Twitters Cloud computing hacked.

Discussion in 'other security issues & news' started by Keyboard_Commando, Jul 18, 2009.

Thread Status:
Not open for further replies.
  1. Keyboard_Commando

    Keyboard_Commando Registered Member

    Joined:
    Mar 6, 2009
    Posts:
    690
    http://www.scmagazineuk.com/Twitter-hacking-shows-lack-of-security-in-cloud-computing-according-to-commentators/article/140245/

    http://www.scmagazineuk.com/TechCrunch-claims-it-contacted-Twitter-ahead-of-publication-of-hacked-documents/article/140246/

    Not so sure that this means Cloud is of greater vulnerability. Twitter is just going through the same microscopic secuirty examination Myspace, Facebook, etc, have all gone through. You'd think security specialist vendors will have better protection policies server side.
     
    Last edited: Jul 18, 2009
  2. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    i don't think the cloud got hacked rather it was the case of predictable passwords
    http://www.channelinsider.com/c/a/S...Password-Weaknesses/?kc=CITCIEMNL07172009STR2
    "...
    It’s believed that a hacker named Croll used the automated password reset system of Google Apps to gain access to a wiki used by Twitter employees. Once into the wiki and Gmail account, the hacker got all the information he needed to access other Twitter accounts, including the e-mail of the wife of CEO Evan Williams.
    .."
     
  3. Keyboard_Commando

    Keyboard_Commando Registered Member

    Joined:
    Mar 6, 2009
    Posts:
    690
    Yeah you're right. And surprise surprise, YAHOO! MAIL is the origin of the problem.

    http://news.cnet.com/8301-17939_109-10287558-2.html

    Yahoo has only recently added multi secret questions to their password retrieval. It was 3 or 4 questions for such a long time. Madness!

    One weak link in the chain.
     
    Last edited: Jul 18, 2009
  4. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    and when answering those questions there is no need to be truthful ;)
     
  5. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,050
    Location:
    USA
    Exactly! Never answer these correctly.
     
  6. Keyboard_Commando

    Keyboard_Commando Registered Member

    Joined:
    Mar 6, 2009
    Posts:
    690
    http://www.scmagazineuk.com/Hacker-Croll-details-how-he-hit-Gmail-account-of-Twitter-employee-that-led-to-last-weeks-incident/article/140334/

     
Loading...
Thread Status:
Not open for further replies.