Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×

Submission + - Preventing the next Heartbleed (blogspot.com)

An anonymous reader writes: Developers are now devising techniques to prevent attacks like Heartbleed which expolit unrestricted access to private key in memory. Using these techniques will prevent buffer overflows and other coding mistakes result in similar catastrophies.

One stunnel-like server is already employing this technique. It remains to be seen when Apache, OpenSSH, and other important server software will follow.

Submission + - Why is anyone using OAuth 2.0? (blogspot.com)

insane_coder writes: "The general consensus till now has been that OAuth 2.0 was an overly complicated and misdesigned framework resulting from an "unbridgeable conflict between the web and the enterprise worlds", where enterprise developers designed the framework completely contrary to the needs of the general web population.

New analysis demonstrates that the design of OAuth 2.0 runs completely counter to the needs of the enterprise market as well.

So if OAuth 2.0 isn't good for the web nor the enterprise, so who is it good for? And why is service after service switching to it, offering a confusing non-protocol, and crippling their capabilities?"

Slashdot Top Deals

Writing software is more fun than working.

Working...