Tag: cookies

Fantastic, intricate values-in-design study of cookie development

Since cookies have been kind of a theme recently, it seems appropriate to post this long essay on the history of cookie development (which includes a link to a contrarian argument about cookies and privacy that’s quite thought provoking). It’s quite technical and completely worth it — a step-by-step tour of the RFCs, browser development, and gradual mission creep that made cookies into the weird complicated mess they are today. It’s a great values-in-design study (without coming from an explicit ViD background) that traces a legacy of “rapid deployment of poorly specified features, or leaving essential security considerations as ‘out of scope’” and how it expresses itself in code, corporate practice, and outcomes for us, the users.

November 8, 2010 8:57 am
Firesheep

Short and sweet: a Firefox extension that exposes the fact that login cookies are transacted unencrypted for a lot of the biggest social networking sites — meaning that you can sit on an open wi-fi network and harvest all the authentication data you like (known as a sidejacking attack): Firesheep.

October 26, 2010 11:53 pm

Fantastic, intricate values-in-design study of cookie development