Another Security Flaw Gets the Heartbleed Treatment, But Don’t Believe the Hype


Breathless reports of a new security flaw affecting OpenID and OAuth — the technology that powers the identity logins for services such as Facebook, Microsoft, Google and LinkedIn — hit the news Friday. Dubbed “Covert Redirect,” the flaw could enable malicious sites or links to grab a user’s login information.

The announcement of Covert Redirect is straight out of Heartbleed’s marketing manual, coming with both slick website and fancy logo. Coupled with the widespread usage of OAuth and the growing awareness of potential security threats, Covert Redirect certainly sounds bad

See also: …

More about Facebook, Security, Openid, Oauth, and Tech …read more

Via: Mashable: Apps & Software

Be first to comment

three + = 6