On Thu, Apr 23, 2009 at 8:30 PM, Brian Eaton <bea...@google.com> wrote:
> > On Thu, Apr 23, 2009 at 3:54 PM, Dossy Shiobara <do...@panoptic.com> > wrote: > > If the consumer is a desktop app., then the attacker has access to the > > token secret through application memory inspection. > > Malicious software on the user's computer does not need to steal > access tokens. It steals passwords, bank account numbers, and > confidential documents. All my delicious cookie recipes, gone, gone, gone! --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to oauth@googlegroups.com To unsubscribe from this group, send email to oauth+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---