[Foundation-l] Cookie based blocking and bug #3233. A quick hack implimented on commons.

Jeff V. Merkey jmerkey at wolfmountaingroup.com
Tue Dec 12 17:17:30 UTC 2006

Tim Starling wrote:

>Jeffrey V. Merkey wrote:
>>A better solution is to embed the MAC address of the workstation into 
>>the cookie itself, so you can track someone no matter what account
>>or IP they use.
>It should be obvious that you can't obtain the MAC address using any
>documented Java or JavaScript interface, that would be a privacy issue. 
I think you can, but yes, this is an intrusion of peoples privacy.


>once suggested a browser plugin, "click yes at the security dialog box to
>allow editing from AOL", but for some reason the response from those
>present was not positive... You might expect some anti-spyware advocates
>to get annoyed, since in essence that's what it would be. Then there's the
>issue of trusting data from the client: if you want to add anti-debugger
>and anti-disassembly measures then it becomes a significant development
>task, and no such measure is perfect anyway.
>-- Tim Starling
>foundation-l mailing list
>foundation-l at wikimedia.org

More information about the foundation-l mailing list