Covert Redirect Flaw

We are barely over the Heartbleed virus alert and a Singapore student has uncovered a flaw in OAth 2.0 and OpenID – login tools used by many websites including Google, Facebook and LinkedIn.

It’s called the Covert Redirect Flaw and it allows potential hackers to steal your login credentials when you login to a website. It’s been getting a lot of attention and some are calling it the next Heartbleed virus.

 

 

Covert-RedirectAccording to Fast Company this flaw is different in that it is much more difficult to fix.
Symantec however says that this flaw is definitely not as bad as Heartbleed
Mashable also says; “Don’t believe the hype“.

Bottom line at this point seems to be that yes, a problem exists, but it has been around for a while and most people are aware of it and already mitigate against it, unlike Heartbleed.

About the Author

technicalguy
Guy is an experienced technician and technical writer, owner of Foreverwarm.com, and wine aficionado. He writes for multiple blogs while managing IT support, web hosting, and cloud backup companies.

Be the first to comment on "Covert Redirect Flaw"

Leave a comment

Your email address will not be published.


*