GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE

  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Conversation

Notices

  1. Embed this notice
    Jonathan Kamens (jik@federate.social)'s status on Saturday, 05-Oct-2024 21:59:20 JST Jonathan Kamens Jonathan Kamens

    I'm a tad bit annoyed by #infosec professionals referring to the #Okta bug that was just announced as an "authentication" bypass or vulnerability when it is, rather, an *authorization* issue.
    Authz bypasses are bad, but dramatically less bad than authn bypasses, because the size of the population able to take advantage of them is much smaller and typically more trusted.
    Getting the terminology right matters.
    Ref: https://trust.okta.com/security-advisories/okta-classic-application-sign-on-policy-bypass-2024/

    In conversation about 2 months ago from federate.social permalink

    Attachments

    1. No result found on File_thumbnail lookup.
      Okta Classic Application Sign-On Policy Bypass

    Feeds

    • Activity Streams
    • RSS 2.0
    • Atom
    • Help
    • About
    • FAQ
    • TOS
    • Privacy
    • Source
    • Version
    • Contact

    GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

    Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.