I just invented "SSC" Server-Side Cookies.
It allows the server to store cookies based in your IP address + MAC address.
I also am working on an extension that lets you keep all your site cookies in the cloud or on your own server and browse with local cookies disabled.
Grats fren
what are some applications for this?
>It allows the server to store cookies based in your IP address + MAC address.
How does the server get my MAC address?
Even more reason to use VPNs and spoof MACs. Thanks, Pajeet. Stop trying to invade privacy, buddy, it isn't cool.
Sounds like BS to me, friendo.
>I also am working on an extension that lets you keep all your site cookies in the cloud or on your own server and browse with local cookies disabled.
Lmao, nice security risk if true, retard.
>*browse social media, or banking*
>*using SSC*
>*hax0r steals your SSC and pretends to be you*
>*bankrupt and homeless because of some retard on Jow Forums*
Tyvm.
Good thing it is imposible to spoof mac and ip
With the extension.
You can transfer your whole session from a PC to another without logging into any botnet, all computers that you use are in sync.
I made it cause I got tired of logging in to porn sites when in incognito mode, now you don't need to, you're still logged in.
>I made it cause I got tired of logging in to porn sites when in incognito mode, now you don't need to, you're still logged in.
Imagine being this retarded. You're literally hackers best friend.
Unless you air gap your SSC server (making it useless), it is a security risk.
so the call cookies extensions now
what you are describing does not make any sense
It's like how software stop being called software and everyone started calling them "apps", even on desktops, back in 2010.
pls make this popular so i can exploit a bunch of retards
thx pajeet
Because it requires the extension to function, it isn't what OP says it is.
All browsers that you have across all PCs that you have, regardless of "private" mode, will continue to stay logged in so long as the extension is installed and the MAC addresses and IP addresses are white listed because the cookies are stored remotely for privacy.
>be browsing Jow Forums
>want to watch porn
>go to pornhub.com in incognito
>have to login
Now you don't need to, cause your cookies carry over.
And your gf will never suspect a thing.
This, you install an app on your phone and install a software on your PC
But you're breaking the concept of private browser/incognito. I don't want to carry over anything. I want to stay logged out when possible.
App is short for application
What's short for software?
I’ll just shitpost here as your “idea” is a literal joke
IPv6 botnet does that.
>be at public library
>need to use PC
>install extension
>Type in your MAC address from the previous computer you used
>Bam, you can continue where you left off
I think it's not a joke
fuck your thread
Oh, cool, so instead of rememering my Faceberg password I now have to install an extension, remember my MAC address (Why?) and a password. Just bring all my cookies potentially being cached in that library computer and having the next user stealing them.
Just MAC address, no password.
And only if you want go transfer between PCs, this is primarily designed to allow you be enter incognito mode without losing cookies.
You are aware that spoofing mac adressess is simple as fuck right?
so you invented lastpass autofill but even more insecure
cool
I know this is a parody post, but god damn this hit me hard. This is exactly the type of shit the "architects" at my current job would come up with.
For perspective I literally had a coworker write his own database abstraction layer in Java that is nothing more than a thin wrapper around JDBC. His big selling point was that it had better performance than raw JDBC and that he had benchmarks to prove it. It's like... how can a wrapper around JDBC be faster than JDBC itself? The dude didn't account for the fact that the server was caching things and his benchmarks were worthless, yet he presented it at a meeting completely seriously. I cringed so fucking hard.
Not with sane operating systems which turn on privacy extensions by default.
At least Windows also picks random stable client identifiers which aren't derived from the interface MAC address. For example, my link-local address is fe80::e8b8:c6bd:7fc5:4992.
I could make it ask for your IP address as well for extra security.
why not login+pass?
You could also have the client store a session id or something, so you know only one person can login... Wait...
He faked it, but did he make it?
can we get non-invasive websites insted pls
This would make the MAC address a "secret key". But here's the thing, MAC addresses are not globally unique. There are two numbers in a MAC address. The manufacture ID, and some random 24 bit number
24 bits may stop an attack on a rate limiting server. It may not stop targeted attacks on weaker infrastructure
You should probably randomly generate a 128 bit number on install and use that. But here's the thing. What if I phish a user to go to my site and send me that token? It should probably be randomly generated per site
In fact, can we trust clients to have a secure random number generator? We should generate it on the server just in case
Congrats. We just made session tokens
>IP address + MAC address
Ever heard of phonefags? They roam between wifis and 4g. IP isn't constant.
Also, you don't get to know my mac through http(s)
you just invented firefox containers. congrats OP
That didn't just magically happen. Apps has been short for applications for a long time my dude. "killer app" was in common parlance long before mobile devices were even a thing.
>back in 2010
try more than 2 decades ago
Tracking people against their will.
You didnt 'invent' this.
soft or warez