Posts by sandtrap

1 publicly visible post • joined 22 Sep 2010

Microsoft warns of in-the-wild attacks on web app flaw

Wednesday 22nd September 2010 14:54 GMT sandtrap

random delay does not fix the problem

A random delay on the error page does not prevent the timing attack. Only making all security checks uniform in runtime performance (between success and failure) will defeat the timing attacks.

1 0

The Register Biting the hand that feeds IT

Topics

Special Features

Vendor Voice

Resources

User topics

Article topics

Posts by sandtrap

Microsoft warns of in-the-wild attacks on web app flaw

random delay does not fix the problem

About Us

Our Websites

Your Privacy