[security] Old MyOpenID POC released
gaz_sec at hushmail.com
gaz_sec at hushmail.com
Fri Jun 29 15:03:50 UTC 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi all
I have decided to release details of the MyOpenID poc which is
available at :-
http://www.thespanner.co.uk/2007/06/29/openid-security-issues/
The POC no longer works because MyOpenID fixed the problem months
ago, I have also worked with other providers to make sure they are
secure against this type of attack.
Please examine the code because it will help you understand attacks
of this nature.
Cheers
Gareth
-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 2.5
wpwEAQECAAYFAkaFHwsACgkQrR8fg3y/m1B1hgP9Hi4JB2N/Ba56ifjw144DP4RImmmY
cCxcPhKPsHgMXwOGPoYpHj00/MWMGTNppluw9XC1KHnRS9kT0mHTrzjyETxPlr/+du44
ZlrNd5zdi8oJp1SzNW/GBJohbm8b3Rt6V8gLpJYwEK/ebTiuqh9tR2m88xhHnWNt4HIJ
VNKTAQE=
=h3/u
-----END PGP SIGNATURE-----
--
Click for free quote on refinancing your mortgage.
http://tagline.hushmail.com/fc/Ioyw6h4d84nXzxciaSo6H0UzLVMK3KvqWxNBEJSMae5a8R6uh6PU1e/
More information about the security
mailing list