Got to love these headlines:
http://mashable.com/2009/06/28/britney-spears-dead/
They clearly point the finger at twitter in the headline, but reading
on, and it is clearly a twit pic issue.
I see these all over the place. Have you considered some sort of
vetting system for sites that are asking for twitter credentials on a
3rd party site?
I can see that twitpic may not be able to use o-auth, as they want to
be able to stand alone and a image host. If there was some sort of
communication where you worked with the large sites like twit pic, it
may help. As it is now, I fell for it, I read the headline, and
thought ti was a twitter issue.
Just some food for thought.
On Jun 29, 2009, at 3:54 PM, Alex Payne wrote:
Any recent celebrity-related compromises I'm aware of having been,
as you
said, "media 'hacking'". The last issue I'm aware of that resulted
from
actually taking advantage of a security flaw in our system was the
"Mikeyy"
worm that was going around for a weekend several months ago. We've
done a
lot of security work since then, and there's more in progress.
On Mon, Jun 29, 2009 at 15:40, Scott Haneda <[email protected]>
wrote:
I heard the other day that in the wake of the MJ stuff, a few high
profile
celebs accounts where hacked. Is this media "hacking" and there
were just
weak passwords, or their email accounts were compromised, or were
these real
live hacks where someone brute forced, or did otherwise nefarious
acts to
get in.
Some clarification on these events would help to let us know where
and how
people are getting in, so we can tighten things up on our end. If
the hacks
are just email accounts being gotten into, there is nothing twitter
apps
need to do. If it is something else, there may be other things we
can do to
keep the accounts safe.
--
Scott * If you contact me off list replace talklists@ with scott@ *
