Nothing new under the sun

Sometime in late 2008, while I was still an undergraduate working to get my bachelor’s degree in computer science, I had one professor that spent an awful lot of time praising the rise of web services, and told us that they were “secure by nature”, as long as you properly implemented token authentication. As it happened, that professor was a co-founder in a startup company creating a cloud platform heavily relying on web services. For our final assignment in that course, my lab partners and I implemented a man-in-the-middle attack, successfully demonstrating how we could change information supposedly provided by said platform.

Read the rest of the story at https://www.linkedin.com/pulse/nothing-new-under-sun-yul-bahat-cissp