Jump to content

User talk:Blaufish

Page contents not supported in other languages.
From Wikipedia, the free encyclopedia

Talk!

[edit]

Hi. I have seen you have added an interesting section to that article. There is however a point you may clarify: I understand that the difference between cookie theft and cross site cooking is that the first works by making the browser execute a script, while the second exploit a browser bug. Is this correct? Or is the difference not this one? - Liberatore(T) 00:36, 11 February 2006 (UTC)[reply]

Blaufish (Longer reply T): Cookie theft is many different things exploits. The purpose of cookie theft is for someone to steal cookies from client / server communication. Yes, cookie theft through cross site scripting does involve executing scripts.

Cross Site Cooking is however that another malicious site is confusing a browser, and setting the cookie. http://evil-guy/ setting cookies for http://your-bank/ and such.

Thank you, now it's perfectly clear to me. I have added three images in HTTP cookie to clarify the difference. If you think they are incorrect in some way, let me know so that I can modify them.
As for the talk pages, most people just do what you did (write in the talk page of the person they want to tell something to). BTW, to sign your post, add four tildes, like: ~~~~. This automatically adds your name and the date of the post. - Liberatore(T) 13:53, 15 February 2006 (UTC)[reply]

Welcome

[edit]

And, since you haven't received a welcome message so far:


Welcome!

Hello, Blaufish, and welcome to Wikipedia! Thank you for your contributions. I hope you like the place and decide to stay. Here are a few good links for newcomers:

I hope you enjoy editing here and being a Wikipedian! Please sign your name on talk pages using four tildes (~~~~); this will automatically produce your name and the date. If you need help, check out Wikipedia:Where to ask a question, ask me on my talk page, or place {{helpme}} on your talk page and someone will show up shortly to answer your questions. Again, welcome!  - Liberatore(T) 00:36, 11 February 2006 (UTC)[reply]


It is a good idea to create this article :) However, I think that the first example, "Trivial attack scenario", is over-simplified and could lead the reader to think it is just about injecting HTTP variables as script global variables. The third example is misleading too, in my opinion. I suggest removing them or making them clearer. Cheers ! Nicolas1981 22:19, 2 March 2006 (UTC)[reply]

What is '%c0%9v'?

[edit]

your edit

URL encoding don't include 'v'. Please reedit Directory traversal. thanks. —Preceding unsigned comment added by 122.24.255.214 (talk) 00:12, 3 February 2010 (UTC)[reply]

Reply: I have clarified and added references. UTF-8 attacks also did include invalid percent encodings, so there were actually two encoding problems exploited in the same attacks. IIRC, it was highly dependent on the particular i18n DLL's installed on the windows machine, that's why it had so many variants; it wasn't a IDS evasion technique. --Blaufish (talk) 00:38, 28 August 2010 (UTC)[reply]

Hi,
You appear to be eligible to vote in the current Arbitration Committee election. The Arbitration Committee is the panel of editors responsible for conducting the Wikipedia arbitration process. It has the authority to enact binding solutions for disputes between editors, primarily related to serious behavioural issues that the community has been unable to resolve. This includes the ability to impose site bans, topic bans, editing restrictions, and other measures needed to maintain our editing environment. The arbitration policy describes the Committee's roles and responsibilities in greater detail. If you wish to participate, you are welcome to review the candidates' statements and submit your choices on the voting page. For the Election committee, MediaWiki message delivery (talk) 13:38, 23 November 2015 (UTC)[reply]

October 2020

[edit]

Copyright problem icon Your edit to Block cipher mode of operation has been removed in whole or in part, as it appears to have added copyrighted material to Wikipedia without evidence of permission from the copyright holder. If you are the copyright holder, please read Wikipedia:Donating copyrighted materials for more information on uploading your material to Wikipedia. For legal reasons, Wikipedia cannot accept copyrighted material, including text or images from print publications or from other websites, without an appropriate and verifiable license. All such contributions will be deleted. You may use external websites or publications as a source of information, but not as a source of content, such as sentences or images—you must write using your own words. Wikipedia takes copyright very seriously, and persistent violators of our copyright policy will be blocked from editing. See Wikipedia:Copying text from other sources for more information. — Diannaa (talk) 21:27, 20 October 2020 (UTC)[reply]


Sorry. I thought the IETF RFC description and the research article it is based on was in the public domain and loosely reworded. I'll rewrite in my own words :)

Blaufish (talk) 18:07, 21 October 2020 (UTC)[reply]

ArbCom 2020 Elections voter message

[edit]
Hello! Voting in the 2020 Arbitration Committee elections is now open until 23:59 (UTC) on Monday, 7 December 2020. All eligible users are allowed to vote. Users with alternate accounts may only vote once.

The Arbitration Committee is the panel of editors responsible for conducting the Wikipedia arbitration process. It has the authority to impose binding solutions to disputes between editors, primarily for serious conduct disputes the community has been unable to resolve. This includes the authority to impose site bans, topic bans, editing restrictions, and other measures needed to maintain our editing environment. The arbitration policy describes the Committee's roles and responsibilities in greater detail.

If you wish to participate in the 2020 election, please review the candidates and submit your choices on the voting page. If you no longer wish to receive these messages, you may add {{NoACEMM}} to your user talk page. MediaWiki message delivery (talk) 01:21, 24 November 2020 (UTC)[reply]