Categories
Cryptography Vulnerability

Timing Attack on SQL Queries Through Lobste.rs Password Reset

Just to assuage any panic, let me state this up front. If you’re reading this blog post wondering if your Lobste.rs account is at risk, good news: I didn’t publish it until after the vulnerability was mitigated, so you’re safe. You don’t need to change your passwords or anything. This write-up is purely for education […]

Categories
Badness Cryptography Software Security Technology Vulnerability

On The Toxicity of Zed A. Shaw

Boycott Zed Shaw’s writing. (With bonus zero-days in his work.)