cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 
Advocate I

OpenID Foundation - Taking a bite out Apple

When Apple announced their forthcoming iOS 13 "Sign In with Apple" service the public rejoiced! Security guaranteed! Privacy preserved! Now, the technical implementation details are coming out we see what a disaster it is in the making. I'm glad to see my friends over at the OpenID Foundation have taken deep technical dive into how the service is implemented and identified a ton of software defects. The list is long. See for yourself here

1 Solution

Accepted Solutions
Community Champion

Re: OpenID Foundation - Taking a bite out Apple

I remember back when Microsoft messed with Kerberos in much the same way ...


............
This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
4 Replies
Community Champion

Re: OpenID Foundation - Taking a bite out Apple

It's always been a beef of mine that Apple has thumbed their noses at standards that would guarantee the image of their forward thinking about authentication and the integration of modern MFA options.  I love their products. Just not happy with this shortsightedness. 

Community Champion

Re: OpenID Foundation - Taking a bite out Apple

I remember back when Microsoft messed with Kerberos in much the same way ...


............
This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
Community Champion

Re: OpenID Foundation - Taking a bite out Apple

And kerberos is still going strong all of the years (since late 1980's)!

Community Champion

Re: OpenID Foundation - Taking a bite out Apple

> Flyslinger2 (Community Champion) posted a new reply in Tech Talk on 07-09-2019

> And kerberos is still going strong all of the years (since late 1980's)!

Such an elegant protocol ...

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
It is always the person not in the predicament who knows what
ought to have been done in it - `A Christmas Carol', Charles Dickens
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://is.gd/RotlWB

............
This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468