How Not To Design a Protocol

How Not To Design a Protocol 186

Posted by timothy on Saturday October 30, 2010 @08:06AM from the sweet-morsels-of-logged-in-ness dept.

An anonymous reader writes "Google security researcher Michael Zalewski posted a cautionary tale for software engineers: amusing historical overview of all the security problems with HTTP cookies, including an impressive collection of issues we won't be able to fix. Pretty amazing that modern web commerce uses a mechanism so hacky that does not even have a proper specification."

How Not To Design a Protocol

This discussion has been archived. No new comments can be posted.

Search 186 Comments Log In/Create an Account

Comments Filter:

The main thing is ... (Score:3, Funny)

by thomst ( 1640045 ) writes: on Saturday October 30, 2010 @08:40AM (#34072246) Homepage

... cookies are delicious!

Re:Analogy (Score:5, Funny)

by John Hasler ( 414242 ) writes: on Saturday October 30, 2010 @08:57AM (#34072298) Homepage

> HTTP is like a manual lawn mower.
No it isn't. A manual lawnmower is well-designed. The Web is like a lawnmower built by Rube Goldberg out of dozens of pairs of scissors, lots of string, some boards and a child's wagon, propelled by a large dog and powered by the wagging of his tail (the cookies are to get him to wag it). It's now had a clippings bag and a fertilizer cart added following the same design principles. An automatic dandilion remover, a dethatcher, and an aerator are coming soon (and several more dogs).

Re:Analogy (Score:4, Funny)

by phillips321 ( 955784 ) writes: on Saturday October 30, 2010 @09:10AM (#34072328)

You forgot to mention that the dog taking a shit is an extra add-on........Flash!

Re:Analogy (Score:5, Funny)

by peragrin ( 659227 ) writes: on Saturday October 30, 2010 @09:13AM (#34072344)

am I the only one who now wants to see that built/build it myself?

Re:Analogy (Score:1, Funny)

by Anonymous Coward writes: on Saturday October 30, 2010 @09:41AM (#34072438)

...which smells so bad because the dog has been fed the worst dogfood, called PHP

ohhh yeah (Score:1, Funny)

by Anonymous Coward writes: on Saturday October 30, 2010 @10:43AM (#34072696)

A session is forever
i love your design

Re:Analogy (Score:5, Funny)

by John Hasler ( 414242 ) writes: on Saturday October 30, 2010 @11:55AM (#34073112) Homepage

Lawn mowers, by contrast, were a 2-stroke, then 4-stroke engine with a blade and housing.
It would appear that you do not know what a manual lawnmower is.

Re:Does it work ? (Score:3, Funny)

by Saint Stephen ( 19450 ) writes: on Saturday October 30, 2010 @01:29PM (#34073882) Homepage Journal

Thank you, Captain Hindsight! What a complete failure the designers of HTTP were. They should've done it so much different! :-)

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

How Not To Design a Protocol 186

How Not To Design a Protocol More Login

How Not To Design a Protocol

The main thing is ... (Score:3, Funny)

Re:Analogy (Score:5, Funny)

Re:Analogy (Score:4, Funny)

Re:Analogy (Score:5, Funny)

Re:Analogy (Score:1, Funny)

ohhh yeah (Score:1, Funny)

Re:Analogy (Score:5, Funny)

Re:Does it work ? (Score:3, Funny)

Related Links Top of the: day, week, month.

Slashdot Top Deals

Slashdot