OpenID Warns of Serious Remote Bug, Urges Upgrade

OpenID Warns of Serious Remote Bug, Urges Upgrade 45

Posted by timothy on Saturday May 07, 2011 @08:12AM from the slew-of-myriads-of-plethoras dept.

Trailrunner7 writes "The OpenID Foundation is warning users about a weakness in the software that could enable an attacker to change some of the data exchanged between parties that use OpenID. The group is telling sites that implement OpenID to update to a new version in order to fix the problem. The bug in OpenID lies in the system's Attribute Exchange, an extension that gives sites the ability to exchange identity information between endpoints. OpenID, an open source project that enables users to prove their identity to myriad sites without providing their passwords, is used by a slew of popular sites, including Google, Yahoo and Flickr."

OpenID Warns of Serious Remote Bug, Urges Upgrade

Search 45 Comments Log In/Create an Account

Comments Filter:

Re:The concept of OpenID doesn't seem very secure (Score:5, Funny)

by brusk ( 135896 ) writes: on Saturday May 07, 2011 @09:38AM (#36055988)

If you're shaking a sieveful of eggs, the size of the holes isn't your biggest problem.

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

OpenID Warns of Serious Remote Bug, Urges Upgrade 45

OpenID Warns of Serious Remote Bug, Urges Upgrade More Login

OpenID Warns of Serious Remote Bug, Urges Upgrade

Re:The concept of OpenID doesn't seem very secure (Score:5, Funny)

Related Links Top of the: day, week, month.

Slashdot Top Deals

Slashdot