Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
AppDefects
Community Champion
‎07-08-2019 12:47 PM
‎07-08-2019 12:47 PM

OpenID Foundation - Taking a bite out Apple

When Apple announced their forthcoming iOS 13 "Sign In with Apple" service the public rejoiced! Security guaranteed! Privacy preserved! Now, the technical implementation details are coming out we see what a disaster it is in the making. I'm glad to see my friends over at the OpenID Foundation have taken deep technical dive into how the service is implemented and identified a ton of software defects. The list is long. See for yourself here

Reply
4 Replies
Flyslinger2
Community Champion
‎07-08-2019 02:23 PM
‎07-08-2019 02:23 PM

It's always been a beef of mine that Apple has thumbed their noses at standards that would guarantee the image of their forward thinking about authentication and the integration of modern MFA options.  I love their products. Just not happy with this shortsightedness. 

Reply
0 Kudos
rslade
Influencer II
‎07-08-2019 03:27 PM
‎07-08-2019 03:27 PM

I remember back when Microsoft messed with Kerberos in much the same way ...


............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
Reply
Flyslinger2
Community Champion
‎07-09-2019 07:16 AM
‎07-09-2019 07:16 AM

And kerberos is still going strong all of the years (since late 1980's)!

Reply
0 Kudos
rslade
Influencer II
‎07-09-2019 12:52 PM
‎07-09-2019 12:52 PM

> Flyslinger2 (Community Champion) posted a new reply in Tech Talk on 07-09-2019

> And kerberos is still going strong all of the years (since late 1980's)!

Such an elegant protocol ...

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
It is always the person not in the predicament who knows what
ought to have been done in it - `A Christmas Carol', Charles Dickens
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://is.gd/RotlWB

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
Reply
0 Kudos