Worse is Better triumphs again

Posted on by

Several high-profile, celebrity users of Twitter — the service which seems designed to do nothing except demonstrate that you are a Twitter user and therefore “the awesomest” — were compromised this week.

From Wired comes the story of how it happened.

For professionals, this part should ring very loud alarm bells:

Cracking the site was easy, because Twitter allowed an unlimited number of rapid-fire log-in attempts.

If software were an industry like most others, this would be pretty close to criminal negligence in my opinion. Limiting and throttling login attempts is a kindergarten-level security measure.

For shame.

One thought on “Worse is Better triumphs again

  1. Oh dear…. I wonder if someone will try and become Twitterer KRudd?
    (but let’s see how far even HE gets closing this breach, which might be hard given that he probably has minions doing the grunt work… or dare I say… identity thieving).

    Maybe he’ll deactivate his account amost as quickly as Conroy deactivated the dbcde.gov.au blog.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Notify me of followup comments via e-mail. You can also subscribe without commenting.