WeChat ID
aaronpk_tv
-
Singapore, Singapore • Thu, November 21, 2019 7:35pm#OAuth WG dinner β with anomalily, microformats -
OH: "at the end of the day, a specification is a programming language designed to run on the worst runtime environment: engineers" @justin__richer #ietf106
-
Singapore, Singapore • Wed, November 20, 2019 12:56pm
-
Just posted a page with the full agenda and links to related specs we'll be discussing at the #IETF106 OAuth meetings this week!
https://oauth.net/events/2019-11-ietf106/
Remote participation is free if you're into that sort of thing. -
wow #oredev is fast with the videos! My "How to Hack OAuth" talk is already posted!
πΊ https://vimeo.com/371495209
π https://speakerdeck.com/aaronpk/how-to-hack-oauth-oredev-2019 -
Slides from my "How to Hack OAuth" talk at #oredev are up!
https://speakerdeck.com/aaronpk/how-to-hack-oauth-oredev-2019
Thanks everyone for coming to watch and I hope you got something out of it! I'll post again when the video is out! -
Made it to MalmΓΆ! Looking forward to Γredev this week where I'll be giving two talks!
βπ How to Hack OAuth
https://oredev.org/sessions/how-to-hack-oauth
and
π π«βοΈ Smarter Home Automation Without the Cloud
https://oredev.org/sessions/smarter-home-automation-without-the-cloud
See you there! π
-
for april 1 next year I think I'm going to change the oauth.net home page to show just a login page that asks you to type in your google username and password and see what happens π
-
We are live! and I am dressed as a cat! answering your #OAuth and OpenID Connect questions for @oktadev haunted office hours!
https://www.youtube.com/watch?v=GeSJa4I8Zew
-
Come hang out with me and my @oktadev coworkers at our virtual office hours next week! π» You can get all your OAuth questions answered live!
https://twitter.com/oktadev/status/1186368150087950336 -
I'm not gonna say JSON Web Tokens are *bad* (if used properly), but I'm also not gonna say they're *great* either.
Here's an interesting alternative though: PASETO
https://developer.okta.com/blog/2019/10/17/a-thorough-introduction-to-paseto -
A thing I started doing: instead of recording my full workshops, I set a voice memo recorder on the podium, and when someone has a question, I press record, repeat the question, and then answer it. Now my recorder is full of Q&A that I can incorporate back into the presentation!
-
Stay safe out there kids https://twitter.com/digitallawyer/status/1181348689756864513
-
If you missed my talk from @APIdaysAU last month, I just posted the video online!
Securing Your APIs with #OAuth 2.0: https://youtu.be/PfvSD6MmEmQ -
I'll be giving a talk at @APIDaysAU at 1:30pm today! "Securing your APIs with OAuth".
There will be cats, because I know OAuth can be scary at times.
https://www.apidays.co/melbourne -
This @jack situation is making me rethink my phone number strategy. I've been treating my SIM number as disposable and easily replaceable, where the number I use for 2FA is a google voice number. But now I'm thinking treating my SIM number as a password is a better plan.
-
βͺI had a great time at #kcdc2019 and had a blast creating the "perfect" programming language with @coreylweathers @hunteraham @rdegges and @briandemers! π₯π»π₯ https://youtu.be/3cAF4iBbd24 -
TIL even web developers aren't safe from side-channel attacks. Nice overview of CORB and why it's important. https://developer.okta.com/blog/2019/08/26/combat-side-channel-attacks-with-corb
-
Something about Apple's decision to do "OAuth-but-not-quite" rubbed me the wrong way, but this is a great example of how it breaks down very concretely.
https://twitter.com/atomicbird/status/1163478833326108673
