Forgot your password?
typodupeerror

Comment: trust models of ad hoc (Score 1) 126

I've long believed that ad hoc networks like this are mostly a fantasy because the potential for mischief as they become popular (ie, in the large) overrides their ability to do interesting things in the small. if you're not looking from the outset out how something can be gamed if it gets popular, you're part of the problem not part of the solution.

Comment: Native apps == insecure (Score 2) 86

by shirikodama (#43251687) Attached to: A Truckload of OAuth Issues That Would Make Any Author Quit
I brought this up with the oauth working group and got snarled at by lots of people including Eran Hammer. It's nice to see that other people are noticing the same problems. When you have a native app, you can show the user anything to get their confidence, and with some work get their credentials, including apps with webview's. OAuth's security model was not designed with native apps in mind, it was designed for ~trustable web browsers. This isn't surprising because OAuth was designed before the current fad for native apps happened around 2006-2007 when the world was all browsers all the time.

Comment: Mother of all honey pots (Score 2) 346

by shirikodama (#40452183) Attached to: Facebook Says Your Email Is @Facebook
I know of absolutely no one that uses facebook mail, and probably the vast majority have no idea it even exists. So anything that uses my or anybody else's facebook mail account is obviously a spammer who screen scraped it from my account. In a perverse way, this is a Good Thing because it attracts spammers and absolutely nobody else. It could actually be interesting to find out how quickly your facebook honey pot fills up which shows how much bad guys are paying attention to your facebook account.

Serving coffee on aircraft causes turbulence.

Working...