top | item 16807196

(no title)

Around 2011+ we saw not only quiz apps but also offerings such as "See who views your profile" that would result in an OAuth authorisation. How long were those authorisations active before being revoked? How much data was exfiltrated, then and since, and to whom?

If it wasn't for recent changes to authorisations being suspended after a period of time these tokens could be seemingly worth something to the right person.

The root problem being, average users don't know what they're giving access to and know why its important to be critical of such access.

discuss

No comments yet.