On Thu, Apr 23, 2009 at 3:54 PM, Dossy Shiobara <[email protected]> wrote: > If the consumer is a desktop app., then the attacker has access to the > token secret through application memory inspection.
Malicious software on the user's computer does not need to steal access tokens. It steals passwords, bank account numbers, and confidential documents. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---
