The RSA site got pwned due to third-party JS. Dare I say some form of sub-resource integrity might have helped? http://krebsonsecurity.com/2014/05/complexity-as-the-enemy-of-security/ …
-
-
Replying to @BRIAN_____
@BRIAN_____: What would you like to see? How can we meaningfully reduce the privilege of script running in your origin?@frgx1 reply 0 retweets 0 likes -
Replying to @BRIAN_____
@BRIAN_____: Put another way, what does GA need to run? And how can we give it just that?@frgx1 reply 0 retweets 0 likes -
Replying to @BRIAN_____
@BRIAN_____@mikewest When GA wants to update the set of listeners to add (say new spec) how will GA update it across the web?2 replies 0 retweets 0 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.