Tuesday, February 05, 2008

Oh and there's something up with my Goodreads account for the past week -- every time I go there, it signs me up as someone else. Sometimes I'm a Sonia or a Ginger. Sometimes people I did not approve (and who I'm pretty sure didn't ask to be my friend) are suddenly friends.

Chris believes they have a "cross-site-scripting vulnerability" so I'm gonna write them and ask what's up.

And for the record, I did not add Sexy Beast IV to my "To Read" list -- although it seems highly recommended.

4 Comments:

At 2:27 PM, Blogger Chris said...

To be clear I suspect that the site is using a non-unique (or not unique enough) cookie value for 'userid' (or their equivalent of same). Something that rolls over inside the period before the cookie expires. An example would be a cookie in the space 1-100 where you get 101 visitors inside the lifetime of the cookie (say the lifetime is 1 minute).

Anyway, goodreads really ought to fix this before some who means bad figures it out and starts adding dirty pron to your reading list.

 
At 2:48 PM, Blogger Unknown said...

I don't have an account there anymore.

 
At 8:27 PM, Blogger Unknown said...

I thought Sexy Beast was the name of the next No Tell athology.

 
At 11:36 PM, Blogger shanna said...

Mmmm, cookies. & pr0n. (Thanks, Chris, for that explanation! I hear you're very tall.)

 

Post a Comment

<< Home