|
Title: myopenid.com security flaw Post by: alkor on July 13, 2011, 12:08:15 AM Intersango relies on myopenid.com for user identification. However, it has been reported in the past that myopenid ids can vanish for no reason. It has been discussed here for example:
http://meta.stackoverflow.com/questions/88451/myopenid-account-mysteriously-vanished Most disturbing of all, once your account is deleted it can be recreated by another person, and they can log into all the sites that rely on your id. Title: Re: Intersango security flaw Post by: Donald_Norman on September 01, 2011, 12:05:33 PM Hi,
I would like to point out that the title of the thread is a bit misleading. It is not an Intersango security flaw but one with myOpenID. I am not sure if myOpenID fixed the problem but as far as I know has never been an issue. Still the new version of Intersango does not rely on myOpenID Title: Re: Intersango security flaw Post by: w1R903 on September 07, 2011, 06:08:09 PM Please let's remember that myOpenID is only one of dozens of reputable Open ID providers. If your site accepts OpenID, you might consider advising users to avoid myOpenID, but there's absolutely no reason to avoid OpenID altogether. In fact, even if you don't trust any of the providers you find, with a little technical knowledge and a server, you can yourself become an OpenID provider (roll your own).
Title: Re: Intersango security flaw Post by: joeyjoe on September 22, 2011, 10:16:46 AM haha thats nothing, earlier this week i explained and demonstrated how easy it is to steal btc from there.
|