Simon Willison’s Weblog


1 item tagged “exposure”


Exposure (iPhone app) behaves suspiciously. Exposure on the iPhone does OAuth-style authentication incorrectly—it asks the user to authenticate in an embedded, chromeless browser which provides no way of confirming that the site being interacted with is not a phishing attack. Ben Ward explains how the Pownce iPhone app gets it right in the comments. Exposure author Fraser Spiers also responds.

# 12th August 2008, 7:47 am / ben-ward, exposure, flickr, iphone, oauth, phishing, pownce, security