Dark Reading

API Secrets: Where the Bearer Model Breaks Down

Today most API communication between machines is secured through API secrets — static keys, tokens, or PKI certificates that act like system passwords in order to authenticate machines and broker ...
The Next Web

Twitter’s API keys and secrets for its official apps surface; what should we do with them?

It appears that Twitter’s API keys and secrets for its official apps have surfaced, and are currently being shared on GitHub. Note: The combination of API keys and secrets are used to authorize and ...