[Or “Logout CSRF” for search indexes; I seem to be addicted to the less common acronym ;-)]Significant? No, of course not. It is a technical integrity violation inflicted upon good.com
Well, here’s a nice little gem for the festive season. I like it for a few distinct reasons:It’s one of those cases where if you look at web standards from the correct angle, you can se
[Aside: I’m not sure anyone cares, particularly because the “block third party cookies” option tends to break legitimate web sites. But I’ll document it just in case :)]Majo
I’ve been meaning to fiddle around with timing attacks for a while. I’ve had various discussions in the past about the significance of login determination attacks (including ones I foun