[Wikipedia-l] possible security issue

[Brion Vibber]

rubenste at ohio.edu wrote:

>I need advice, or concrete help, concerning a technical matter.  I have 
>been abroad for the past four days, and have been accessing Wikipedia 
>from internet cafes.  When I log on, I of course have avoided checking 
>the box that asks if I want the computer to remember by password across 
>sessions.  Nevertheless, I have just discovered that the computers I 
>have been using now long me on automatically.
>
Are you sure of that? Note that when you log out (or let the session 
time out), any pages you've visited while logged in are still in your 
browser's cache.

If the page doesn't change by the next time you visit, the cached 
version will be displayed, with your name in the corner, but as far as 
the wiki is concerned, you're not logged in.

Note also that the wiki _does_ leave a cookie with your username when 
you log in, so when you come back it puts the last username you used in 
the login form (but not the password). If you're paranoid, clear the 
cookies manually when you're finished.

If it *is* automatically logging you in, that could be a problem. More 
information would help.

-- brion vibber (brion @ pobox.com)