Just realized that lastpass is built on php. arg wtf wtf. :-( Anyone audit their server-side code / encryption?
-
-
Replying to @inthecloud247
@inthecloud247 even as a lastpass user I've been thinking there's a little too much groupthink on this in the infosec community1 reply 0 retweets 0 likes -
Replying to @kylemaxwell
@kylemaxwell After speaking w ppl at#defcon this year, seems that php *can* be fine, but u can get in lots of trouble w built-in functions1 reply 0 retweets 0 likes -
Replying to @inthecloud247
@inthecloud247 even so: everybody "trusts" Lastpass but based on... what? (this includes me)2 replies 0 retweets 0 likes
Replying to @kylemaxwell
@kylemaxwell Met Jeff from Agilbits/1password at #passwordscon & #defcon . He was ++great. Don't know anyone from lastpass so can't compare
12:14 PM - 13 Aug 2013
0 replies
0 retweets
0 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.