Main > Everything Else

YouOS

<< < (2/4) > >>

ChadTower:
If it has access to your local session cookies, any saved user/pass combos are in danger.  Saved credit cards?  Any site you log into with a social security number?  Oops.  I'm not going in for that reason - but depending on what classes it may be installing, or god forbid it convince people to install activex controls, it could get access to your whole OS.

jfunk:
Eh, it seems plenty secure.  It doesn't install any activex or anything.  It's YOUR browser that has the session cookie access, not the mini browser.  All that mini browser is is an iframe containing the site you entered surrounded by some fancy graphics.

The whole thing is just javascript/dhtml/ajax, right?  Pretty slick, too.  Wonder when Google's gonna buy them?

Disclaimer:  This is just my casual perusal of the thing.  I have no knowledge of its inner workings  :)

ChadTower:

--- Quote from: jfunk on March 19, 2008, 02:44:59 pm --- It's YOUR browser that has the session cookie access, not the mini browser. 

--- End quote ---

And their app recognized BYOAC's local cookie, passing it through itself into the BYOAC session inside the minibrowser.

ark_ader:
Use Virtual PC to minimise any danger.

jfunk:

--- Quote from: ChadTower on March 19, 2008, 03:27:38 pm ---
--- Quote from: jfunk on March 19, 2008, 02:44:59 pm --- It's YOUR browser that has the session cookie access, not the mini browser. 

--- End quote ---

And their app recognized BYOAC's local cookie, passing it through itself into the BYOAC session inside the minibrowser.

--- End quote ---

Not really.  It's just a fancy webpage.  The cookie doesn't pass through it.  It's just frames.  Again, from cursory inspection... 

Navigation

[0] Message Index

[#] Next page

[*] Previous page

Go to full version