lcamtuf’s blog: HTTP cookies, or how not to design protocols
For as long as I remember, HTTP cookies have been vilified as a grave threat to the privacy of online browsing; wrongly so. That said, the mechanism itself is a very interesting cautionary tale for security engineers – and that will be the theme of today’s feature.