Skip to main content

Twitter: Serious Flaw

Twitter, the popular short message service has a serious flaw that can impact your feeds and timelines. If you tweet accept @k_avinash, you will automatically be added to that persons follow list.
What exactly does this mean?  It means that anyone can force themselves into your “follow” list without your approval.  No longer do you have control over whom you will follow or who is posting information to your feeds. This works with both native and third party clients.
If a spammer were to exploit this flaw, the results could be devastating to the Twitter service.  A simple script could easily force a spammer's message into thousands of feeds.  A tactic such as this could render the service useless if it becomes overwhelmed with spam. Malicious users could also use it to DM spam users with links and tweets.
Twitter has confirmed they are working on a fix for the issue. All users are currently displaying "0 followers" at present.

image
Post adapted from Neowin. Image credit goes to @k_avinash
Direct update from Twitter:
Follow bug discovered, remedied. We identified and resolved a bug that permitted a user to “force” other users to follow them. We’re now working to rollback all abuse of the bug that took place. Follower/following numbers are currently at 0; we’re aware and this too should shortly be resolved.
Labels:

Comments

  1. AnonymousMay 10, 2010 at 11:38 PM

    Twitpocalypse!

    ReplyDelete
  2. AnonymousMay 10, 2010 at 11:38 PM

    twitter isn't the end of the world. go enjoy the outdoors & stop bitching about your followers =)

    ReplyDelete
  3. mashableMay 10, 2010 at 11:40 PM

    I have no followers...It's the end of the world! I'm alone and miserable again. HELLO...hello...hello (echoes through the empty void)

    ReplyDelete
  4. mashableJanuary 20, 2011 at 1:01 PM

    I have no followers...It's the end of the world! I'm alone and miserable again. HELLO...hello...hello (echoes through the empty void)

    ReplyDelete
  5. AnonymousJanuary 20, 2011 at 1:01 PM

    twitter isn't the end of the world. go enjoy the outdoors & stop bitching about your followers =)

    ReplyDelete

Post a Comment

Popular posts from this blog

Your Google Apps Account is Changing

Google is about to make more of its services available to organizations with Google Apps accounts. This is an early adopter phase, and all domains may not get this option to move to the new infrastructure. What this means for you: In addition to the core suite of messaging and collaboration applications, Google Apps users may now access many more Google services with their Google Apps accounts.     Those who are eligible for this early adoption, Google Apps administrator will be presented with the above banner to start with the migration. In your organization, you can transition selected pilot users and admins, or you can start the transition now for all your users. The transition for pilot users can be reverted if necessary. After successful transition, your users will now be able to use other Google popular products like AdSense, AdWords, Alerts, Analytics, Android, Blogger, Finance, Google Desktop, News, Orkut, Reader, Voice, YouTube (Full list here ). Als...
Post a Comment
Read more

Windows Phone 7.5 Tango Officially Renamed As ‘Refresh’

The next version of Microsoft’s Windows Phone operating system after Mango 7.1 is officially renamed as ‘Windows Phone 7.5 Refresh’ – according to the head of Windows Phone division for Microsoft Italy.     According to Italian version of the post , 7.5 Refresh update will mostly be an update to the minimum specs of the devices it’ll be able to run (minimum RAM requirements is dropped from 512 MB to 256 MB). Other updates which may include in this release are better media messaging, location awareness icon, export and manage contacts to SIM card. The next major update after ‘Refresh’ is called Windows Phone Apollo (probably Windows Phone 8) could certainly be an exciting release from Microsoft. This Apollo update may have BitLocker kind of support on mobile devices, multi-core support. [ via ] [ Image ]
Post a Comment
Read more

How to Turn Your Android Phone into a Fully-Automated Superphone

What if your phone automatically went silent when you step into the movie theatre? Texted your significant other when you finished your long commute? Or automatically turned down the volume when a particularly loud friend called? It can; here's how. Android application Tasker gives you total rules-based automation for your Android phone. It's not free, but it offers a free 14-day trial download. Tasker can do nearly anything on your phone. It's mostly limited by your imagination. Here are some up-front ideas about neat automations that come to mind: • Set preferences for each application: Give the Kindle app a longer screen time-out. Make Maps or Foursquare automatically turn on GPS, and have a file browser launch when you trade out SD cards. Have your music and other audio apps lower the volume to 50 percent when you plug in headphones, so you never get a way-too-loud moment. • Time of day automation: Make your phone go into airplane mode overnight, but re-conne...
Post a Comment
Read more