On Thu, Apr 23, 2009 at 5:35 PM, Dossy Shiobara <[email protected]> wrote: > > On 4/23/09 8:30 PM, Brian Eaton wrote: >> Malicious software on the user's computer does not need to steal >> access tokens. It steals passwords, bank account numbers, and >> confidential documents. > > Sure. But, this attack can happen when the victim is NOT running > malicious software! That's why this is a serious threat.
OK, you lost me. Can you summarize the attack again, this time leaving out the bit where malicious software is running on the computer and scanning memory for access tokens? --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---
