We all know standards matter, without them we wouldn't have the internet, we wouldn't have computers, and we wouldn't even have electricity. But standards are complex. They need to define edge cases, they need to be explicit but also allow room for implementations to advance and new features to be created. Today we'll dive into the OpenID Connect standard, why it can be challenging to implement and also what makes it, in some ways, easier than other standards.
The Impact of Cloudflare on the Open Internet
Cloudflare is a popular Content Delivery Network (CDN) that provides a range of services to websites, including performance optimization, security, and privacy. While it has many benefits, there is a growing concern that Cloudflare's influence on the open internet is having a negative impact. In this post, we'll explore the reasons why some people believe that Cloudflare is destroying the open internet.
“We made a mistake” – so said authentication provider Okta on March 25, 2022 – two months after an attack on one of Okta’s vendors (Sitel, a contact center) in January. During Okta’s initial investigation, the company didn’t warn its customers about the attack nor about its potential damage.
“At that time,” Okta admitted later, “We didn’t recognize that there was a risk to Okta and our customers.”
On March 22, three days before the admission, the group responsible for the attack – LAPSUS$ – shared screenshots online that evidenced the success of their attack. As users, customers, and onlookers reacted, Okta co-founder and CEO Todd McKinnon tweeted about the attack, claiming that the attack was “investigated and contained” but, more controversially, framing the attack as “an attempt.”
TL;DR authentik is a company now, and we’re hiring!