>It allows the server to store cookies based in your IP address + MAC address. How does the server get my MAC address?
Zachary Turner
Even more reason to use VPNs and spoof MACs. Thanks, Pajeet. Stop trying to invade privacy, buddy, it isn't cool.
Gavin Stewart
Sounds like BS to me, friendo.
>I also am working on an extension that lets you keep all your site cookies in the cloud or on your own server and browse with local cookies disabled. Lmao, nice security risk if true, retard. >*browse social media, or banking* >*using SSC* >*hax0r steals your SSC and pretends to be you* >*bankrupt and homeless because of some retard on Jow Forums* Tyvm.
Justin Jenkins
Good thing it is imposible to spoof mac and ip
Levi Campbell
With the extension. You can transfer your whole session from a PC to another without logging into any botnet, all computers that you use are in sync.
I made it cause I got tired of logging in to porn sites when in incognito mode, now you don't need to, you're still logged in.
Jackson Walker
>I made it cause I got tired of logging in to porn sites when in incognito mode, now you don't need to, you're still logged in. Imagine being this retarded. You're literally hackers best friend. Unless you air gap your SSC server (making it useless), it is a security risk.
It's like how software stop being called software and everyone started calling them "apps", even on desktops, back in 2010.
Dominic Morris
pls make this popular so i can exploit a bunch of retards thx pajeet
Mason Cox
Because it requires the extension to function, it isn't what OP says it is.
Jeremiah Evans
All browsers that you have across all PCs that you have, regardless of "private" mode, will continue to stay logged in so long as the extension is installed and the MAC addresses and IP addresses are white listed because the cookies are stored remotely for privacy.
>be browsing Jow Forums >want to watch porn >go to pornhub.com in incognito >have to login
Now you don't need to, cause your cookies carry over.
Eli Bailey
And your gf will never suspect a thing.
Nicholas Hughes
This, you install an app on your phone and install a software on your PC
Dominic Young
But you're breaking the concept of private browser/incognito. I don't want to carry over anything. I want to stay logged out when possible.
Justin Green
App is short for application What's short for software?
Camden King
I’ll just shitpost here as your “idea” is a literal joke
>be at public library >need to use PC >install extension >Type in your MAC address from the previous computer you used >Bam, you can continue where you left off
Oh, cool, so instead of rememering my Faceberg password I now have to install an extension, remember my MAC address (Why?) and a password. Just bring all my cookies potentially being cached in that library computer and having the next user stealing them.
Aaron Hall
Just MAC address, no password. And only if you want go transfer between PCs, this is primarily designed to allow you be enter incognito mode without losing cookies.
Angel Peterson
You are aware that spoofing mac adressess is simple as fuck right?
Adam Smith
so you invented lastpass autofill but even more insecure cool
Isaac Howard
I know this is a parody post, but god damn this hit me hard. This is exactly the type of shit the "architects" at my current job would come up with.
For perspective I literally had a coworker write his own database abstraction layer in Java that is nothing more than a thin wrapper around JDBC. His big selling point was that it had better performance than raw JDBC and that he had benchmarks to prove it. It's like... how can a wrapper around JDBC be faster than JDBC itself? The dude didn't account for the fact that the server was caching things and his benchmarks were worthless, yet he presented it at a meeting completely seriously. I cringed so fucking hard.
Angel Reed
Not with sane operating systems which turn on privacy extensions by default. At least Windows also picks random stable client identifiers which aren't derived from the interface MAC address. For example, my link-local address is fe80::e8b8:c6bd:7fc5:4992.
Jason Flores
I could make it ask for your IP address as well for extra security.
Blake White
why not login+pass?
Jackson Ortiz
You could also have the client store a session id or something, so you know only one person can login... Wait...
Jaxson Gray
He faked it, but did he make it?
Robert Clark
can we get non-invasive websites insted pls
Charles Brown
This would make the MAC address a "secret key". But here's the thing, MAC addresses are not globally unique. There are two numbers in a MAC address. The manufacture ID, and some random 24 bit number 24 bits may stop an attack on a rate limiting server. It may not stop targeted attacks on weaker infrastructure
You should probably randomly generate a 128 bit number on install and use that. But here's the thing. What if I phish a user to go to my site and send me that token? It should probably be randomly generated per site
In fact, can we trust clients to have a secure random number generator? We should generate it on the server just in case
Congrats. We just made session tokens
Gavin Jones
>IP address + MAC address Ever heard of phonefags? They roam between wifis and 4g. IP isn't constant. Also, you don't get to know my mac through http(s)
Samuel Bailey
you just invented firefox containers. congrats OP
Xavier Hall
That didn't just magically happen. Apps has been short for applications for a long time my dude. "killer app" was in common parlance long before mobile devices were even a thing.