Bitcoin Forum
October 23, 2018, 12:05:47 AM *
News: Make sure you are not using versions of Bitcoin Core other than 0.17.0 [Torrent], 0.16.3, 0.15.2, or 0.14.3. More info.
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Facebook, Google Users Threatened by New Security Flaw  (Read 452 times)
TheIrishman
Legendary
*
Offline Offline

Activity: 1001
Merit: 1001

http://BitcoinPayPal.info


View Profile WWW
May 02, 2014, 11:05:18 PM
 #1



Facebook, Google Users Threatened by New Security Flaw

http://www.tomsguide.com/us/facebook-google-covert-redirect-flaw,news-18726.html

<< A serious flaw in two widely used security standards could give anyone access to your account information at Google, Microsoft, Facebook, Twitter and many other online services. The flaw, dubbed "Covert Redirect" by its discoverer, exists in two open-source session-authorization protocols, OAuth 2.0 and OpenID. >>

▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
   [GUIDE] How to buy and sell Bitcoins SAFELY with PayPal + UNLIMITED WITHDRAWALS to PayPal
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
jbrnt
Hero Member
*****
Offline Offline

Activity: 672
Merit: 500



View Profile
May 02, 2014, 11:46:01 PM
 #2

Thanks for posting.

For those who do not have the time, or couldn't be bothered, to read the article... It basically said do not use your Google, MS, FB, Twitter account to login to third party services.

Quote
A serious flaw in two widely used security standards could give anyone access to your account information at Google, Microsoft, Facebook, Twitter and many other online services. The flaw, dubbed "Covert Redirect" by its discoverer, exists in two open-source session-authorization protocols, OAuth 2.0 and OpenID.


Hazir
Legendary
*
Offline Offline

Activity: 1596
Merit: 1003


★Nitrogensports.eu★


View Profile
May 03, 2014, 12:49:05 AM
 #3

It's good thing that I don't have and will never have facebook account. As for google all I have is gmail with no personal info given, so I think I am quite safe.


           █████████████████     ████████
          █████████████████     ████████
         █████████████████     ████████
        █████████████████     ████████
       ████████              ████████
      ████████              ████████
     ████████     ███████  ████████     ████████
    ████████     █████████████████     ████████
   ████████     █████████████████     ████████
  ████████     █████████████████     ████████
 ████████     █████████████████     ████████
████████     ████████  ███████     ████████
            ████████              ████████
           ████████              ████████
          ████████     █████████████████
         ████████     █████████████████
        ████████     █████████████████
       ████████     █████████████████
▄▄
██
██
██
██
██
██
██
██
██
██     
██
██
▬▬ THE LARGEST & MOST TRUSTED ▬▬
      BITCOIN SPORTSBOOK     
   ▄▄
██
██
██
██
██
██
██
██
██
██     
██
██
             ▄▄▄▄▀▀▀▀▄
     ▄▄▄▄▀▀▀▀        ▀▄▄▄▄          
▄▀▀▀▀                 █   ▀▀▀▀▀▀▀▄▄
█                    ▀▄          █
 █   ▀▌     ██▄        █          █              
 ▀▄        ▐████▄       █        █
  █        ███████▄     ▀▄       █
   █      ▐████▄█████████████████████▄
   ▀▄     ███████▀                  ▀██
    █      ▀█████    ▄▄        ▄▄    ██
     █       ▀███   ████      ████   ██
     ▀▄        ██    ▀▀        ▀▀    ██
      █        ██        ▄██▄        ██
       █       ██        ▀██▀        ██
       ▀▄      ██    ▄▄        ▄▄    ██
        █      ██   ████      ████   ██
         █▄▄▄▄▀██    ▀▀        ▀▀    ██
               ██▄                  ▄██
                ▀████████████████████▀




  CASINO  ●  DICE  ●  POKER  
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
   24 hour Customer Support   

▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
robstak
Full Member
***
Offline Offline

Activity: 203
Merit: 100


View Profile
May 05, 2014, 09:48:33 AM
 #4

If you had used such accounts on third party services, it's advisable to change password immediately before someone gain access to one of your accounts.
Lethn
Legendary
*
Offline Offline

Activity: 1540
Merit: 1000



View Profile WWW
May 05, 2014, 09:58:33 AM
 #5

*smug Twister user* Cheesy now if only someone would make a decentralised email service with the Bitcoin protocol.
Nik1ab
Hero Member
*****
Offline Offline

Activity: 574
Merit: 500


freedomainradio.com


View Profile
May 05, 2014, 10:27:43 AM
 #6

Facebook, Google Users still Threatened by US surveillance.

No signature ad here, because their conditions have become annoying.
BitCoinDream
Legendary
*
Offline Offline

Activity: 1330
Merit: 1004

The revolution will be digital


View Profile
May 05, 2014, 10:35:26 AM
 #7

Thanks for posting.

For those who do not have the time, or couldn't be bothered, to read the article... It basically said do not use your Google, MS, FB, Twitter account to login to third party services.

Quote
A serious flaw in two widely used security standards could give anyone access to your account information at Google, Microsoft, Facebook, Twitter and many other online services. The flaw, dubbed "Covert Redirect" by its discoverer, exists in two open-source session-authorization protocols, OAuth 2.0 and OpenID.




I use my FB account for commenting on multiple blogs. Is that functionality affected as well ?

cyberlink
Newbie
*
Offline Offline

Activity: 24
Merit: 0


View Profile
May 05, 2014, 11:02:59 AM
 #8

Thanks for posting.

For those who do not have the time, or couldn't be bothered, to read the article... It basically said do not use your Google, MS, FB, Twitter account to login to third party services.

Quote
A serious flaw in two widely used security standards could give anyone access to your account information at Google, Microsoft, Facebook, Twitter and many other online services. The flaw, dubbed "Covert Redirect" by its discoverer, exists in two open-source session-authorization protocols, OAuth 2.0 and OpenID.




Thanks for the summary!
That's suck they are going to do this. Glad I don't have a lot of personal info on my facebook page.
Charlie Prime
Sr. Member
****
Offline Offline

Activity: 406
Merit: 250



View Profile
May 05, 2014, 02:22:35 PM
 #9

Does anyone smart enough to employ Bitcoin think Facebook or Google was ever "secure"?  Cheesy

Ambit    ██
██  ██
██  ██
██  ██
██  ██
██  ██
██  ██
██  ██
██  ██
██  ██
██  █████
██
████████████
Become part of the mining family
✔ SECURED  │ WHITEPAPER │  ★ 171% ROI
██   
██  ██
██  ██
██  ██
██  ██
██  ██
██  ██
██  ██
██  ██
██  ██
█████  ██
██
████████████
Snorek
Legendary
*
Offline Offline

Activity: 1400
Merit: 1001



View Profile
May 06, 2014, 05:06:05 PM
 #10

Call me old fashion but I never understood the hype around Facebook, especially posting vital informations on social servers. Just keep important info out of reach for social media and even when someone hacks into Your account You should be safe.
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!