Fred

  • 合計アクティビティ 25
  • 前回のアクティビティ
  • メンバー登録日
  • フォロー 0ユーザー
  • フォロワー 0ユーザー
  • 投票 8
  • サブスクリプション 4

アクティビティの概要

Fredさんの最近のアクティビティ
  • Fredさんがコメントを作成しました:

    The gold-standard for supporting lost/broken is to register multiple WebAuthN devices with the same account - and any one key is sufficient; few sites support this, and it's honestly pretty inconve...

  • Fredさんがコメントを作成しました:

    I don’t think so - though you could use a hot key action on the stream deck to push to talk. If you don’t want to use a normal key, you could assign it to F17 and add that in discord settings

  • Fredさんがコメントを作成しました:

    StreamDeck now has a public API - I made a mute/deafen plugin: https://github.com/fredemmott/StreamDeck-Discord

  • Fredさんが投稿を作成しました:

    allow apps without ‘identify’ role

    I have an app (toggle mute/deafen via a StreamDeck) that only needs ‘RPC’ for setting/getting voice status. AUTHORIZE only prompts for this, but AUTHENTICATE then triggers another prompt for the id...

  • Fredさんがコメントを作成しました:

    Google's approach to this problem is to use local sockets to deliver the code without a client_secret, effectively option (1): https://developers.google.com/identity/protocols/OAuth2InstalledApp#cr...

  • Fredさんがコメントを作成しました:

    Not true. https://www.howtogeek.com/192173/how-and-why-to-change-your-mac-address-on-windows-linux-and-mac/ Also, it would be pointless anyway, as someone malicious could trivially edit their disc...

  • Fredさんがコメントを作成しました:

    So, there's a specification for this, that Discord isn't following: https://tools.ietf.org/html/rfc8252This basically recommends:- not trusting client secrets (8.5 and 8.6) - not requiring client s...

  • Fredさんがコメントを作成しました:

    Ultimately, once you have local apps like phone/windows/Mac apps, it is impossible to securely answer “what application is calling my API?” without TPM-based approaches that are not at all practica...

  • Fredさんがコメントを作成しました:

    > One cannot obtain others token without trying to scam the user This is simply not true for local apps (as opposed to web apps), which are all that is relevant for the named pipe/Unix socket RPC...

  • Fredさんがコメントを作成しました:

    Suggestion (2) would help here (as long as the software doesn't decide to just directly manipulate the Discord app, which it can easily do, as, it's desktop software) (1) wouldn't help, but it also...