Word to the wise, don't use "==" to compare MACs: https://github.com/rack/rack/commit/0cd7e9aa397f8ebb3b8481d67dbac8b4863a7f07 …
@BradfordToney @steveklabnik "==" on strings does a value-wise comparison and will check a byte-at-a-time and fail fast, not constant time
-
-
@bascule@steveklabnik I meant the secure compare -
@BradfordToney@steveklabnik yeah, byte-at-a-time XOR, check the result at the end
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.