We are barely over the Heartbleed virus alert and a Singapore student has uncovered a flaw in OAth 2.0 and OpenID – login tools used by many websites including Google, Facebook and LinkedIn.
It’s called the Covert Redirect Flaw and it allows potential hackers to steal your login credentials when you login to a website. It’s been getting a lot of attention and some are calling it the next Heartbleed virus.
According to Fast Company this flaw is different in that it is much more difficult to fix.
Symantec however says that this flaw is definitely not as bad as Heartbleed
Mashable also says; “Don’t believe the hype“.
Bottom line at this point seems to be that yes, a problem exists, but it has been around for a while and most people are aware of it and already mitigate against it, unlike Heartbleed.