Gawker is phasing out the use of email-address-and-password login in favour of more modern OAuth authentication and the use of anonymous one-off accounts. Tom Plunkett, CTO at Gawker Media, briefly explained the plans in responding to the discovery of another password-related security snafu involving the media news and gossip …
"We're completely incompetent at security, so we're outsourcing the problem to a third party too new to have ruined its reputation yet."
You are the weakest link, hello.
Just goes to show that no matter how security-smart you are when selecting a password or configuring your router for WPA2, all it takes is one ignorant and lazy programmer who's decided to ignore UTF-8 in the global marketplace because it complicates his simple understanding of coding for a 7-bit world, and you're about as secure as an English air-to-the-throne being escorted by police outriders and royal guards through a student protest to an annual variety performance.
Poke these programmers with a wooden stick!
CTO is a lucky fellow
Quite interesting that this plunker is still employed there considering how thin skinned Denton is.
Speaking of " failing to handle non-ASCII characters in passwords "
over Christmas my all-non-ascii elReg password stopped working. Necessitating a return to a boring old ascii letters and numbers jobby. There were all sorts of other site errors too. Just had to drink beer without watching the world go by. sniff.
I forgot my new Gawker password yesterday, and was prompted to use a burner to get back in.
- Apple stuns world with rare SEVEN-way split: What does that mean?
- Special report Reg probe bombshell: How we HACKED mobile voicemail without a PIN
- RIP net neutrality? FCC boss mulls 'two-speed internet'
- Sony Xperia Z2: 4K vid, great audio, waterproof ... Oh, and you can make a phone call
- Pic Tooled-up Ryobi girl takes nine-inch grinder to Asus beach babe