[OSM-talk] Why doesn't OSM implement a simple measure to protect it's users and passwords?
John Smith
deltafoxtrot256 at gmail.com
Sat Dec 26 00:30:52 GMT 2009
2009/12/26 John Smith <deltafoxtrot256 at gmail.com>:
> 2009/12/26 Matt Amos <zerebubuth at gmail.com>:
>> On Fri, Dec 25, 2009 at 9:38 AM, John Smith <deltafoxtrot256 at gmail.com> wrote:
>>> I don't think OAuth is a valid security method.
>>
>> why not?
Unless cryptography is involved how do you know your packets aren't
being intercepted and proxied and altered in transit?
Sure OSM isn't much of a target at present, however the more popular
that something becomes the more likely it is to be attacked as well.
More information about the talk
mailing list