Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @not_aardvark
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @not_aardvark
-
Prikvačeni tweet
I wrote a blog post about that time I broke GitHub's OAuth flowhttps://blog.teddykatz.com/2019/11/05/github-oauth-bypass.html …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Teddy Katz proslijedio/la je Tweet
You are building a tabulation system on the critical path of human history. Do you: a) Have your decent public university CS dept build an open-source solution and ask for public review? b) Pay the lowest bidder and keep it secret from election security experts?https://twitter.com/cwarzel/status/1224539006689411072 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Teddy Katz proslijedio/la je TweetHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Teddy Katz proslijedio/la je Tweet
Anyway, back to SHA1. It’s really heartening that CAs have been forced to actually upgrade this time. That’s why they had to run this attack on (janky) PGP WoT and not something that matters. This is good news!
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Teddy Katz proslijedio/la je Tweet
My 4yo son has been asking about how each day went at work, and I always try to explain. The other day he asked, "Daddy, why do the computers break all the time? Can you make them not break?" ... And it's just just it's hard and we're really trying
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
New blogpost about an account takeover bug. This one took awhile to figure outhttps://blog.teddykatz.com/2019/11/23/json-padding-oracles.html …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
How I accidentally took down GitHub Actionshttps://blog.teddykatz.com/2019/11/12/github-actions-dos.html …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
The .new TLD, aka "the ICANN-approved enterprise-edition URL shortener"https://twitter.com/github/status/1189320513543397376 …
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Teddy Katz proslijedio/la je Tweet
Text Rendering Hates You, a random collection of weird problems you need to deal with when rendering text: https://gankra.github.io/blah/text-hates-you/ …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
(And if you can, start supporting U2F/WebAuthn on your site so that this whole space becomes less of a mess.)
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
You should be able to change your 2FA settings/scan a new TOTP code without disabling 2FA entirely as an intermediate step. This is particularly true if disabling 2FA will result in your account immediately getting kicked from something on the site due to a 2FA requirement.
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
If you do invalidate backup codes, you should make it explicit that the old codes won't work. When you give people backup codes to download, include a timestamp in the file so that they can tell which set of codes is newer.
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
If your site supports multiple forms of 2FA (e.g. TOTP and backup codes), you should be able to change or view your TOTP secret without also invalidating your backup codes. Managing backup codes is a pain, and I don't want to be worried about lockout from storing outdated codes.
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
I just did the "got a new phone, reset 2FA for dozens of accounts" ritual. Some thoughts about desirable UX for 2FA settings:
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Teddy Katz proslijedio/la je Tweet
welcome to computer security world, where the best advice you can give is to install a password manager, and all the password managers suck
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Teddy Katz proslijedio/la je Tweet
I blogged about plugin/extension system design http://marijnhaverbeke.nl/blog/extensibility.html …
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Teddy Katz proslijedio/la je Tweet
I avoid password re-use by getting a new pet and naming each one a random 32-character string. But my house is overrun with cats.
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Teddy Katz proslijedio/la je Tweet
On Monday (August 19th), the ESLint team will release a fix for a security issue. The issue affects users that run ESLint on untrusted code (e.g. websites that lint a project's code as a service). More details about the issue will be available when the release is published.
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Teddy Katz proslijedio/la je Tweet
we understand fault tolerance in terms of properties of the system: we build things that are robust in the face of network partitions, unexpected load, and so on. but it seems like incredibly bad engineering to build systems that only work if the designer never made a mistake.
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
This isn't an easy problem to solve. But something needs to change, because having so many major organizations using vulnerable software isn't sustainable. We have an obligation to protect users from security problems, and that includes making sure they can always easily update.
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.