Aaron Parecki

#security

• 

  Now that @1Password launched passkey support *and* it's integrated into iOS 17 with the 1Password app, I feel like I can finally actually take the plunge and set up passkeys everywhere!
  
  No more passwords! and the login UX is so much better too!

  Portland, Oregon, USA • 59°F

  32 likes 9 reposts 2 replies 1 mention

  #security #passkey #password

  Sat, Sep 23, 2023 6:48pm -07:00
• HPKE: Standardizing public-key encryption (finally!) (blog.cloudflare.com)

  #encryption #security

  Wed, Aug 30, 2023 6:05pm -07:00
• Device Bound Session Credentials explainer (github.com)

  #cookies #browsers #security #oauth

  Tue, Aug 29, 2023 3:50pm -07:00
• MSEdgeExplainers/BindingContext/explainer.md at main · MicrosoftEdge/MSEdgeExplainers (github.com)

  #dpop #bpop #oauth #security #cookies #browsers

  Tue, Aug 29, 2023 3:49pm -07:00
• London (LHR) to Portland (PDX)

  August 25, 2023 from 3:30pm (+0100) to 5:20pm (-0700)

  British Airways Flight 267

  

  Portland Intl in Portland

  #oauth #security

  permalink
• OAuth Security Workshop

  Aug

  22

  Aug

  23

  Aug

  24

  August 22-24, 2023
  3 days

  Royal Holloway

  Runnymede, England, GBR

  #oauth #security

  permalink
• Portland (PDX) to London (LHR)

  August 18, 2023 at 7:10pm (-0700) until Aug 19 at 12:35pm (+0100)

  British Airways Flight 266

  

  Heathrow in London

  #oauth #security

  permalink
• London

  Aug

  18

  Aug

  …

  Aug

  25

  August 18-25, 2023
  8 days

  London

  London, England, GB

  #oauth #security

  permalink
• 

  May the 4th be with you! Brand new OAuth shirts just launched: "I find your lack of security disturbing"
  
  Available in a variety of styles and also as a hacker hoodie!
  
  https://shop.oauth.net/listing/lack-of-security-disturbing?product=46

  

  Portland, Oregon, USA • 49°F

  12 likes 4 reposts 1 reply

  #oauth #security

  Thu, May 4, 2023 11:31am -07:00
• Chloé Messdaghi https://twitter.com/ChloeMessdaghi

  Excited to host the "Security Superstream: Application Security" event tomorrow with @OReillyMedia. Join experts in the field to learn about the latest techniques for securing your applications and data.
  
  Register now: https://www.oreilly.com/live-events/security-superstream-application-security/0636920083707/0636920083706/
  #security #appsec #cybersecurity

  Portland, Oregon • 50°F

  #security #appsec #cybersecurity

  Wed, Apr 12, 2023 3:55pm +00:00 (liked on Wed, Apr 12, 2023 5:16pm -07:00)
• Xenomorph Android malware now steals data from 400 banks (www.bleepingcomputer.com)

  #security #android

  Wed, Apr 12, 2023 10:05am -07:00
• 

  we all know the real reason you install iOS updates 👀
  
  p.s. go update your devices

  

  Portland, Oregon, USA • 48°F

  28 likes 11 reposts 6 replies

  #security #emoji #ios

  Fri, Apr 7, 2023 8:26pm -07:00
• 

  Yet another reason why Token Exchange is dangerous 🤯😱
  
  "Bing is allowed to issue Office tokens for any logged-on user"
  
  https://twitter.com/hillai/status/1641146523990753290

  神奈川県, JPN

  13 likes 4 replies 1 mention

  #security #oauth

  Thu, Mar 30, 2023 9:54am +09:00
• 

  another day, another account takeover caused by an open redirector and the OAuth Implicit flow 🫠
  
  https://salt.security/blog/traveling-with-oauth-account-takeover-on-booking-com

  Portland, Oregon • 40°F

  14 likes 4 reposts 1 reply

  #oauth #security

  Thu, Mar 2, 2023 10:16am -08:00
• Let's build a Chrome extension that steals everything (mattfrisbie.substack.com)

  #security

  Fri, Feb 24, 2023 9:58am -08:00
• 

  I'm a big fan of using more secure two-factor authentication methods like a security key or TouchID, but I will admit I never expected charging people to use SMS would be a viable strategy to get them off it 😅 https://blog.twitter.com/en_us/topics/product/2023/an-update-on-two-factor-authentication-using-sms-on-twitter

  Portland, Oregon, USA • 43°F

  46 likes 6 reposts 12 replies

  #security #2fa #mfa #twitter

  Fri, Feb 17, 2023 9:26pm -08:00
• Hacking into Toyota’s global supplier management network (eaton-works.com)

  #security

  Mon, Feb 13, 2023 12:39pm -08:00
• Things You Should Do Now (secure.phabricator.com)

  #security #software

  Thu, Feb 9, 2023 4:17pm -08:00
• 

  I've given many talks about how mobile apps can't be deployed with a secret, and using Twitter's 2013 "hacks" as an example. I'm just going to leave this completely unrelated string of random characters here for no particular reason
  
  GgDYlkSvaPxGxC4X8liwpUoqKwwr3lCADbz8A7ADU

  Portland, Oregon, USA • 43°F

  100 likes 52 reposts 10 replies

  #twitter #oauth #security

  Thu, Feb 2, 2023 8:12pm -08:00
• Cory Foy https://mstdn.social/@cory_foy

  With all the hubbub around password managers today I’m so grateful for the foresight my mother had when she was younger changing her maiden name to a randomly generated 18 character word that resets itself every 30 days. #InfoSec #Security #LastPass

  Portland, Oregon • 19°F

  #Lastpass #Security #InfoSec

  Fri, Dec 23, 2022 3:26am +00:00 (liked on Thu, Dec 22, 2022 8:07pm -08:00)