On 4/22/09 3:41 PM, Pud wrote:
Here's why it's down: http://news.cnet.com/8301-13577_3-10225103-36.html
I wonder if the "security hole" is the one I went on about w/r/t the unsigned callback URL. The CNET article's vagueness is disappointing:
"The hole makes it possible for a hacker to use social-engineering tactics to trick users into exposing their data."
It's time for OAuth 1.1 anyway. -- Dossy Shiobara | [email protected] | http://dossy.org/ Panoptic Computer Network | http://panoptic.com/ "He realized the fastest way to change is to laugh at your own folly -- then you can let go and quickly move on." (p. 70)
