Aaron Parecki

58°F

Dr. Fett https://twitter.com/dfett42

In this study by @____pieter____ 56% of OAuth providers are susceptible to the PKCE Sidestep attack that I described in https://danielfett.de/2020/05/16/pkce-vs-nonce-equivalent-or-not/ #osw2020

Portland, Oregon • 71°F

Wed, Jul 22, 2020 6:53pm +00:00 (liked on Wed, Jul 22, 2020 11:59am -07:00) #osw2020
Mitch https://mastodon.xyz/@mitchkiah

@aaronpk woah, love the paint there!

Portland, Oregon • 65°F

Wed, Jul 22, 2020 3:49pm +00:00 (liked on Wed, Jul 22, 2020 8:49am -07:00)
Jim Manico https://twitter.com/manicode

Theory: Twitter internal tools were comprised via CSRF due to insider information.

Portland, Oregon • 64°F

Wed, Jul 22, 2020 2:51pm +00:00 (liked on Wed, Jul 22, 2020 8:18am -07:00)
Taka@Authlete, BaaS for OAuth 2.0 & OpenID Connect https://twitter.com/darutk

"OAUTH 2.1" by Aaron Parecki (@aaronpk) in OAuth Security Workshop 2020 (#osw2020).

https://barcamptools.eu/oauth-security-workshop-2020/events/0d0423b6-5924-4e6f-8b3b-63edbbe0ae59/oauth_2_1

OAuth 2.1 aims to simplify the maze of the specifications.

Portland, Oregon • 64°F

Wed, Jul 22, 2020 2:40pm +00:00 (liked on Wed, Jul 22, 2020 8:17am -07:00) #osw2020
Taka@Authlete, BaaS for OAuth 2.0 & OpenID Connect https://twitter.com/darutk

Another client type "credentialed", in addition to "public" and "confidential". The concept is being explained by Aaron (@aaronpk) in #osw2020.

The OAuth 2.1 Authorization Framework
https://tools.ietf.org/html/draft-parecki-oauth-v2-1

Portland, Oregon • 64°F

Wed, Jul 22, 2020 2:48pm +00:00 (liked on Wed, Jul 22, 2020 8:17am -07:00) #osw2020
Vladimir Dzhuvinov 🇪🇺 🇧🇬 https://twitter.com/dzhuvi

OAuth 2.1 becomes the simpler & more secure #OAuth. A bunch of existing RFCs and drafts roll into one, so easier to follow too. Presented by @aaronpk at the #osw2020

Portland, Oregon • 64°F

Wed, Jul 22, 2020 2:57pm +00:00 (liked on Wed, Jul 22, 2020 8:16am -07:00) #OAuth #osw2020
Becki (& Chris) https://twitter.com/beckiandchris

The auto play drives me nuts, it’s like having music on a website

Portland, Oregon • 64°F

Wed, Jul 22, 2020 2:14pm +00:00 (liked on Wed, Jul 22, 2020 7:16am -07:00)
Taka@Authlete, BaaS for OAuth 2.0 & OpenID Connect https://twitter.com/darutk

"PROTECKING SINGLE-PAGE APPS USING OAUTH" by Aaron Parecki (@aaronpk) in #osw2020. Single-Page Application architectures are introduced.

Portland, Oregon • 64°F

Wed, Jul 22, 2020 1:00pm +00:00 (liked on Wed, Jul 22, 2020 6:10am -07:00) #osw2020
Dr. Fett https://twitter.com/dfett42

#osw2020

Portland, Oregon • 64°F

Wed, Jul 22, 2020 12:44pm +00:00 (liked on Wed, Jul 22, 2020 5:59am -07:00) #osw2020
Vladimir Dzhuvinov 🇪🇺 🇧🇬 https://twitter.com/dzhuvi

Today @aaronpk will be presenting #OAuth 2.1. The core OAuth grants are getting consolidated, security gets hardened with PKCE #osw2020 https://barcamptools.eu/oauth-security-workshop-2020/events/0d0423b6-5924-4e6f-8b3b-63edbbe0ae59/oauth_2_1

Portland, Oregon • 64°F

Wed, Jul 22, 2020 8:56am +00:00 (liked on Wed, Jul 22, 2020 4:52am -07:00) #OAuth #osw2020
Emoji Mashup Bot+ https://twitter.com/EmojiMashupPlus

base from 😨 (fear)
eyes from 😡 (angry)
mouth from 🥳 (party-horn)

Portland, Oregon • 78°F

Wed, Jul 22, 2020 3:15am +00:00 (liked on Tue, Jul 21, 2020 8:46pm -07:00)
Andrew Stauffer https://twitter.com/stauaj

https://twitter.com/stauaj/status/1285758102692913153?s=12

Portland, Oregon • 82°F

Wed, Jul 22, 2020 2:06am +00:00 (liked on Tue, Jul 21, 2020 7:07pm -07:00)
Stein https://twitter.com/steinekin

A phrase heard every weekday in 2020

Portland, Oregon • 85°F

Wed, Jul 22, 2020 1:41am +00:00 (liked on Tue, Jul 21, 2020 6:53pm -07:00)
Thomas Frank https://twitter.com/TomFrankly

Being a YouTuber is like being a baseball player, except you feel bad if you don't hit a home run literally every single time

Portland, Oregon • 87°F

Mon, Jul 20, 2020 7:06pm +00:00 (liked on Mon, Jul 20, 2020 8:02pm -07:00)
📷 PhotoJoseph 🎥 https://twitter.com/photojoseph

A few steps closer…

Portland, Oregon • 90°F

Tue, Jul 21, 2020 1:47am +00:00 (liked on Mon, Jul 20, 2020 7:02pm -07:00)
Sara Schaefer https://twitter.com/saraschaefer1

can’t stop thinking about the overlap between people who say “all lives matter” and people who refuse to wear a mask to protect even just one life

Portland, Oregon • 74°F

Sun, Jul 19, 2020 9:02pm +00:00 (liked on Mon, Jul 20, 2020 10:31am -07:00)
Eugene is wearing a mask when he leaves the house https://twitter.com/CaponDesign

New Youtubers: How do I get more subs and views?
YouTube Vets:
- Make more content.
- Learn the craft.
- Study trends and video exiting techniques.
- Collab with other Youtubers of the same size.

80% of New Youtubers: I guess I'll never know...

Portland, Oregon • 74°F

Mon, Jul 20, 2020 3:44am +00:00 (liked on Mon, Jul 20, 2020 10:26am -07:00)
Roberto Blake 🧢 #AWESOMESQUAD https://twitter.com/robertoblake

If you want to block SPECIFIC Ads from your YouTube Channel because they are bad for your audience, follow these steps from @NickNimmin

Portland, Oregon • 71°F

Mon, Jul 20, 2020 4:25pm +00:00 (liked on Mon, Jul 20, 2020 9:29am -07:00)
Nick Nimmin https://twitter.com/NickNimmin

1. Go to this url and log in: https://www.google.com/adsense/start/

2. In the left navigation click on "blocking controls"

3. Click "all sites in the same column.

4. Click "manage advertiser URLs" in the middle of the page

5. Enter URLs you want to block and slide the slider to "block".

Portland, Oregon • 71°F

Mon, Jul 20, 2020 2:47pm +00:00 (liked on Mon, Jul 20, 2020 9:29am -07:00)
Problematic Fave 🤘🏾 https://twitter.com/ItsTimiDuhh

Idk when Americans will understand that they only cut jobs so the owners/investors will keep making the same amount of money, not because they CAN’T afford to pay people more. They just don’t want to take a pay cut. It has nothing to do with saving jobs.

Portland, Oregon • 71°F

Mon, Jul 20, 2020 4:11pm +00:00 (liked on Mon, Jul 20, 2020 9:28am -07:00)

older