Aaron Parecki

#Security

• Amazon.com : D-Link DCS-2630L Full HD 180-Degree Wi-Fi Camera (Black) : Camera & Photo (www.amazon.com)

  Mon, May 9, 2016 5:28pm +02:00 #camera #security
• D-Link DCS-2330L HD Outdoor Wi-Fi Camera (White) : Camera & Photo (www.amazon.com)

  Mon, May 9, 2016 5:27pm +02:00 #camera #security
• D-Link Camera Video Recorder mydlink-Enabled (DNR-202L) : Digital Surveillance Recorders : Camera & Photo (www.amazon.com)

  Mon, May 9, 2016 5:27pm +02:00 #camera #security
• What technical reasons are there to have low maximum password lengths? - Information Security Stack Exchange (security.stackexchange.com)

  Wed, Jan 13, 2016 3:17pm -08:00 #password #security #bananas
• 🌈 http://tantek.com/

  Talking #WoT @W3CAB. I say any #IoT #security “expert” must at a minimum post their home IP adr & list of appliances. (ttk.me t4d71)

  Wed, Sep 9, 2015 11:07am -08:00 (liked on Wed, Sep 9, 2015 12:40pm -07:00) #WoT #IoT #security
• Into the symmetry: Open redirect in rfc6749 aka 'The OAuth 2.0 Authorization Framework' (intothesymmetry.blogspot.ch)

  Sat, Apr 18, 2015 10:44am -07:00 #oauth2 #security
• Critical vulnerabilities in JSON Web Token libraries (auth0.com)

  Wed, Apr 1, 2015 11:13am -05:00 #jwt #security
• Top 5 OAuth 2 Implementation Vulnerabilities (intothesymmetry.blogspot.ch)

  Tue, Jan 6, 2015 1:49pm -08:00 #oauth2 #security
• Into the symmetry: Beware what you click (intothesymmetry.blogspot.ch)

  Tue, Jan 6, 2015 1:49pm -08:00 #oauth2 #security #github
• SpoofedMe Social Login Attack Discovered by IBM X-Force Researchers (securityintelligence.com)

  Sun, Dec 7, 2014 9:36am -08:00 #oauth #security #oauth2
• MySpace Worm Explanation (namb.la)

  Tue, Nov 18, 2014 1:15pm -08:00 #javascript #security #worm
• The Value of a Name (ello.co)

  as of Saturday morning my number had been forwarded to a number I did not recognize. Unreal. So, as far I can tell, the attack actually started with my cell phone provider, which somehow allowed some level of access or social engineering into my Google account, which then allowed the hackers to receive a password reset email from Instagram, giving them control of the account.

  Fri, Oct 31, 2014 6:43pm -07:00 #security #2fa
• 

  The comments on this "hacking a Gmail account with just a phone number" article make me reconsider using SMS/phone as a security mechanism at all. Original article: https://ello.co/gb/post/knOWk-qeTqfSpJ6f8-arCQ Comments: https://news.ycombinator.com/item?id=8541313

  Portland, Oregon, USA

  2 likes 5 reposts 1 reply

  Fri, Oct 31, 2014 6:33pm -07:00 #security
• I work as a sales rep in-store for a telco. From a security perspective, it's ridiculous... | Hacker News (news.ycombinator.com)

  Anyone relying on two-factor auth with a phone number who uses my company is vulnerable. Simple as that. It would take a determined attacker a day to get control of your number.

  Fri, Oct 31, 2014 6:27pm -07:00 #2fa #security
• Google Two Factor Authentication, possible attacks and prevention (zerocool.is-a-geek.net)

  To prevent this kind of attack we need to: limit the number of login attempts, ban IPs that send a large number of login requests

  Wed, Oct 15, 2014 12:22pm -07:00 #indieauth #totp #security
• Reverse Heartbleed Tester (reverseheartbleed.com)

  Thu, Apr 10, 2014 2:01pm -07:00 #heartbleed #ops #security #ssl
• What should a website operator do about the Heartbleed OpenSSL exploit? (security.stackexchange.com)

  Thu, Apr 10, 2014 1:35pm -07:00 #heartbleed #openssl #ops #security
• How to explain Heartbleed without technical terms? (security.stackexchange.com)

  Thu, Apr 10, 2014 1:22pm -07:00 #heartbleed #ops #security #ssl
• 

  Just got this email from Dreamhost. https://gist.github.com/aaronpk/7475391 An interesting proactive response to the Adobe user db leak!

  Portland, OR, USA

  Thu, Nov 14, 2013 2:30pm -08:00 #security #passwords

• A Simple Encrypted Password File on OSX

  Here's a really simple trick for keeping an encrypted file for passwords and other sensitive information on OS X or Linux. I use this to keep some basic password hints and account numbers on my computer.

  continue reading...

  2 mentions

  Mon, Jul 29, 2013 1:42am -07:00 #security #password #encryption