Aaron Parecki

#security

• Everybody is getting tragically sim swapped and you will too (www.tonysheng.com)

  London, England

  #sim #security #hack

  Wed, Jun 19, 2019 11:54pm +01:00
• privacy/security concerns · Issue #68 · plaid/link (web.archive.org)

  London, England

  #bank #security #oauth

  Wed, Jun 19, 2019 11:32am +01:00
• Drummond Reed https://twitter.com/drummondreed

  Biggest laugh at #IIW so far: when @justin__richer in his session on “Is #selfsovereignidentity really possible” turned to Dave Crocker and said that we can all blame him for the Internet not having #security built in from the start.

  

  San Jose, California • 49°F

  #IIW #selfsovereignidentity #security

  Thu, May 2, 2019 6:03pm +00:00 (liked on Thu, May 2, 2019 4:18pm -07:00)
• #110293 Insufficient OAuth callback validation which leads to Periscope account takeover (hackerone.com)

  Portland, Oregon • 49°F

  #oauth #twitter #security

  Fri, Apr 12, 2019 11:37pm -07:00
• Security Considerations While Using ssh-agent. – Command Prompt, Inc. (www.commandprompt.com)

  Langenhagen, Niedersachsen • 49°F

  #ssh #security

  Fri, Apr 12, 2019 10:29am +02:00
• Aaron Parecki https://aaronparecki.com/

  Standing room only for my talk at #oktane19! 🎉 "OAuth: When Things Go Wrong" I had a blast, thanks everyone for coming to the session!
  The video will be posted to the @okta YouTube channel soon! .
  .
  .
  #okta #oktane #oauth #security #devrel #facebookfail #twitterfail #googlefail 📷 @quorralyne

  

  San Francisco, California • 49°F

  #oktane19 #okta #oktane #oauth #security #devrel #facebookfail #twitterfail #googlefail

  Wed, Apr 3, 2019 3:48pm -07:00 (liked on Thu, Apr 4, 2019 7:35am -07:00)
• 

  Standing room only for my talk at #oktane19! 🎉 "OAuth: When Things Go Wrong" I had a blast, thanks everyone for coming to the session!
  The video will be posted to the @okta YouTube channel soon! .
  .
  .
  #okta #oktane #oauth #security #devrel #facebookfail #twitterfail #googlefail 📷 @quorralyne

  

  Moscone West Convention Center in San Francisco, California, USA • 49°F

  20 likes 1 repost 2 replies

  #oktane19 #okta #oktane #oauth #security #devrel #facebookfail #twitterfail #googlefail

  Wed, Apr 3, 2019 3:48pm -07:00
• How To Spoof PDF Signatures (web-in-security.blogspot.com)

  Portland, Oregon • 35°F

  #pdf #security

  Wed, Mar 6, 2019 11:36am -08:00
• #202781 Chained Bugs to Leak Victim's Uber's FB Oauth Token (hackerone.com)

  Austin, Texas • 49°F

  #oauth #security #hack #bug #uber

  Mon, Feb 25, 2019 9:06am -06:00
• [Uber 8k Bug] Login CSRF + Open Redirect = Account Take Over – Ron Chan (ngailong.wordpress.com)

  Austin, Texas • 49°F

  #oauth #security

  Mon, Feb 25, 2019 9:05am -06:00
• Trusted Types help prevent Cross-Site Scripting  |  Web  |  Google Developers (developers.google.com)

  Portland, Oregon • 36°F

  #xss #web #security

  Sun, Feb 17, 2019 7:31am -08:00
• Chaining Tricky OAuth Exploitation To Stored XSS – Rohan Aggarwal – Medium (medium.com)

  Portland, Oregon • 41°F

  #oauth #security #xss

  Sun, Jan 27, 2019 4:48pm -08:00
• 

  If you've ever needed a link to send someone to explain why OAuth secrets aren't safe in mobile apps, I made you a thing: https://developer.okta.com/blog/2019/01/22/oauth-api-keys-arent-safe-in-mobile-apps

  San Francisco, California, USA • 59°F

  13 likes 10 reposts 3 replies

  #oauth #oauth2 #api #security

  Tue, Jan 22, 2019 4:09pm -08:00
• Blue Iris - Video Security Software (blueirissoftware.com)

  San Jose, California • 59°F

  #homeautomation #security #camera

  Wed, Jan 16, 2019 10:26pm -08:00
• willman duffy https://twitter.com/willmanduffy

  0 factor auth

  

  Portland, Oregon • 52°F

  #security #auth #mfa

  Thu, Dec 13, 2018 3:45pm +00:00 (liked on Mon, Dec 17, 2018 2:59pm -08:00)
• NFC Card Emulation with ACR122u(PN532) (salmg.net)

  Los Angeles, California • 62°F

  #nfc #security #oauth

  Sun, Dec 2, 2018 3:04pm -08:00
• 

  Yet another example of why SMS is terrible for 2fa and account recovery.
  
  "the database — running on Amazon’s Elasticsearch — was configured with a Kibana front-end, making the data within easily readable"
  
  https://techcrunch.com/2018/11/15/millions-sms-text-messages-leaked-two-factor-codes/

  Chicago, Illinois, USA • 39°F

  7 likes 9 reposts 2 replies

  #security #sms #2fa

  Fri, Nov 16, 2018 3:23pm -06:00
• Shinobi - Simple CCTV and NVR Solution - Home (shinobi.video)

  Portland, Oregon • 88°F

  #cctv #security

  Tue, Aug 7, 2018 8:01pm -07:00
• Securing Web Sites Made Them Less Accessible – Eric’s Archived Thoughts (meyerweb.com)

  Portland, Oregon • 91°F

  #https #security #web

  Tue, Aug 7, 2018 4:01pm -07:00
• WireGuard: fast, modern, secure VPN tunnel (www.wireguard.com)

  Portland, Oregon • 92°F

  #vpn #security

  Sun, Jul 29, 2018 8:03pm -07:00