October 18, 2013
As Pinterest endures its second attack in as many weeks, Twitter is subsequently auto-flooded with fake weight-loss posts that are designed to lure followers into a trap that could expose personal information and account credentials. For its part, Pinterest's lack of transparency regarding the matter stands in contrast to industry standard best practices for such breaches.
OAuth is becoming a very popular way to control authorized access to Web APIs and the data that they return. Although it's one of the most straightforward ways to accomplish this, it's still rather confusing to use. If your API uses OAuth, then you need to be able to describe it so that developers can quickly understand what they need to do.