Web apps have become so complex that they’re unsafe to use, researchers say

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360

The shared-login tokens and processes used by many web-based apps and services, as well as some web apps themselves, are fundamentally insecure and create a potential gold mine for hackers, three security researchers said at the Black Hat and DEF CON computer-security conferences here last week. 

The problem is that today’s online services are so complex and difficult to understand that hackers, phishers and other crooks have plenty of opportunities to steal files, implant malware and gain access to accounts.