[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [WEB SECURITY] IP address change: relogin

From: "Martin O'Neal" <martin.oneal@xxxxxxxxxxxx>
Subject: RE: [WEB SECURITY] IP address change: relogin
Date: Thu, 22 May 2008 15:43:28 +0100

> If there are other methods, I'd be interested in hearing about them
too.

I think what people are looking for here is a technical solution to a
logical problem.  Logically, an attacker that already has access to the
data in transit (or on the client), has access to all the components
needed to subvert any controls you can implement at the client.  All
they need is the time and desire to subvert them.

Martin...

----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec

Have a question? Search The Web Security Mailing List Archives:
http://www.webappsec.org/lists/websecurity/

Subscribe via RSS:
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

Join WASC on LinkedIn
http://www.linkedin.com/e/gis/83336/4B20E4374DBA

References:
- [WEB SECURITY] IP address change: relogin
  - From: Stephan Wehner
- Re: [WEB SECURITY] IP address change: relogin
  - From: Bil Corry

Prev by Date: Re: [WEB SECURITY] IP address change: relogin
Next by Date: Re: [WEB SECURITY] IP address change: relogin
Previous by thread: Re: [WEB SECURITY] IP address change: relogin
Next by thread: Re: [WEB SECURITY] IP address change: relogin
Index(es):
- Date
- Thread

Brought to you by http://www.webappsec.org
Search this site