[Dshield] A few issues at the DShield site…

Peter Stendahl-Juvonen peter.stendahl-juvonen at welho.com
Thu Aug 10 12:54:03 GMT 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Valdis et al.

Thanks for prompt reply.

Please find elaboration (on one of the DShield challenges) below your post.


8.8.2006 17:32 (UTC+3), Valdis.Kletnieks at vt.edu kirjoitti/wrote:
> On Tue, 08 Aug 2006 00:25:11 +0300, Peter Stendahl-Juvonen said:
>> *The 'Remember me' option does not function* .  :-(
>>
>> Only once, when leaving the DShield site and returning before closing
>> Firefox (1.5.0.6 FI), did I manage to avoid the redundant re-login
>> procedure.
> 
> This is quite often the result of a cookie blocker.  Are you accepting
> cookies from the DShield site?
> 


1) Yes, am accepting cookies from the DShield site.   :-D

2) I have also turned in the browser's settings the wiping of the
cookies off at close of browser (exit, un-launch).

3) For the purpose, use instead a browser extension doing the erase of
*unprotected* cookies at start-up (launch) of the browser.

Please, however note, that I have set the DShield auto-login cookie as a
'Protect[ed] cookie', which means the DShield auto-login cookie will
stay as it is in the browser cache, until the respective (DShield in
this case) site alters the content of the cookie.

4) Also have classified the auto-login cookie (set by the DShield site
into my browser's cache) as 'Protect cookie' in the privacy tool I use.

Therefore, the privacy tool does *not* erase, i.e. wipe its contents
beyond recovery, scramble its name and dates and finally remove it from
disk.

Thanks anyway for checking.  :-)

5) Please, also accept apology for the disinformation regarding the "one
time automatic successful re-login" as it was unluckily clearly just
disinformation and factually never happened, as I clarified in another
post [8.8.2006 19:37 (UTC+3)] to this list:

(START QUOTE)
Being able to get back into the authenticated http connection was due to
using the Internet browser's 'return to previous page' function.

If and when attempting to return to the DShield site by targeting for,
e.g. URL https://secure.dshield.org/myreports.php does not invoke an
authenticated http connection (with the help of the auto-login cookie in
browser cache). The DShield server changes the previously valid content
of the cookie to contain the text string "invalid" (without the quotes)
as soon attempting authentication by means of the auto-login cookie.

Unluckily, the malfunction of the 'Remember me' feature causes multiple,
redundant logins.   :-(

Nevertheless, please consider removing the 'Remember me' feature, if it
cannot be fixed (by obtainable means).

Not having the malfunctioning 'Remember me' feature available would save
one hand movement as well as a tick in the box (in the 'Remember me'
fill in form).   :-)

Thanks in advance for fixing the bug (or removing of the broken feature).
(END OF CITATION)


BTW, *the DShield site is the one and only site*, where I experience
*issues with automated login*.


Therefore, the question remains;
*does the DShield auto-login feature work properly for someone*?

What Internet browser do you use?


Does the does the DShield auto-login feature work *frequently* properly
for someone?


Thanks in advance for any pointers.

- - Pete


      "Absence of proof is not proof of absence."
        Carl Sagan (1934-1996); US astronomer.



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFE2yxqQ21KCihDnSQRAitFAJ9e5k7EsTjOglF6lQS+TrcsGIrYMACdGhLU
qvyPV85i6olrUjUsEVHkPBk=
=Us4D
-----END PGP SIGNATURE-----


More information about the list mailing list