitor, there's certainly some risk if it then allows access to
sensitive information.


-- 
^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^
Mike McNally -- Egregiously Pointy -- Tivoli Systems, "IBM" -- Austin
mailto:m5@tivoli.com    mailto:m101@io.com    http://www.io.com/~m101
^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ ^





Thread