Facebook, Google Users Threatened by New Security Flaw

[TheIrishman]

Facebook, Google Users Threatened by New Security Flaw

http://www.tomsguide.com/us/facebook-google-covert-redirect-flaw,news-18726.html

<< A serious flaw in two widely used security standards could give anyone access to your account information at Google, Microsoft, Facebook, Twitter and many other online services. The flaw, dubbed "Covert Redirect" by its discoverer, exists in two open-source session-authorization protocols, OAuth 2.0 and OpenID. >>

[1714152059]

1714152059

[1714152059]

1714152059

[1714152059]

1714152059

[jbrnt]

Thanks for posting.

For those who do not have the time, or couldn't be bothered, to read the article... It basically said do not use your Google, MS, FB, Twitter account to login to third party services.

A serious flaw in two widely used security standards could give anyone access to your account information at Google, Microsoft, Facebook, Twitter and many other online services. The flaw, dubbed "Covert Redirect" by its discoverer, exists in two open-source session-authorization protocols, OAuth 2.0 and OpenID.

[Hazir]

It's good thing that I don't have and will never have facebook account. As for google all I have is gmail with no personal info given, so I think I am quite safe.

[robstak]

If you had used such accounts on third party services, it's advisable to change password immediately before someone gain access to one of your accounts.

[Lethn]

*smug Twister user* now if only someone would make a decentralised email service with the Bitcoin protocol.

[Nik1ab]

Facebook, Google Users still Threatened by US surveillance.

[BitCoinDream]

Thanks for posting.

For those who do not have the time, or couldn't be bothered, to read the article... It basically said do not use your Google, MS, FB, Twitter account to login to third party services.

A serious flaw in two widely used security standards could give anyone access to your account information at Google, Microsoft, Facebook, Twitter and many other online services. The flaw, dubbed "Covert Redirect" by its discoverer, exists in two open-source session-authorization protocols, OAuth 2.0 and OpenID.

I use my FB account for commenting on multiple blogs. Is that functionality affected as well ?

[cyberlink]

Thanks for posting.

For those who do not have the time, or couldn't be bothered, to read the article... It basically said do not use your Google, MS, FB, Twitter account to login to third party services.

A serious flaw in two widely used security standards could give anyone access to your account information at Google, Microsoft, Facebook, Twitter and many other online services. The flaw, dubbed "Covert Redirect" by its discoverer, exists in two open-source session-authorization protocols, OAuth 2.0 and OpenID.

Thanks for the summary!
That's suck they are going to do this. Glad I don't have a lot of personal info on my facebook page.

[Charlie Prime]

Does anyone smart enough to employ Bitcoin think Facebook or Google was ever "secure"? 

[Snorek]

Call me old fashion but I never understood the hype around Facebook, especially posting vital informations on social servers. Just keep important info out of reach for social media and even when someone hacks into Your account You should be safe.