On 2010-04-30, Roger Shoaf wrote:

"Ignoramus9191" wrote in message
...




Got an Email reply from them. Seems that they tested the site and found
the same thing I did. The message said they were putting the site on
maintainance mode to test it more. Haven't tried it again but last night
I could pull up random names just about every time.


I think that what happens is that they give everyone the same cookie
(one cookie value given to everyone).

i

I wonder then if that was the case, if one could then deliberately fool the
system by generating your own cookies and thus harvesting personal
information deliberately?


On decent websites, cookies are hard to guess. My site algebra.com
gives cookies like this:

Set-Cookie: algebra_session=99c16b978354929m73a48ag2e1d7a850; path=/; expires=Mon, 05-Jul-2010 21:21:30 GMT

(cookie slightly altered but looks same as the original). It is not
easy to guess someone else's cookie.

i