You could always use a IE exploit to crash the browser, if they are still requesting, you know they are not IE. ;) Out of interest, what information are you planning on getting from the browser? Why can you not use certificates? -----Original Message----- From: bruce [mailto:bedouglas@xxxxxxxxxxxxx] Sent: 21 June 2005 16:06 To: 'Rory Browne'; 'Matthew Weier O'Phinney' Cc: php-general@xxxxxxxxxxxxx Subject: RE: Re: security question...?? ************************************* This e-mail has been received by the Revenue Internet e-mail service. ************************************* if i'm the server app, and you tell me that you're IE, v.6, i'd like the ability to somehow be able to gather information from you, such that i can then check with msoft to see if your answers match what msoft claims the answers should be. if you give wrong answers, i can then make a determination as to whether i want to talk with you, or perhaps limit the amount/type of information i allow you to access... this kind of approach goes beyond the 'user/access string' and can actually get to be rather difficult to spoof, or to break... keep in mind, this is an off the top suggestion, i'm sure if someone spent some time, there could be solutions that would be robust, doable, and reasonably secure... -bruce -----Original Message----- From: Rory Browne [mailto:rory.browne@xxxxxxxxx] Sent: Tuesday, June 21, 2005 7:39 AM To: Matthew Weier O'Phinney Cc: php-general@xxxxxxxxxxxxx Subject: Re: Re: security question...?? On 6/21/05, Matthew Weier O'Phinney <matthew@xxxxxxxxxx> wrote: > * "david forums" <dforums@xxxxxxxxxxx>: > > Why don't you try to get interactivity with ID machin which is unique, or > > with mac address. > > MAC address wouldn't work if the user is behind a proxy. I think you mean IP addresses. MAC's won't work if the user is behind a router - which they generally are, unless you're on the same network - ie on an Intranet, and even then....... > > > -- > Matthew Weier O'Phinney | WEBSITES: > Webmaster and IT Specialist | http://www.garden.org > National Gardening Association | http://www.kidsgardening.com > 802-863-5251 x156 | http://nationalgardenmonth.org > mailto:matthew@xxxxxxxxxx | http://vermontbotanical.org > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php ************************ This message has been delivered to the Internet by the Revenue Internet e-mail service ************************* -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
