The Paymaxx compromise referred to in the DStar paper involved an attacker incrementing the number in a URL parameter, which caused the backend tax form generator to request other users' data from the database (details here: http://web.archive.org/web/20050517181905/http://www.thinkcomputer.com/corporate/news/identitycrisis.pdf). Explain how DStar's labels fix this problem. [Hint: you may find Figure 3 useful.] *
Your answer
Please ask me (and the presenter) a question about DStar. This can be something that confused you, or something you'd like to discuss, or something you're curious to learn more about. *