Off TopicAre you a QOTWer? Do you want to start a thread that isn't a direct answer to the current QOTW? Then this place, gentle poster, is your friend.
(
rob, Sun 1 Apr 2001, 1:00)
« Go Back | See The Full Thread
There's no real security on b3ta ... it just uses cookies and your userid to decide what posts to show you.But it only does that because the browser cooperates with it. Most modern whizzbang browswers like firefox and chrome give you multiple accounts or sessions and allow you to piss about with the cookies. The "reply" button is just a link that you can open however you want. So with effectively zero effort you can see the page as if you are logged out but reply as if you are logged in. Ignore 2.0 instantly evaporates. But don't tell anybody or they'll fix it.
You big fat poof.
(
Dr. Shambolic je suis charlie, Sun 3 Mar 2013, 15:38,
1 reply,
12 years ago)
"trust what the browser tells you"brilliant way to implement web security right there
(, Sun 3 Mar 2013, 15:41, Reply)
It was never really intended as a secret squirrel messageboard though.It's just a public messageboard that doesn't allow anonymous posting. It'd be
edit: there are two bigger holes though ... I'm pretty sure I could harvest a bunch of accounts if I was feeling nawty. Fuck knows what for though ... automatically vote all my posts onto the popular page?
(
Dr. Shambolic je suis charlie, Sun 3 Mar 2013, 15:43,
Reply)
in other news, did you see this on /bored yesterday?www.b3ta.com/board/10935687
I mean
fucking hell
(, Sun 3 Mar 2013, 15:43, Reply)
See ... that's the downside of no security ... geek paedos.(
Dr. Shambolic je suis charlie, Sun 3 Mar 2013, 15:46,
Reply)
looks like it's bunging stuff in cookies to reduce database loadgood luck guessing the session ID, it's a GUID
(, Sun 3 Mar 2013, 15:50, Reply)
« Go Back | See The Full Thread