Bitcoin Forum
December 10, 2016, 08:56:34 PM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: myopenid.com security flaw  (Read 1684 times)
alkor
Full Member
***
Offline Offline

Activity: 137


View Profile
July 13, 2011, 12:08:15 AM
 #1

Intersango relies on myopenid.com for user identification. However, it has been reported in the past that myopenid ids can vanish for no reason. It has been discussed here for example:

http://meta.stackoverflow.com/questions/88451/myopenid-account-mysteriously-vanished

Most disturbing of all, once your account is deleted it can be recreated by another person, and they can log into all the sites that rely on your id.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
Donald_Norman
Member
**
Offline Offline

Activity: 96


View Profile
September 01, 2011, 12:05:33 PM
 #2

Hi,

I would like to point out that the title of the thread is a bit misleading. It is not an Intersango security flaw but one with myOpenID. I am not sure if myOpenID fixed the problem but as far as I know has never been an issue. Still the new version of Intersango does not rely on myOpenID
w1R903
Full Member
***
Offline Offline

Activity: 218


View Profile
September 07, 2011, 06:08:09 PM
 #3

Please let's remember that myOpenID is only one of dozens of reputable Open ID providers.  If your site accepts OpenID, you might consider advising users to avoid myOpenID, but there's absolutely no reason to avoid OpenID altogether.  In fact, even if you don't trust any of the providers you find, with a little technical knowledge and a server, you can yourself become an OpenID provider (roll your own).

4096R/F5EA0017
joeyjoe
Full Member
***
Offline Offline

Activity: 224


View Profile
September 22, 2011, 10:16:46 AM
 #4

haha thats nothing, earlier this week i explained and demonstrated how easy it is to steal btc from there.

Bitcoin PHP programmer for hire! (HTML / CSS / JQuery / AJAX / .NET).
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!