To be Frank, who I am not (I’m Hai), I can’t tell if you’re a troll or not. Although, if you’re not, my meme is not “wrong” or spreading misinformation it contains a logical fallacy, as many jokes do. I can list jokes that contain logical fallacies upon request.
Bruh, pointing out that “you’re spreading out misinformation as a joke” isn’t trolling. I’d recommend going out to touch grass, but given how thin your skin is, I am afraid you’re at aggravated risks of third degree burns from the slightest sun exposure, even during a cloudy day. So I’ll recommend for you to wear a thick coat and go see a dermatologist instead.
@7heo@tdawg, i only keep data from sites which i visit every day, no other, using Site Bleacher, it remove automatically cookies, local storages, IndexedDBs, service workers, cache storages, filesystems and webSQLs from all not whitelisted sites. This keeps clean the browser and HD.
Congratulations, you now have access to all the (not yet expired) sessions (i.e. accounts) your target ever used, because they follow(ed) the recommendations in the meme of OP and in your comment.
Depends on your (actually, their, for example if it implies ephemeral server sessions) definition of “incognito”. But if you mean “incognito” as in “private browsing”, it makes no difference (as it has no server side impact whatsoever).
A file is a file, a remote database entry is a remote database entry. You need both gone (and securely deleted, as in srm(1), to be really and irredeemably logged off).
Admittedly, secure deletion doesn’t really matter on the server side, as restoring deleted files require filesystem level access on the server, and if an attacker has that, you’ve got other things to worry about.
expired
Fair point, I made the meme to be silly, and, yes, this is one of the many reasons why tokens in general should expire after some point in time.
Also the meme isn’t wrong, memes don’t need logic, they’re supposed to give people a giggle.
expired
To be Frank, who I am not (I’m Hai), I can’t tell if you’re a troll or not. Although, if you’re not, my meme is not “wrong” or spreading misinformation it contains a logical fallacy, as many jokes do. I can list jokes that contain logical fallacies upon request.
Bruh, pointing out that “you’re spreading out misinformation as a joke” isn’t trolling. I’d recommend going out to touch grass, but given how thin your skin is, I am afraid you’re at aggravated risks of third degree burns from the slightest sun exposure, even during a cloudy day. So I’ll recommend for you to wear a thick coat and go see a dermatologist instead.
P.S.: nice pun, I loled.
Look at this guy over here, nerding out about the WiFi.
Jk, glad to find someone in the comments correcting the misinformation in the meme. OP is probably a hacker who likes to do session hijacking.
Not a hacker, just a silly goofball.
JWT sounds great on paper until you have to deal with logout and revocations. Might as well use standard session cookies.
expired
Fr my thoughts exactly
And what happens next time they load the site?
expired
@7heo @tdawg, i only keep data from sites which i visit every day, no other, using Site Bleacher, it remove automatically cookies, local storages, IndexedDBs, service workers, cache storages, filesystems and webSQLs from all not whitelisted sites. This keeps clean the browser and HD.
https://github.com/wooque/site-bleacher
Similar alternative
https://github.com/Cookie-AutoDelete/Cookie-AutoDelete
Yeah, so lemme show you a few tools since we’re on the topic of sharing.
winfr,testdisk, etc).Please log out from apps and websites!
What about incognito sessions?
Depends on your (actually, their, for example if it implies ephemeral server sessions) definition of “incognito”. But if you mean “incognito” as in “private browsing”, it makes no difference (as it has no server side impact whatsoever).
A file is a file, a remote database entry is a remote database entry. You need both gone (and securely deleted, as in
srm(1), to be really and irredeemably logged off).Admittedly, secure deletion doesn’t really matter on the server side, as restoring deleted files require filesystem level access on the server, and if an attacker has that, you’ve got other things to worry about.
Yeah, that’s what I was curious about, the security issues you mentioned as I wasn’t clear in my understanding until now. Thanks.
Yeah you really should do both. Some session cookies can just be used as tracking cookies later.
expired