OAuth-Protected Access at Facebook and Twitter Breached from Leaky Buffer Service
On October 26, 2013 tens of thousands of Facebook and Twitter users got a nasty shock. Hackers broke into a service called “Buffer”, plundered OAuth access tokens and posted to their accounts. Luckily, it was all just to promote… Continue reading
Trust No One Device (Part 2)
My advice from the first Trust No One (Device) hasn’t sunk in. Levels of end user compromise are far too high, complacency reigns about mobile phone security and the risks of social networks and cloud-based storage are becoming more… Continue reading