Gawker is phasing out the use of email-address-and-password login in favour of more modern OAuth authentication and the use of anonymous one-off accounts. Tom Plunkett, CTO at Gawker Media, briefly explained the plans in responding to the discovery of another password-related security snafu involving the media news and gossip …
"We're completely incompetent at security, so we're outsourcing the problem to a third party too new to have ruined its reputation yet."
You are the weakest link, hello.
Just goes to show that no matter how security-smart you are when selecting a password or configuring your router for WPA2, all it takes is one ignorant and lazy programmer who's decided to ignore UTF-8 in the global marketplace because it complicates his simple understanding of coding for a 7-bit world, and you're about as secure as an English air-to-the-throne being escorted by police outriders and royal guards through a student protest to an annual variety performance.
Poke these programmers with a wooden stick!
CTO is a lucky fellow
Quite interesting that this plunker is still employed there considering how thin skinned Denton is.
Speaking of " failing to handle non-ASCII characters in passwords "
over Christmas my all-non-ascii elReg password stopped working. Necessitating a return to a boring old ascii letters and numbers jobby. There were all sorts of other site errors too. Just had to drink beer without watching the world go by. sniff.
I forgot my new Gawker password yesterday, and was prompted to use a burner to get back in.
- Xmas Round-up Ten top tech toys to interface with a techie’s Christmas stocking
- Xmas Round-up Ghosts of Christmas Past: Ten tech treats from yesteryear
- Review Hey Linux newbie: If you've never had a taste, try perfect Petra ... mmm, smells like Mint 16
- Analysis Microsoft's licence riddles give Linux and pals a free ride to virtual domination
- I KNOW how to SAVE Microsoft. Give Windows 8 away for FREE – analyst