It already is a server-side thing. This post shows how to steal that session/tok... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		gcr on Aug 28, 2013 \| parent \| context \| favorite \| on: Researchers reverse-engineer the Dropbox client: W... It already is a server-side thing. This post shows how to steal that session/token/ticket after the authentication step. What are you proposing?

tlrobinson on Aug 28, 2013 [–]

In that case this is no worse than stealing a cookie for a site which required 2FA, which presumably requires local access.

Consider applying for YC's Summer 2026 batch! Applications are open till May 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact