October 18, 2005
-
It's nice to see Xanga update their security, even a little bit. First they adopted the type-this-distorted-text technique for new accounts. There's a cute name for this technique, but I can't remember it and I'm too lazy to look it up.
And now they're encrypting the I'm-alread-logged-in cookie. I remember someone hacked this a long, long time ago, and I thought the XangaNerds had solved the problem, but I guess I was wrong. It'll be interesting to see how long it takes NotForProphet to hack the new system.
Anyway. Sometimes I curse the darkness, but this time I'll light a candle. Yay security!
Next up: https for all connections, so Xangans can 'blog from work without being spied upon.
Comments (2)
its a losing battle isn't it?
that would be a CAPTCHA - now stop making me do that!
Comments are closed.