Should I worry? Security questions. Browsers & Cookies

Discussion in 'Computers' started by Dante, Apr 22, 2009.

  1. Dante
    Offline

    Dante On leave Supporting Member

    Joined:
    Dec 1, 2008
    Messages:
    52,463
    Thanks Received:
    3,324
    Trophy Points:
    1,825
    Location:
    On leave
    Ratings:
    +6,054
    Hello gang. This is a shout out for advice/comments from a hack that usually never (lol) asks for help, but asking I am.

    Situation: I am on a computer at a biz I do web work for. There is a guy here who is always playing with the router here and with norton security shit amongst other shit.

    I discovered that when I am on a server or site that requires a password that even with the browser open...when I delete cookies and stuff and then refresh the page I am still connected. The browser is being overridden??? Why? Is somebody snooping or stealing info? Should I worry about a security breach on servers I have connected to from here?

    am I being clear?

    :eusa_shhh:
     
    • Thank You! Thank You! x 1
    Last edited: Apr 22, 2009
  2. random3434
    Offline

    random3434 Senior Member

    Joined:
    Jun 29, 2008
    Messages:
    25,903
    Thanks Received:
    7,188
    Trophy Points:
    48
    Ratings:
    +7,194
    Kitten Koder in 5...4....3....2....1.........



    HI DEV!
     
  3. Dante
    Offline

    Dante On leave Supporting Member

    Joined:
    Dec 1, 2008
    Messages:
    52,463
    Thanks Received:
    3,324
    Trophy Points:
    1,825
    Location:
    On leave
    Ratings:
    +6,054
    Hi kiddo! So good to see your typed characters.

    SO the browser (Internet explorer) has auto settings that keeps the settings overriding the tools in the browser?
     
  4. random3434
    Offline

    random3434 Senior Member

    Joined:
    Jun 29, 2008
    Messages:
    25,903
    Thanks Received:
    7,188
    Trophy Points:
    48
    Ratings:
    +7,194
    If that question is for me, I read:

    akja;fja;ja;tu aetu atjghgagioagata['gatjatgjakg jaiuty'ayu



    I think Kitten or someone is an expert on the computer stuff.


    Maybe del? :lol:
     
  5. KittenKoder
    Offline

    KittenKoder Senior Member

    Joined:
    Sep 21, 2008
    Messages:
    23,281
    Thanks Received:
    1,711
    Trophy Points:
    48
    Location:
    Nowhere
    Ratings:
    +1,714
    LOL ... Thanks Echo ...

    Anyhow, to the security issue, some sites will use "sessions", server side cookies (sort of, more complex but sort of) which will maintain the login info. To check to see if that's it while using Fore Fox, close all the tabs leaving the browser open still (should have a blank tab), delete the cookies, then close the browser and wait for it to finish, then reopen. Another is that perhaps the page is cached in the temporary files, which the same steps will fix as well just delete the temporary files as well. If it's the temporary files being stored then you'll just have to clear those each time, if it's a session script then the session will usually expire in a couple of minutes or when you close the browser or disconnect from the web.
     
  6. KittenKoder
    Offline

    KittenKoder Senior Member

    Joined:
    Sep 21, 2008
    Messages:
    23,281
    Thanks Received:
    1,711
    Trophy Points:
    48
    Location:
    Nowhere
    Ratings:
    +1,714
    Eew ... IE ... there should still be a way to override such settings, unless they changed it recently. You should still be able to clear everything, just make sure you are on a blank page or some error page when you do and not any site you are logged into.
     
  7. Dante
    Offline

    Dante On leave Supporting Member

    Joined:
    Dec 1, 2008
    Messages:
    52,463
    Thanks Received:
    3,324
    Trophy Points:
    1,825
    Location:
    On leave
    Ratings:
    +6,054

    I understand all that. What spooked me was the fact that when using the tools- delete all files- that the tools section-content -has a 'auto complete' and a 'feeds' option that overrides the tools-general -delete all files options.

    When the browser is closed of course all files are supposed to be deleted...right? If the browser is open and the 'tools' 'general' options are being overridden by the 'tools' 'connection' options ... I am left wondering why? Is the browser then a security threat?
     
  8. Dante
    Offline

    Dante On leave Supporting Member

    Joined:
    Dec 1, 2008
    Messages:
    52,463
    Thanks Received:
    3,324
    Trophy Points:
    1,825
    Location:
    On leave
    Ratings:
    +6,054
    When at a site that I am logged into and the page is open...I deleted all cookies, but never got locked out of the site. The other settings (connection/settings) overrode the delete files/general settings. Creepy. I ams ure there is a reason for the feature, but IT escapes me. A way to keep people from what?
     
  9. KittenKoder
    Offline

    KittenKoder Senior Member

    Joined:
    Sep 21, 2008
    Messages:
    23,281
    Thanks Received:
    1,711
    Trophy Points:
    48
    Location:
    Nowhere
    Ratings:
    +1,714
    The auto-complete shouldn't take anything over, and you may want to turn that off when you are using someone else computer then turn it back on for them (if you feel like being nice). If it won't let you change those settings then only enter passwords where "dots" appear in their place (auto complete doesn't record those). IE itself has a lot of loopholes, but if you turn off all the scripting (Javascript, Flash, etc) it's safe enough.

    Temporary files are not always deleted unless the browser is set to do that. Most multiuser terminals have this set to automatic unless they want to track user activities and don't know how to do it right.
     
  10. KittenKoder
    Offline

    KittenKoder Senior Member

    Joined:
    Sep 21, 2008
    Messages:
    23,281
    Thanks Received:
    1,711
    Trophy Points:
    48
    Location:
    Nowhere
    Ratings:
    +1,714
    Oh, and 'feeds' (I hate those and always turn them off) shouldn't have any ill effects unless IE is letting them be signed up automatically now.
     

Share This Page