[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Fed-Talk] Safari, Private Browsing, and Cookies

Subject: RE: [Fed-Talk] Safari, Private Browsing, and Cookies
From: "Coradeschi, Tom [AMSRD-AAR-AIS-SE]" <email@hidden>
Date: Thu, 18 May 2006 15:06:41 -0400
Delivered-to: email@hidden
Delivered-to: email@hidden

Yeah, I got that "cookies = spyware" briefing earlier this month.

Try this experiment: turn off cookies, then try to log into AKO.

'nuff said. 


Tom Coradeschi
Excalibur Systems Engineering
NIPR: email@hidden
SIPR: email@hidden 


-----Original Message-----
From: fed-talk-bounces+tom.coradeschi=email@hidden
[mailto:fed-talk-bounces+tom.coradeschi=email@hidden] On
Behalf Of Michael Kluskens
Sent: Thursday, May 18, 2006 9:22 AM
To: email@hidden
Subject: [Fed-Talk] Safari, Private Browsing, and Cookies

One item considered spyware is cookies.  One of the standard Computer  
Security training courses recommends disabling cookies and  
javascript.  One would think that Private Browsing in Safari would  
not keep cookies in the cookie file after Safari is quit, but this is  
not true (might have been true at one time and might even be  
dependent of the exact configuration of a machine, I've only tested  
this issue on one machine).

In fact, the pop-up window for private browsing says:

"When private browsing is turned on, webpages are not added to the  
history, items are automatically removed from the Downloads window,  
information isn't saved for AutoFill (including names and passwords),  
and searches are not added to the pop-up menu in the Google search  
box. Until you close the window, you can still click the Back and  
Forward buttons to return to webpages you have opened."

No reference to cookies.  So cookie management in Safari still lags.   
The Firefox and Mozilla people have the ability, among other things,  
to make all cookies session cookies (just the rest of the  
configuration of Firefox/Mozilla is complex when you start  
determining precisely the most secure configuration that will protect  
your users and not annoy them by breaking common sites, like the  
Apple online store and the IEEE online journal system).

Michael

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/fed-talk/email@hidden

This email sent to email@hidden
 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/fed-talk/email@hidden

This email sent to email@hidden

Prev by Date: Re: [Fed-Talk] Re: ExpressCard/34 references
Next by Date: Re: [Fed-Talk] Apple closes down OS X Kernel
Previous by thread: Re: [Fed-Talk] Safari, Private Browsing, and Cookies
Next by thread: [Fed-Talk] Re: ExpressCard/34 references
Index(es):
- Date
- Thread

Home