cryptography

Ruby Job Opening

I’ve got a Ruby Software Engineering position open on my team at Leapfrog Online, in Evanston, IL.

The ideal Rails candidate has:

Add new comment
Read more
211 reads
Feed: softiesonrails
Original article
ShareThis

Timing Weakness in Ruby on Rails

There is a weakness in the code Ruby on Rails uses to verify message
digests in the cookie store. Because it uses a non-constant time algorithm to
verify the signatures an attacker may be able to determine when a forged
signature is partially correct. By repeating this process they may be able to successfully forge a digest.

Add new comment
Read more
326 reads
Feed: Ruby on Rails weblog
Original article
ShareThis

Rails Fire

Popular content

Today's:

All time:

Recent comments

cryptography

Ruby Job Opening

Timing Weakness in Ruby on Rails

Popular Tags

Only wire

Powered By Calais