- From: Manu Sporny <msporny@digitalbazaar.com>
- Date: Tue, 2 Jun 2020 09:34:37 -0400
- To: public-credentials@w3.org
On 6/2/20 6:56 AM, Adrian Gropper wrote: > I’m waiting for Apple Sign-In so I can at least have some privacy at the > cost of my self- sovereignty. Zero-day exploit found in "Sign in with Apple": https://bhavukjain.com/blog/2020/05/30/zeroday-signin-with-apple/ Goes to show you that one of the richest companies on the planet still struggles with basic security implementation. To be clear, I'm not slamming Apple, just showing how hard it is to actually build secure systems... and "trusting the experts a proprietary system/software companies" is not working out. I expect all of us don't have the capital or security teams that Apple does... and even if you have those, things like this still happen. The benefit of open standards and source code that you can read is that you get people outside of your company vetting the design and the software. It doesn't mean that mistakes or bugs won't happen, but it can reduce the chances once these things hit scale. -- manu -- Manu Sporny - https://www.linkedin.com/in/manusporny/ Founder/CEO - Digital Bazaar, Inc. blog: Veres One Decentralized Identifier Blockchain Launches https://tinyurl.com/veres-one-launches
Received on Tuesday, 2 June 2020 13:34:51 UTC