The Next Heartbleed Bug? Hard-to-Fix "Covert Redirect" Flaw Discovered
The worst part? Google, Facebook, LinkedIn, and other affected sites can't easily patch it.
Remember Heartbleed, the recent web-wide security flaw? In terms of nascent vulnerabilities on the web, the OpenSSL bug might have been just the tip of the iceberg. Wang Jing, a PhD student at Singapore's Nanyang Technological University, unearthed a flaw in OAuth 2.0 and OpenID--which are open-sourced login tools used by sites like Google, Facebook, and LinkedIn--that could put a user's data at risk.
No comments have been added yet.
David Lidsky's Blog
- David Lidsky's profile
- 3 followers
David Lidsky isn't a Goodreads Author
(yet),
but they
do have a blog,
so here are some recent posts imported from
their feed.
