On August 8, wordpress.org was down for a few hours after a Chicago data center outage. During the outage, a user of Salt Shaker reported the plugin replaced salt keys with an outage notice, leading to a WSOD on a customer’s site: Probably the plugin just scraped and copied what was displayed at https://api.wordpress.org/secret-key/1.1/salt/. wordpress.org… Continue reading Talk about edge cases!
Category: passwords
A Taxonomy of Access Control
Bruce Schneier thinks this idea from Ittay Eyal is brilliant and broadly applicable. Since I like pretty much everything Bruce says (that I can understand) I tried to get my head around this and the discussion it spawned in Post Status Slack with Rowley and JJJ. Bruce’s summary: The paper is about cryptocurrency wallet design,… Continue reading A Taxonomy of Access Control