Follow Slashdot stories on Twitter


Forgot your password?

Submission + - Compromising Twitter's OAuth security system ( 1

iplayfast writes: Facebook, Twitter, and Google all have different variants of the [OAuth] standard that have to be handled differently by third-party applications. Twitter's approach is, by far, the worst.

Twitter has screwed up big time,and this article tells how. The author has been ignored by Twitter so he's publicly outing them, with their Not so secret consumer key.

This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Compromising Twitter's OAuth security system

Comments Filter:

He's like a function -- he returns a value, in the form of his opinion. It's up to you to cast it into a void or not. -- Phil Lapsley