[Date Prev][Date Next][Thread Prev][Thread Next][Minivend by date
][Minivend by thread
]
[mv] RE: ..about time
****** message to minivend-users from Scott Satterthwaite <ssattert@homier.com> ******
I don't think its quite the issue its being played for.
Think about it:
1. The risk itself is not new. It has been around since the first
Dynamic page was generated. Scripting does enhance the possibilites.
2. The problem does NOT come from scripts within the page but script
embedded in a URL. I don't know about your browser, but both Internet
Exloder and Netscape Agrevator cache links and keep a history file. My
net traffic monitoring software keeps a log file, so does my site
auditing software. Of course, every Cracker, Nutcase, and deviate who
wants the data from your computer is very eager to leave an audit trail.
I'm not saying I don't think the risk is present. But it is ONLY that;
a risk.
This is not an emergency.
As is always the case with going public with reports of this type, I
think we are going to see a few cracker wanna-be types that are going to
try something now.
The other effect of a public announcement of this type: A drop in the
number of consumers visiting our sites!
Lets just do what we must to filter script from URLs and cookies and
down-play this crap and get on with business.
Scott Satterthwaite
LAN Administrator
WebMaster
Homier Distributing Company, Inc.
-
To unsubscribe from the list, DO NOT REPLY to this message. Instead, send
email with 'UNSUBSCRIBE minivend-users' in the body to Majordomo@minivend.com.
Archive of past messages: http://www.minivend.com/minivend/minivend-list
