Fixing OAuth
february 2009 by mattb
Time to be frank: any security that OAuth claims – with respect to native applications – is an illusion. If a native app wants to get a copy of your password, it will get a copy of your password. If it wants to hijack the authentication process, bring up a bogus “browser” for you to enter a password into, register keyloggers, muck with your system web proxy settings and sniff passwords before they hit the wire, or phish you some other way, guess what: it can and it will. OAuth does not solve these problems. It just adds complexity to the login process.
software
web
twitter
programming
api
security
authentication
oauth
february 2009 by mattb
Welcome to myOpenID
applications apps authentication awesome Blogging communication cool css data dataportability development domain ecommerce email example firefox free freeware geek Hosting howto identity internet management manager media microformats network networks Online open-source openid password passwords personal portability privacy productive security server service social socialmedia standards storage tech technology tool tools useful utilities verisign Web web2.0 webdesign work
april 2008 by mattb
applications apps authentication awesome Blogging communication cool css data dataportability development domain ecommerce email example firefox free freeware geek Hosting howto identity internet management manager media microformats network networks Online open-source openid password passwords personal portability privacy productive security server service social socialmedia standards storage tech technology tool tools useful utilities verisign Web web2.0 webdesign work
april 2008 by mattb
JanRain
api authentication business company contacts cool design documents e-commerce entrepreneurship identity interesting janrain openid opensource password privacy product productive reputation ruby security server service software spam startup technology tools useful Web web2.0 webdesign webdev work
april 2008 by mattb
api authentication business company contacts cool design documents e-commerce entrepreneurship identity interesting janrain openid opensource password privacy product productive reputation ruby security server service software spam startup technology tools useful Web web2.0 webdesign webdev work
april 2008 by mattb
Clickpass
authentication blog browser businessmodel clickpass code company cool css dataportability design developer development entrepreneur entrepreneurship example firefox free identity inspiration interesting internet library lifehacks microformats networking networks Online openid opensource password passwords plugin portability privacy programming python rails rubyonrails security service social standards startup startups strategy tech todo tool tools toread totry ui usability utilities utility ux Web webapp webapps webdesign webdev wordpress login
april 2008 by mattb
authentication blog browser businessmodel clickpass code company cool css dataportability design developer development entrepreneur entrepreneurship example firefox free identity inspiration interesting internet library lifehacks microformats networking networks Online openid opensource password passwords plugin portability privacy programming python rails rubyonrails security service social standards startup startups strategy tech todo tool tools toread totry ui usability utilities utility ux Web webapp webapps webdesign webdev wordpress login
april 2008 by mattb
DataPortability.org - Share and remix data using open standards
activism api applications attention authentication collaboration community contacts cool copyright culture data dataportability design development digg education entrepreneurship exchange feed flickr freedom identity inspiration interesting internet mashup microformats mobile network networking networks news Online openid OPML organization portability privacy programming resource resources rss security semantic semanticweb share sharing sns social socialnetworking socialnetworks socialsoftware standard standards startup tags technology tools toread usability Web web2.0 webdesign webdev webstandards xmpp openstandards apml
january 2008 by mattb
activism api applications attention authentication collaboration community contacts cool copyright culture data dataportability design development digg education entrepreneurship exchange feed flickr freedom identity inspiration interesting internet mashup microformats mobile network networking networks news Online openid OPML organization portability privacy programming resource resources rss security semantic semanticweb share sharing sns social socialnetworking socialnetworks socialsoftware standard standards startup tags technology tools toread usability Web web2.0 webdesign webdev webstandards xmpp openstandards apml
january 2008 by mattb
related tags
1password ⊕ access ⊕ activism ⊕ air ⊕ api ⊕ apml ⊕ app ⊕ apple ⊕ applications ⊕ apps ⊕ article ⊕ attention ⊕ authentication ⊕ awesome ⊕ backup ⊕ badge ⊕ bizarre ⊕ blog ⊕ blogging ⊕ browser ⊕ bugs ⊕ business ⊕ businessmodel ⊕ certificate ⊕ certificates ⊕ chicago ⊕ clickpass ⊕ code ⊕ codesign ⊕ collaboration ⊕ communication ⊕ community ⊕ company ⊕ conference ⊕ contacts ⊕ cool ⊕ copyright ⊕ creativity ⊕ crime ⊕ cryptography ⊕ css ⊕ culture ⊕ data ⊕ dataportability ⊕ design ⊕ dev ⊕ developer ⊕ development ⊕ digg ⊕ distribution ⊕ documents ⊕ domain ⊕ drive ⊕ e-commerce ⊕ ecommerce ⊕ education ⊕ email ⊕ encryption ⊕ entrepreneur ⊕ entrepreneurship ⊕ example ⊕ exchange ⊕ expire ⊕ facebook ⊕ feed ⊕ filter ⊕ find ⊕ findmyiphone ⊕ firefox ⊕ flash ⊕ flickr ⊕ free ⊕ freedom ⊕ freeware ⊕ fun ⊕ funny ⊕ furbo ⊕ gadget ⊕ gadgets ⊕ geek ⊕ gmail ⊕ google ⊕ government ⊕ gps ⊕ hacks ⊕ Hosting ⊕ howto ⊕ html ⊕ humor ⊕ identity ⊕ image ⊕ inspiration ⊕ interesting ⊕ interface ⊕ internet ⊕ iphone ⊕ iphonedev ⊕ iphonesdk ⊕ itunes ⊕ janrain ⊕ key ⊕ leopard ⊕ library ⊕ lifehacker ⊕ lifehacks ⊕ linux ⊕ lists ⊕ login ⊕ mac ⊕ macintosh ⊕ macosx ⊕ mail ⊕ malware ⊕ management ⊕ manager ⊕ maps ⊕ mashup ⊕ media ⊕ microformats ⊕ mobile ⊕ mobileme ⊕ mugging ⊕ my ⊕ network ⊕ networking ⊕ networks ⊕ news ⊕ oauth ⊕ online ⊕ open-source ⊕ openid ⊕ opensource ⊕ openstandards ⊕ OPML ⊕ organization ⊕ osx ⊕ password ⊕ passwords ⊕ personal ⊕ phone ⊕ photographer ⊕ ping.fm ⊕ plugin ⊕ politics ⊕ portability ⊕ privacy ⊕ problem ⊕ product ⊕ productive ⊕ programming ⊕ python ⊕ rails ⊕ reference ⊕ reputation ⊕ resource ⊕ resources ⊕ reviews ⊕ rss ⊕ ruby ⊕ rubyonrails ⊕ safari ⊕ sdk ⊕ security ⊖ semantic ⊕ semanticweb ⊕ server ⊕ service ⊕ share ⊕ sharing ⊕ shopping ⊕ sns ⊕ social ⊕ socialmedia ⊕ socialnetworking ⊕ socialnetworks ⊕ socialsoftware ⊕ society ⊕ software ⊕ spam ⊕ standard ⊕ standards ⊕ startup ⊕ startups ⊕ storage ⊕ story ⊕ strategy ⊕ tags ⊕ tech ⊕ technology ⊕ ted ⊕ ted2009 ⊕ theft ⊕ timemachine ⊕ tips ⊕ tobuy ⊕ todo ⊕ token ⊕ tool ⊕ tools ⊕ toread ⊕ totry ⊕ tracking ⊕ travel ⊕ tsa ⊕ tutorial ⊕ twitter ⊕ ui ⊕ usability ⊕ usb ⊕ useful ⊕ utilities ⊕ utility ⊕ ux ⊕ verisign ⊕ web ⊕ web2.0 ⊕ webapp ⊕ webapps ⊕ webdesign ⊕ webdev ⊕ websites ⊕ webstandards ⊕ widgets ⊕ windows ⊕ wishlist ⊕ wordpress ⊕ work ⊕ xcode ⊕ xmpp ⊕Copy this bookmark: