[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

hijacked session anomaly?

after anonymously replying to a thread in the mozillazine forums (that is to say, i was not logged in, cookies and javascript disabled also), i found my post to be registered to a user as if it was posted by that user.  i was also logged in with this user's credentials and could view their profile, etc.!  this was only possible for a short while, after which i suspect the tor circuit was rotated.

can someone explain how this is possible?  like i mentioned my own cookies and javascript was disabled, so all i can think of was it had something to do with the exit ip address of the tor circuit i was using during that instant.... quite alarming!

Attachment: signature.asc
Description: OpenPGP digital signature