use the following search parameters to narrow your results:
e.g. subreddit:pics site:imgur.com dog
subreddit:pics site:imgur.com dog
advanced search: by author, sub...
~0 users here now
SaiditCanary
Saidit.net Canary #13
submitted 4 years ago by magnora7 from self.SaiditCanary
view the rest of the comments →
[–]magnora7[S] 5 insightful - 1 fun5 insightful - 0 fun6 insightful - 0 fun6 insightful - 1 fun - 4 years ago (3 children)
If they can post from my account, we have much bigger problems than the canary
[–]elephant-movement-2 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 0 fun2 insightful - 1 fun - 4 years ago (2 children)
How many authentication bypass vulnerabilities in web applications were discovered in the past 10 years? It's no substitute for an air gapped computer used to cryptographically sign warrant canaries with GPG.
[–]magnora7[S] 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 0 fun3 insightful - 1 fun - 4 years ago (1 child)
How many authentication bypass vulnerabilities in web applications were discovered in the past 10 years?
How would that make someone NOT post a canary over a 2 month period? If I was completely locked out of my own account for 2 months then that would mean we've completely lost control of the whole website anyway, so the signature would be redundant.
[–]danuker 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 0 fun3 insightful - 1 fun - 3 years ago (0 children)
A GPG-signed canary would allow you to publish authenticated messages irrespective of the security status of the website.
The only attackers that can fake a valid signature from a consistent key are the ones that have access to the computer used to sign.
view the rest of the comments →
[–]magnora7[S] 5 insightful - 1 fun5 insightful - 0 fun6 insightful - 0 fun6 insightful - 1 fun - (3 children)
[–]elephant-movement-2 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 0 fun2 insightful - 1 fun - (2 children)
[–]magnora7[S] 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 0 fun3 insightful - 1 fun - (1 child)
[–]danuker 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 0 fun3 insightful - 1 fun - (0 children)