It seems Twitter is still having its share of security trouble, because according to Cnet, a person by the name of Hacker Croll was able to hack into a Twitter administrator account, by guessing the secret question to reset the administrator's password on a Yahoo e-mail account where the Twitter password was located. This person was also able to view the details of 10 other accounts including Britney Spears and Ashton Kutcher according to screenshots posted to a French blog site.Twitter co-founder Biz Stone said that while no account information was altered or removed in any way, email address, mobile phone number, and the list of accounts blocked by that user were viewed.
Twitter employee Jason Goldman tweeted on Wednesday that his Yahoo account has been hacked.
We at Neowin urge users to create strong, hard to guess passwords, and to be careful as to what information is revealed to people. Social engineering is an easy tool used to get personal information out of people. During the 2008 US Presidential election, the Yahoo mail account of Alaska Gov. Sarah Palin was compromised in a similar fashion, after a college student was able to answer the secret questions used on her personal account.
You'd think a Twitter employee would use the Twitter domain for e-mail ... ?!
I suspect these hacks had more to do with social engineering than some vulnerability specific to Yahoo.
Last edited by shockz on 02 May 2009 - 19:28
Meeting someone and knowing how they act in their own personal lives are two completely different cups of tea.
Last edited by shockz on 02 May 2009 - 19:28
Both can go well with each other.
What school did you go to?
What was your pet's first name?
What is your mothers maiden name?
God, anyone close to you could get those questions. In fact anyone you meet in a bar and get in to a chat with, Could find those not very important details out in no time.
Need to tie things to likes on your mobile or something. Reset password gets sent to your mobile number as text message or something.
Actually, why would an admin even have a security question? If an admin loses his password, he should pick up the phone and call the fellow admin to get it back.
He's a Twitter admin, not a Yahoo admin.
Except for those sites that actually ask for that information when you sign in sometimes or else they'll block you from signing in. o.O
Well, I usually just type in random stuff in there and hope that they never ask for it again. lol I think (and always have thought) that the "security" questions were stupid and an overall waste of time.
Oh god, both of those comments are the best!!
Why should anyone ask me if I don't forget my password?
I'm using alternate emails for most of the things. If they got into one account chances are low they also got into the other cause I tend to slam a little different every time.
So if you pressed random keys you'll have a good long time trying to get to your password box
All of your friends are going to know "Who is my favourite music band?" and if you make up a fake answer, how are you supposed to remember it?
There has to be a better alternative out there somewhere!
What would REALLY make sense is for us here on Neowin to encourage others NOT to use that twit infested site to begin with!!
"Hi everyone - just got promoted to admin. Pretty cool huh? I'll tell you more soon"
"My first big decision today: change my password to 123456. Boy do I love my power"
"Funny thing happened this morning, my password doesnt work. And I got a voice mail from Ashton - he is upset that millions and millions of his fans dont know what he had for breakfast"
"someone is play jokes on me. Putting pinks slips with YOU'RE FIRED!!! on it all over my desk"
"Anyone looking for a good system admin? I need a job"
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.