Frequently Asked Questions

1. What is TOC/TOU?

In software development, time-of-check to time-of-use (TOCTOU, TOCTTOU or TOC/TOU) is a class of software bugs caused by a race condition involving the checking of the state of a part of a system (such as a security credential) and the use of the results of that check.
from Wikipedia

3. Why Dinosaur?

For us, Dinosaur reminds us of a time gap. There is a time-gap between when they existed and when we found they existed. The security-issue we are discussing is also about a time gap.

5. What sort of license TimeGap Theory use?

The TimeGap Theory application code is released under the Apache-2.0 License. The pictures, illustrations, and most of the icons are subjected to copyright. The website theme is also a copyrighted material.

2. Is that okay if I host TimeGap Theory in a production environment?

Please don't do it. The code is vulnerable by design. A skilled attacker would be able to compromise the security of your systems easily.

4. I would like to tell my friends/colleagues about this project. Do I have your permission?

Yes, please. Thanks for spreading the knowledge - that's what we want to see happening as well.

6. I have more questions. Where can I ask them??

Please use:
r/timegaptheory OR
OWASP TimeGap Theory Slack channel OR
Contact form