ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Security flaw in OAuth and OpenID

    IT Discussion
    5
    5
    980
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • NicN
      Nic
      last edited by

      http://www.cnet.com/news/serious-security-flaw-in-oauth-and-openid-discovered/#ftag=CAD590a51e

      Seems like a biggie, especially since they are saying they won't/can't fix it.

      1 Reply Last reply Reply Quote 1
      • scottalanmillerS
        scottalanmiller
        last edited by

        Wow! That's crazy.

        1 Reply Last reply Reply Quote 0
        • david.wieseD
          david.wiese
          last edited by

          everything i read so far is saying that people have tried alerting google and facebook but they aren't responding. Why don't people respond to glaring security holes?

          1 Reply Last reply Reply Quote 0
          • DashrenderD
            Dashrender
            last edited by

            It just seems hopeless sometimes. 😞

            1 Reply Last reply Reply Quote 1
            • J
              jasonh
              last edited by

              I've always shied away from the option to "Login with your [Facebook/Twitter/Linkedin/etc] Account", mainly because of privacy concerns, but also because I've heard of design flaws with the OAUTH and OpenID systems (mainly from listening to Steve Gibson's podcast)

              1 Reply Last reply Reply Quote 0
              • 1 / 1
              • First post
                Last post