OAuth App Impersonation Attack: How to Leak a 100-Million-Node Social Graph in Just One Week? - A Reflection on OAuth and API Design in Online Social Networks

Watch Now
Provided by: SecurityTube.net
Topic: Security
Format: Webcast
Many Online Social Networks (OSNs) are using OAuth 2.0 to grant access to API endpoints now-a-days. Despite many thorough threat model analyses (e.g. RFC6819), only a few real world attacks have been discovered and demonstrated. To the presenter's knowledge, previously discovered loopholes are all based on the misuse of OAuth.
Watch Now

Find By Topic