|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Jamie McCarthy (jamie_at_mccarthy.vg)
Date: Wed Sep 11 2002 - 17:54:47 CDT
lcamtuf
dione.ids.pl (Michal Zalewski) writes:
> I gave Slashdot a short notice because
...you were impatient, I guess. But the explanation is simple.
Our users access that link from these pages:
http://slashdot.org/users.pl?op=changepasswd
http://slashdot.org/users.pl?op=edituser
which inform him or her:
You can automatically log in by clicking _This Link_ and
Bookmarking the resulting page. This is totally insecure,
but very convenient.
Anyone whose password shows up in your referrer logs has been
duly warned.
Any security concerns with Slashcode or Slashdot should be sent to
securityslashcode.com. (This address can be found by clicking
"bugs" on the Slashdot homepage. As stated there, we adhere to
the RFP, and ask you to as well.)
-- Jamie McCarthy jamie
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]