On Wed, Jul 27, 2016 at 09:57:14AM -0700, travis+ml-lang...@subspacefield.org wrote: > https://labs.detectify.com/2016/07/27/how-i-made-lastpass-give-me-all-your-passwords/ > > Something about FSRs and parsing.
This brings up something that isn't actually in the realm of langsec, but since it came up here, I'll set out a few thoughts here. Even given supremely competent coding, which is not in evidence in lastpass, does the act of creating a target with that high a value /ipso facto/ make it more likely to be attacked successfully? There's some game theory and non-equilibrium economics here that I'm really not competent to address. Are there any formal ways to address such questions? Obviously, they're not strictly langsec, but since I'm such a n00b at matters security, I just don't know even what keywords to start my search with. Help! Best, David. -- David Fetter <david(at)fetter(dot)org> http://fetter.org/ Phone: +1 415 235 3778 AIM: dfetter666 Yahoo!: dfetter Skype: davidfetter XMPP: david(dot)fetter(at)gmail(dot)com Remember to vote! Consider donating to Postgres: http://www.postgresql.org/about/donate _______________________________________________ langsec-discuss mailing list langsec-discuss@mail.langsec.org https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss
