🦞🌯 Lobster Roll

Thread

Moonpig vulnerability (ifc0nfig.com)
L 20 pts 6 comments by fcbsd Jan 6, 2015 apisecurity thread
What is really bad about this story is that the company had 17 months to fix the issue and did nothing about it.

Stories related to "Moonpig vulnerability" across the full archive.

Moonpig vulnerability (ifc0nfig.com)
L 20 pts 6 comments by fcbsd Jan 6, 2015 apisecurity Programming (General)Security / Privacy thread
What is really bad about this story is that the company had 17 months to fix the issue and did nothing about it.
Zenbleed - Zen 2 hardware vulnerability
~ 19 pts 5 comments by unknown Jul 25, 2023 ~comphardwaresecurity.vulnerability Programming (General)Security / PrivacyMaker / DIY / Hardware thread
The rise of a new Java vulnerability - CVE-2012-1723 (blogs.technet.com)
L 1 pts 0 comments by jcs Aug 3, 2012 reversingsecurity Systems / Low-Level / OSSecurity / Privacy thread
Chromium Vulnerability Rewards Program: larger rewards! (blog.chromium.org)
L 5 pts 0 comments by jcs Aug 15, 2012 security Programming (General)Security / Privacy thread
Twitter API Changes Set Maximum User Cap for 3rd Parties (thenextweb.com)
L 7 pts 13 comments by jcs Aug 17, 2012 api Programming (General) thread
Ripping OAuth tokens (or other secrets) out of Twitter clients (timetobleed.com)
L 3 pts 0 comments by pushcx Aug 21, 2012 apireversingsecurity Systems / Low-Level / OSProgramming (General)Security / Privacy thread
Google Kills Weather API (thenextweb.com)
L 7 pts 4 comments by jcs Aug 28, 2012 api Programming (General) thread
OAuth2: One access_token To Rule Them All (homakov.blogspot.com)
L 3 pts 0 comments by titanous Aug 30, 2012 apisecurityweb Web DevelopmentProgramming (General)Security / Privacy thread
Lambda Labs Releases Face Recognition API βeta (api.lambdal.com)
L 3 pts 1 comments by rob Sep 5, 2012 apinews Programming (General)Internet / Digital Culture thread
Current status: API v1.1 | Twitter Developers (dev.twitter.com)
L 4 pts 2 comments by davidpett Sep 5, 2012 apinews Programming (General)Internet / Digital Culture thread
Amazon Maps API (amazonappstoredev.com)
L 4 pts 1 comments by jcs Sep 17, 2012 apiweb Web DevelopmentProgramming (General) thread
Restful API framework for Flask / MongoEngine (github.com)
L 6 pts 0 comments by anthony Sep 26, 2012 apipython Programming (General)Data / Databases / Infrastructure thread
OAuth 2.0 finalized (dickhardt.org)
L 8 pts 0 comments by mf Oct 13, 2012 apisecurity Programming (General)Security / Privacy thread
Instagram 3.1.2 For iOS, Session Riding Vulnerability (PoC) (reventlov.com)
L 2 pts 0 comments by inactive-user Dec 4, 2012 gosecurity Programming (General)Security / Privacy thread
Notes on the USE paradigm for API design (hjr3.tumblr.com)
L 1 pts 0 comments by hjr3 Dec 18, 2012 apidesign Programming (General)Design / UX / Visualization thread
SQL Injection Vulnerability in all versions of Ruby on Rails/ActiveRecord (CVE-2012-5664) (groups.google.com)
L 8 pts 2 comments by jcs Jan 2, 2013 databasesrubysecurity Programming (General)Programming Languages / CS TheoryData / Databases / InfrastructureSecurity / Privacy thread
Analysis of Rails XML Parameter Parsing Vulnerability (insinuator.net)
L 7 pts 0 comments by jcs Jan 8, 2013 rubysecurity Programming (General)Programming Languages / CS TheorySecurity / Privacy thread
Optimizing the Netflix API (techblog.netflix.com)
L 5 pts 0 comments by jcs Jan 15, 2013 apiscaling Programming (General)Productivity / Career / Business thread
A Rest DNS API allowing to perform DNS queries over HTTP, outputting JSON (statdns.com)
L 3 pts 0 comments by fcambus Jan 20, 2013 apijavascriptnetworking Web DevelopmentProgramming (General)Data / Databases / Infrastructure thread
CRIME: A vulnerability in the SPDY protocol (imperialviolet.org)
L 3 pts 1 comments by bct Jan 23, 2013 browserssecurity Web DevelopmentSecurity / Privacy thread
This vulnerability no longer exists, but it's a good description of a non-obvious bug.
A Guide to Designing API Client Libraries (kev.inburke.com)
L 2 pts 0 comments by kb Jan 29, 2013 apidesign Programming (General)Design / UX / Visualization thread
OAuth1, OAuth2, OAuth...? (homakov.blogspot.com)
L 4 pts 1 comments by jcs Mar 1, 2013 apisecurity Programming (General)Security / Privacy thread
Ask Lobsters: What is the general consensus on the best API authentication these days?
L 5 pts 4 comments by jcs Apr 3, 2013 apisecurity Programming (General)Security / Privacy thread
I liked Flickr's now-deprecated [hash-the-params](http://www.flickr.com/services/api/auth.howto.web.html) authentication because it was simple (though [flawed](http://vnhacker.blogspot.com/2009/09/flickrs-api-signature-forgery.html), it is fixable). Now it seems like most sites are using OAuth 1....
Hypermedia API for Industrial Applications (projexsys.com)
L 2 pts 0 comments by michaelsbradleyjr Apr 7, 2013 apiweb Web DevelopmentProgramming (General) thread
Show Lobsters: Yardbase, free and open API of local, community-based data (yardbase.org)
L 4 pts 0 comments by listrophy Apr 7, 2013 apishow Programming (General) thread
Still very alpha... developed during a Startup Weekend event.
Google Glass' The Mirror API - How It Works (i-programmer.info)
L 1 pts 0 comments by dansitu Apr 12, 2013 apihardware Programming (General)Maker / DIY / Hardware thread
Indicating Problems in HTTP APIs (mnot.net)
L 3 pts 0 comments by bct May 15, 2013 apiweb Web DevelopmentProgramming (General) thread
Show Lobsters: Scalabitz, content discovery through Bit.ly's API (branchandbound.net)
L 2 pts 0 comments by SanderMak Jun 7, 2013 apiscalashow Programming (General)Programming Languages / CS Theory thread
Unauthenticated Remote Code Execution Vulnerability in Puppet - CVE-2013-3567 (puppetlabs.com)
L 3 pts 0 comments by jcs Jun 18, 2013 devopsreleasesecurity Programming (General)Data / Databases / InfrastructureSecurity / Privacy thread
Debugging the Stripe API using Runscope (blog.epanastasi.com)
L 4 pts 0 comments by epanastasi Jun 19, 2013 api Programming (General) thread