cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
AppDefects
Community Champion

OpenID Foundation - Taking a bite out Apple

When Apple announced their forthcoming iOS 13 "Sign In with Apple" service the public rejoiced! Security guaranteed! Privacy preserved! Now, the technical implementation details are coming out we see what a disaster it is in the making. I'm glad to see my friends over at the OpenID Foundation have taken deep technical dive into how the service is implemented and identified a ton of software defects. The list is long. See for yourself here

4 Replies
Flyslinger2
Community Champion

It's always been a beef of mine that Apple has thumbed their noses at standards that would guarantee the image of their forward thinking about authentication and the integration of modern MFA options.  I love their products. Just not happy with this shortsightedness. 

rslade
Influencer II

I remember back when Microsoft messed with Kerberos in much the same way ...


............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
Flyslinger2
Community Champion

And kerberos is still going strong all of the years (since late 1980's)!

rslade
Influencer II

> Flyslinger2 (Community Champion) posted a new reply in Tech Talk on 07-09-2019

> And kerberos is still going strong all of the years (since late 1980's)!

Such an elegant protocol ...

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
It is always the person not in the predicament who knows what
ought to have been done in it - `A Christmas Carol', Charles Dickens
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://is.gd/RotlWB

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468