"authentication, which is intended to be more secure, but Ryan Paul at Ars Technica believes OAuth is inherently flawed and that Twitter has done a botched job at implementing it, making it an even greater security threat.
In a strongly worded diatribe Paul said the OAuth standard “has many significant weaknesses and limitations”, calling it “an inelegant hack that lacks maturity and fails to provide clear guidance on many critical issues that are essential to building a robust authentication system.”"
Gaping hole found in Twitter OAuth authentication process - Mending one hole, making another | TechEye
No comments:
Post a Comment