4Ask HN: What’s your “don’t forget to check the power cord” advice?Mine is don’t forget to check authentication flows in depth.Bugs in Mfa, password reset, oauth integration, and “signature check” flows are hot spots.If a program is using cryptographic primitives, this often leads to vulnerabilities.show more2jtaft4y ago4Save
5If Correlation Doesn’t Imply Causation, Then What Does? (opens in new tab)(medium.com)3jtaft4y ago1Save
7I faked tons of Covid passes – “Weak Key Cryptography in real world” (opens in new tab)(ctrsec.io)237jtaft4y ago203Save
