Forgot your password?
typodupeerror

Submission Summary: 0 pending, 2 declined, 1 accepted (3 total, 33.33% accepted)

+ - Truckload of OAuth issues that would make any author quit-> 5

Submitted by DeFender1031
DeFender1031 (1107097) writes "Several months ago, when Eran Hammer ragequit the OAuth project, many people thought he was simply being overly dramatic, given that he gave only vague indications of what went wrong.

Since then, and despite that, many companies have been switching to OAuth, citing it as a "superior form of secure authentication" but a fresh and objective look at the protocol highlights the significant design flaws in the system and sheds some light on what might have led to its creator's breakdown."

Link to Original Source
Encryption

+ - HTTPS encryption is too little too late->

Submitted by DeFender1031
DeFender1031 (1107097) writes "So it's time to pay the bills. You go to your bank's website to transfer some money, you log in, and your account information is completely secure because the bank's servers establish an HTTPS connection with your browser, right? WRONG! This article describes in plain english how a man-in-the-middle can be performed prior to an HTTPS handshake, neutralizing any security precautions that might have been in place. The attack described here can be extended to any protocol where the server specifies whether to use a secure or insecure mode."
Link to Original Source
The Internet

+ - Is HTTPTorrent the next-gen for web browsing?-> 2

Submitted by DeFender1031
DeFender1031 (1107097) writes "We're all aware of BitTorrent and how it works. This proposal suggests that some of the concepts of BitTorrent can be applied to run-of-the-mill web browsing to lighten server load and distribute downloads to browsers which have already cached the same site. While it's not an official RFC, the idea certainly has promise, and if implemented, could help speed up download times, but more importantly, it could help small (or even large) websites save bandwidth, and as we all know, bandwidth is money."
Link to Original Source

Scientists are people who build the Brooklyn Bridge and then buy it. -- William Buckley

Working...