{"id":1000,"date":"2008-07-09T14:43:17","date_gmt":"2008-07-09T22:43:17","guid":{"rendered":"\/?p=1000"},"modified":"2008-07-10T09:20:22","modified_gmt":"2008-07-10T17:20:22","slug":"problem-between-keyboard-and-seat","status":"publish","type":"post","link":"https:\/\/www.identityblog.com\/?p=1000","title":{"rendered":"Problem between keyboard and seat"},"content":{"rendered":"<p>Jeff Bohren <a href=\"http:\/\/idlogger.wordpress.com\/2008\/07\/08\/problem-between-keyboard-and-seat\/\">picks up <\/a>on Axel Nennker&#39;s recent post:<\/p>\n<p style=\"padding-left: 30px;\">Axel Nennker <a href=\"http:\/\/ignisvulpis.blogspot.com\/2008\/07\/carnards-die-hard.html\"><span style=\"color: #0060ff;\">points<\/span><\/a> out that the supposed \u201cCardspace Hack\u201d is still floating around the old media. He allows the issue is not really a Cardspace security hole, but a problem between the keyboards and seats at Ruhr University Bochum:<\/p>\n<p style=\"padding-left: 60px;\"><em>A while ago two students, Xuan Chen and Christoph L\u00f6hr, from Ruhr University Bochum claimed to have \u201cbroken\u201d CardSpace. There were <\/em><a href=\"http:\/\/bendrath.blogspot.com\/#2077343839236138649\"><em><span style=\"color: #0060ff;\">some<\/span><\/em><\/a><em> <\/em><a href=\"http:\/\/ignisvulpis.blogspot.com\/2008\/05\/stealing-security-token.html\"><em><span style=\"color: #0060ff;\">blog<\/span><\/em><\/a><em> reactions to this claim. The authoritative one of course is from <\/em><a href=\"\/?p=988\"><em><span style=\"color: #0060ff;\">Kim<\/span><\/em><\/a><em>.<\/em><\/p>\n<p style=\"padding-left: 60px;\"><em>Today I browsed through a magazine lying on the desk of a colleague of mine. This magazine with the promising title \u201cIT-Security\u201d repeats the false claim and reports that the students proved that CardSpace has severe security flaws\u2026 Well, when you switch off all security mechanism then, yes, there are security flaws (The security researcher in front of the computer).<\/em><\/p>\n<p style=\"padding-left: 30px;\">Sort of what developers like me call an ID<sub>10<\/sub>T error.<\/p>\n<p style=\"padding-left: 30px;\">Update: speaking of ID<sub>10<\/sub>T errors, I originally mistyped Axel\u2019s name as Alex. My apologies.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Well, when you switch off all security mechanism then, yes, there are security flaws&#8230;  <\/p>\n","protected":false},"author":68,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[63,13,4],"tags":[],"_links":{"self":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts\/1000"}],"collection":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/users\/68"}],"replies":[{"embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1000"}],"version-history":[{"count":0,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts\/1000\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1000"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1000"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1000"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}