3 may 2024

What an extraordinarily creative way to make OAuth completely insecure. I’m amazed. This belongs in a museum.

Christina Warren (

Attached: 2 images So when you go to for your configuration, that i a proper web app. But look at what happens when you click on one of the connect buttons. A VNC session opens up. Notice the URL is /uber-vnc

Want to know when I post new content to my blog? It's a simple as registering for free to an RSS aggregator (Feedly, NewsBlur, Inoreader, …) and adding to your feeds (or if you want to subscribe to all my topics). We don't need newsletters, and we don't need Twitter; RSS still exists.

Legal information: This blog is hosted par OVH, 2 rue Kellermann, 59100 Roubaix, France,

Personal data about this blog's readers are not used nor transmitted to third-parties. Comment authors can request their deletion by e-mail.

All contents © the author or quoted under fair use.