Related News: Flawed sign-in services from Google and Facebook imperil user accounts

One new article link has been added to our Related News page. Ars Technica published an article titled Flawed sign-in services from Google and Facebook imperil user accounts.

Account login services that implement applications from Google, Facebook, and other commercial providers are prone to flaws that allow adversaries unauthorized access to private user profiles on the third-party Websites that use them, a team of computer scientists has concluded.

Their 10-month study found that many SSO, or single sign-on, services supplied by IdPs or ID Providers including Google, Facebook, and PayPal weren’t properly integrated into Websites that used the services. As a result, private data on RP, or relying party, sites belonging to Farmville, Freelancer, Nasdaq, Sears, JanRain, and other sites were all vulnerable to snoops.

Source: Ars Technica

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: