Aaron Parecki

alianora https://cybre.space/@nightpool • Jan 23
@aaronpk also, your blog post doesn't immediately address the pinning case—lots of mobile apps pin their certificates now (which, again, is only as secure as far as the computing platform is .....)

that solves a completely different problem (and creates new problems), but isn't related to the challenge of how to avoid embedding secrets

San Francisco, California • 59°F

1 reply

Tue, Jan 22, 2019 4:38pm -08:00
alianora https://cybre.space/@nightpool • Jan 23
@aaronpk ....... who would ever assume this

you'd be surprised how much of web security is not immediately obvious to people

San Francisco, California • 59°F

1 reply

Tue, Jan 22, 2019 4:33pm -08:00
Darius Kazemi https://friend.camp/@darius

@aaronpk Heh. As we used to say at the MMORPG company I used to work at: if it's on the client, assume it's compromised.

San Francisco, California • 59°F

Wed, Jan 23, 2019 12:24am +00:00 (liked on Tue, Jan 22, 2019 4:25pm -08:00)
If you've ever needed a link to send someone to explain why OAuth secrets aren't safe in mobile apps, I made you a thing: https://developer.okta.com/blog/2019/01/22/oauth-api-keys-arent-safe-in-mobile-apps

San Francisco, California, USA • 59°F

13 likes 10 reposts 3 replies

Tue, Jan 22, 2019 4:09pm -08:00 #oauth #oauth2 #api #security
Fred Emmott https://twitter.com/fredemmott • Jan 14
Does anyone have an approachable article for "don't trust the client"? Best I've found is the OAuth threat model RFC (RFC 6819), but it's a bit too long to ask others to read for a quick overview :) (not work related)

I just wrote this up since I couldn't find a good answer online! https://developer.okta.com/blog/2019/01/22/oauth-api-keys-arent-safe-in-mobile-apps

Hope it helps!

San Francisco, California, USA • 69°F

1 like 1 repost

Tue, Jan 22, 2019 3:47pm -08:00
at La Capra Coffee

San Francisco, California • Tue, January 22, 2019 3:42pm

37.790688 -122.397467

San Francisco, CA, United States • 69°F

7 Coins

Tue, Jan 22, 2019 3:42pm -08:00
at Okta SF4

San Francisco, California • Tue, January 22, 2019 3:11pm

37.789283 -122.397535

First time visiting the new office

San Francisco, CA, United States • 69°F

1 like 42 Coins

Tue, Jan 22, 2019 3:11pm -08:00
at ThoughtWorks Inc

San Francisco, California • Tue, January 22, 2019 2:00pm

37.784498 -122.404887

San Francisco, CA, United States • 61°F

5 Coins

Tue, Jan 22, 2019 2:00pm -08:00
Vincent Pickering https://twitter.com/vincentlistens • Jan 22
Or Is it just that it only holds on to a fixed number of mentions?

Even though my site uses webmention.io as its endpoint, I use the web hooks to push all the responses to my site where it stores its own copy of them.

San Francisco, California, USA • 59°F

1 like

Tue, Jan 22, 2019 1:32pm -08:00
Vincent Pickering https://twitter.com/vincentlistens • Jan 22
Or Is it just that it only holds on to a fixed number of mentions?

Neither. The dashboard only shows the latest few, but that's just me being lazy and not giving you a UI to page through older ones. It stores them all forever, and I have no plans to delete old ones there.

But you're right that you should copy that data to your own site somehow!

San Francisco, California, USA • 59°F

1 like

Tue, Jan 22, 2019 1:31pm -08:00
at zpizza

San Francisco, California • Tue, January 22, 2019 1:00pm

37.783204 -122.406138

San Francisco, CA, United States • 59°F

21 Coins

Tue, Jan 22, 2019 1:00pm -08:00
Taxi

27.64mi
Distance

31:35
Duration

12:24pm
Start

12:55pm
End

San Francisco, California • 59°F

Tue, Jan 22, 2019 12:55pm -08:00
at Guardant Health

Redwood City, California • Tue, January 22, 2019 8:40am

37.500542 -122.21802

Redwood City, CA, United States

1 Coin

Tue, Jan 22, 2019 8:40am -08:00
Taxi

28.01mi
Distance

75:36
Duration

7:23am
Start

8:39am
End

Redwood City, California • 44°F

Tue, Jan 22, 2019 8:39am -08:00
at Equator Coffees & Teas

San Francisco, California • Tue, January 22, 2019 7:02am

37.782598 -122.410218

San Francisco, CA, United States • 50°F

9 Coins

Tue, Jan 22, 2019 7:02am -08:00
9:42pm
Asleep

6:32am
Awake

8h 50m
Slept

57m
Awake for

San Francisco, California, USA

Tue, Jan 22, 2019 6:32am -08:00
Contributions from: Australia, France, Germany, Netherlands, Spain, Switzerland, United Kingdom, United States

Tue, Jan 22, 2019 12:34am -08:00
Upgrading my Monthly Summary Pages

Inspired by cleverdevil's monthly summary pages, I started working on my own version of them on my website!
continue reading...

7 likes 2 reposts

Mon, Jan 21, 2019 8:49pm -08:00 #indieweb #p3k
at Hotel Union Square

San Francisco, California • Mon, January 21, 2019 8:26pm

37.785776 -122.407887

San Francisco, CA, United States • 53°F

1 like 2 Coins

Mon, Jan 21, 2019 8:26pm -08:00
at Trader Joe's

San Francisco, California • Mon, January 21, 2019 8:13pm

37.78554 -122.405455

San Francisco, CA, United States • 53°F

25 Coins

Mon, Jan 21, 2019 8:13pm -08:00

older

Aaron Parecki

Upgrading my Monthly Summary Pages