Gawker is phasing out the use of email-address-and-password login in favour of more modern OAuth authentication and the use of anonymous one-off accounts. Tom Plunkett, CTO at Gawker Media, briefly explained the plans in responding to the discovery of another password-related security snafu involving the media news and gossip …
"We're completely incompetent at security, so we're outsourcing the problem to a third party too new to have ruined its reputation yet."
You are the weakest link, hello.
Just goes to show that no matter how security-smart you are when selecting a password or configuring your router for WPA2, all it takes is one ignorant and lazy programmer who's decided to ignore UTF-8 in the global marketplace because it complicates his simple understanding of coding for a 7-bit world, and you're about as secure as an English air-to-the-throne being escorted by police outriders and royal guards through a student protest to an annual variety performance.
Poke these programmers with a wooden stick!
CTO is a lucky fellow
Quite interesting that this plunker is still employed there considering how thin skinned Denton is.
Speaking of " failing to handle non-ASCII characters in passwords "
over Christmas my all-non-ascii elReg password stopped working. Necessitating a return to a boring old ascii letters and numbers jobby. There were all sorts of other site errors too. Just had to drink beer without watching the world go by. sniff.
I forgot my new Gawker password yesterday, and was prompted to use a burner to get back in.
- Product round-up Ten excellent FREE PC apps to brighten your Windows
- Review Tough Banana Pi: a Raspberry Pi for colour-blind diehards
- Product round-up Ten Mac freeware apps for your new Apple baby
- Analysis Pity the poor Windows developer: The tools for desktop development are in disarray
- Chromecast video on UK, Euro TVs hertz so badly it makes us judder – but Google 'won't fix'