Worse is Better triumphs again
Posted by Jacques Chester on Thursday, January 8, 2009
Several high-profile, celebrity users of Twitter — the service which seems designed to do nothing except demonstrate that you are a Twitter user and therefore “the awesomest” — were compromised this week.
From Wired comes the story of how it happened.
For professionals, this part should ring very loud alarm bells:
Cracking the site was easy, because Twitter allowed an unlimited number of rapid-fire log-in attempts.
If software were an industry like most others, this would be pretty close to criminal negligence in my opinion. Limiting and throttling login attempts is a kindergarten-level security measure.
For shame.
This entry was posted on Thursday, January 8th, 2009 at 4:15 PM and filed under Geeky Musings, IT and Internet.
Follow comments here with the RSS 2.0 feed.
Post a comment or leave a trackback.
Oh dear…. I wonder if someone will try and become Twit
tererKRudd?(but let’s see how far even HE gets closing this breach, which might be hard given that he probably has minions doing the grunt work… or dare I say… identity thieving).
Maybe he’ll deactivate his account amost as quickly as Conroy deactivated the dbcde.gov.au blog.
Posted on 08-Jan-09 at 8:02 pm | Permalink