Security Lessons Learned From the Diaspora Launch 338
patio11 writes "Diaspora, the privacy-respecting OSS social network, did a code release last week. Attention immediately focused on security. In fact the code base included several severe security bugs. This post walks through the code, showing what went wrong, and what it would let an attacker do to someone who was using Diaspora." The developer who wrote the post ends with: "You might believe in the powers of OSS to gather experts (or at least folks who have shipped a Rails app, like myself) to Diaspora’s banner and ferret out all the issues. You might also believe in magic code-fixing fairies. Personally, I’d be praying for the fairies because if Diaspora is dependent on the OSS community their users are screwed."
Re:Axe job (Score:5, Funny)
Re:...huh? (Score:2, Funny)
Re:...huh? (Score:1, Funny)
Extreme Makeover Home Edition too
Re:WTF? (Score:1, Funny)
Not quite correct...
"Goddammit kdawson. That's it, your articles are blocked. You're the f***ing Fox News of Slashdot. Whatever merit any article you post may have you manage to completely overpower it with sensationalist editorial bias."