OAuth App Impersonation Attack: How to Leak a 100-Million-Node Social Graph in Just One Week? - A Reflection on OAuth and API Design in Online Social Networks

Many Online Social Networks (OSNs) are using OAuth 2.0 to grant access to API endpoints now-a-days. Despite many thorough threat model analyses (e.g. RFC6819), only a few real world attacks have been discovered and demonstrated. To the presenter's knowledge, previously discovered loopholes are all based on the misuse of OAuth.

Provided by: SecurityTube.net Topic: Security Date Added: Aug 2014 Format: Webcast

Find By Topic