Yefim Vedernikoff
@yefim · Full Stack Engineer, Raise.me
Finally a useful Chrome extension! ;)
Missing one small feature:
38sharetweet・
Jarred Sumner
@jarredsumner
@yefim I should build that!!
21sharetweet・
Lasse Rafn
@lasserafn · Apricot
@yefim this is likely to be impossible (at least 100%) sure the link can expire but nothing prevents the receiver from saving the cookies for later :/
14sharetweet・
Jarred Sumner
@jarredsumner
@lasserafn chrome extension could mitm sites using access URLs via webRequest API and then the only way to get the cookies yourself is to use Wireshark or Charles w/ trusted self signed cert, but yeah not 100% solution. The 100% solution is probably a proxy, which has other issues (streaming netflix through a proxy is bad)
5sharetweet・
Fuat Ertunc
@fuater
@lasserafn @yefim That's right - it is an easy to use tool but you cannot call it secure. Also if the web app you login allows this it is a high chance that it is open to cross site scripting and csrf attacks. Still good job! Looks like you turn a trivial hacking method to something enjoyable, at least for some folks ;)
5sharetweet・
Ferit T.
@fokusman · Frontend Techie
@fuater @lasserafn @yefim as long as we send it to non-techies I wouldn't see it as a big problem . A really cool idea!
5sharetweet・
applab
@badroidlabs
@jarredsumner the better is proxy with VPN, to be more secured?
4sharetweet・
Michael Mroz
@mroz_io · Software Engineer, Atlassian
@fokusman @fuater @lasserafn @yefim That doesn't really sit well with me. This is security software. Any feature that obscures the degree to which you have control is not a feature that should be implemented, imo.
2sharetweet・
Austin Heap
@austinheap · Magical Unicorn
@mroz_io @fokusman @fuater @lasserafn @yefim This product creates a security vulnerability for users where one didn't previous exist. It seems absurdly irresponsible to market it without such a warning.
6sharetweet・