Fall World 2014

Conference & Exhibit

Attend The #1 BC/DR Event!

Summer Journal

Volume 27, Issue 3

Full Contents Now Available!

May 9, 2014

Lessons to be Learned from Covert Redirect

Open source applications and tools certainly are taking a beating lately. Heartbleed sent millions of people into a panic about changing passwords (and based on my Facebook feed and the online forums I follow, panic is the right word to describe it). Now the Covert Redirect bug, a security flaw affecting OAuth and OpenID has popped up.  Both of these are important elements of secure logins to many popular domains, ranging from Google to Facebook to Microsoft.

CSO Online quoted CloudLock's Kevin O’Brien on the issue: