spamsink: (Default)
spamsink ([personal profile] spamsink) wrote2007-06-08 06:17 pm
  • Add Memory
  • Share This Entry
Entry tags:

Из супа вынули, но в кастрюле оставили

Отписался от СУПа - желтая звезда на груди на тулбаре исчезла. Пошел руками на livejournal.ru - я там залогинен. Нажал "выйти". В окне LJ.com нажал "Reload" - тулбара больше нет, я никто. Залогинился снова, сделал "Reload" на LJ.ru - я там снова залогинен.
Flat | Top-Level Comments Only

[identity profile] ivan-ghandhi.livejournal.com 2007-06-11 12:38 am (UTC)(link)
Fuck! Okay, I'll have go gradually quit. There's no way one can reasonably maintain the faith that the guys are going to maintain our privacy.

How the hell can they share cookies from different domains? Do they identify us by ip address lookup or what?

[identity profile] spamsink.livejournal.com 2007-06-11 06:02 am (UTC)(link)
Just before I unsubscribed, the set of cookies for the two domains was the same - it could be that they exchange info under the wraps. After unsubscribing the lj.ru cookies are clean, but they seem to use an lj.com picture or some kind of insert to show you login state and to allow logging in or out.

[identity profile] syarzhuk.livejournal.com 2007-06-11 12:35 pm (UTC)(link)
http://syarzhuk.livejournal.com/469645.html
They say:
LiveJournal whitelists specific partner sites, so that it is not necessary for you to authorize them via OpenID

To this I replied:
The http://www.livejournal.com/openid/options.bml page clearly shows the sites that the LiveJournal user trusts. You are saying that LJ whitelists 'specific partner sites', which would be fine if a) the list of these sites was made public; b) each user had an option to distrust specific sites. Without these two options this becomes a privacy issue.

Of course, they did nothing and closed the request
Flat | Top-Level Comments Only