Attackers can use the "Covert Redirect" vulnerability in both open-source log-in systems to steal your data and redirect you to unsafe sites.
The standard grew too far away from its roots as a simple Web authentication technology, author Eran Hammer-Lahav says, and now is insecure and overly broad.
Changing course from earlier this year, Google takes a more developer-friendly stance on two of its calendar APIs.
Any programmer now can build software to tap into Windows Live Messenger's network. Perhaps in time IM will become less fragmented and more useful.
Symantec estimates that hundreds of thousands of applications may have inadvertently leaked "spare keys" that provided advertisers and other third parties access to user accounts.
Your identity can be stolen, but it can also, in some cases, be legally taken. So who really owns your online identity? Your social network? Your reputation? We discuss with experts Dick Hardt and Peter Kazanjy.
The social network's big announcement at its F8 developer conference is what CEO Mark Zuckerberg calls the "Open Graph."
Facebook's rep at the Future of Web Apps event in Miami this week was David Recordon, the company's open-standards guru. That's a crowd that the social network still has yet to win over.
To build Glitch, the Flickr co-founder put together an impressive team of some of his earliest collaborators on the popular photo-sharing site.
Stewart Butterfield and his friends are back at it with a new company. CNET's Daniel Terdiman was given exclusive, behind-the-scenes access as they built it from scratch.