Ō̴̡̨͍͕̠̹̘͖͓̭̝̰̖͉̬̫͍̝̰̟͖͖̞͇̟̻̫͇̠̯̋̋̂ͅͅA̷̡̧͎̫̬͖̠͍̼̗̠͊̉̏̓̈́̂̀̈́͆͘͜uth @oktadev oauth.wtf oauth.net 🎥 livestreaming youtube.com/aaronpk aaronpk.tv 💛 #indieweb 🐘🦋
Portland, Oregon
Joined April 2008
- Tweets 11,388
- Following 1,223
- Followers 6,415
- Likes 9,609
eh it's an open protocol, ideally there is no "official" client at all. Anyone can make an Android client. They're just prototyping it on iOS for now.
1
I wrote up some thoughts about how Bluesky can/should support OAuth, both for applications to access users' accounts, as well as allowing users to log in to their bsky.social account using their own website!
aaronparecki.com/2023/03/09/…
1
1
9
This happened to me once, the PR agency I worked with ran my video as an ad without telling me. I'm also suspicious that they might not have told their client, and used it as a way to boost the views on my video to make them look good?
2
lol yeah, the best part is the postcard says "for your safety, don't include this postcard in your photo in your review"
1
1
It's absolutely wild to me that companies will mail me a postcard a few weeks after an Amazon purchase and offer a $150 gift card to leave a review! Is that really profitable? Are they actually going to make back $150 because of my one review?
3
5
The majority of these hacks happen because the victim runs a program they got from a sketchy source. Could be a fake OBS download, could be a fake brand PR contact. Reading emails in gmail is fine, but don't open any attachments other than jpgs. Sadly 2fa doesn't fix this.
1
I'm not a big customer of food delivery apps but I did order a burrito this week on DoorDash from a place that I assumed was a ghost kitchen by the name, but it turns out it was a food truck!
1
another day, another account takeover caused by an open redirector and the OAuth Implicit flow 🫠
salt.security/blog/traveling…
10
Oh but they already have multifactor auth in their login page!
Username, password, and that "last name" box that pops up right before you're about to click log in, which also breaks password managers 😇🤦♂️
6
Yeah the pilot license for a helicopter is a totally separate thing from the "remote pilot license" you get for a drone
"the remote pilot must take steps using a safety risk-based approach to ensure that:
1. the small unmanned aircraft does not operate over non-participants who are not under a covered structure or in a stationary covered vehicle;"
faa.gov/uas/commercial_opera…
1
Whoever saw these trucks and was like "hey, the FAA rule that prohibits flying drones over people doesn't apply to people inside stationary vehicles" and then flew a drone down the highway deserves a raise
Drone video shows the mess that I-5 northbound was near the 217 interchange Thursday morning as a winter storm brought record snow to the Portland metro area.
1
2