[WEB SECURITY] IP address change: relogin

Martin O'Neal martin.oneal at corsaire.com
Thu May 22 10:43:28 EDT 2008

> If there are other methods, I'd be interested in hearing about them

I think what people are looking for here is a technical solution to a
logical problem.  Logically, an attacker that already has access to the
data in transit (or on the client), has access to all the components
needed to subvert any controls you can implement at the client.  All
they need is the time and desire to subvert them.


Join us on IRC: irc.freenode.net #webappsec

Have a question? Search The Web Security Mailing List Archives: 

Subscribe via RSS: 
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

Join WASC on LinkedIn

More information about the websecurity mailing list