Yesterday we reported on the SSLv3 vulnerability that three Google engineers helpfully announced, called POODLE which is short for: "Padding Oracle On Downgraded Legacy Encryption". The attack can basically be used to downgrade a connection from the TLS standard and instead force an SSLv3 connection, which can then be attacked to steal cookie information. Once the cookie is obtained, the attacker could potentially impersonate a user session for themselves.
Due to the above vulnerability Twitter quickly patched their servers which resulted in MetroTwit getting blocked from the service, unable to retrieve tweets, or anything else for that matter, including account verification when the app started.
Thankfully, despite announcing the retirement of MetroTwit back in March, the developers have swooped into action and released an update/hotfix to fix communication with Twitter which was pushed online around an hour ago. To get the update simply fire up MetroTwit and you should be prompted to update.
Although the update had been dubbed, "The comeback tour", users probably wondered if the app would be picked up where it left off in March, but the developers have no plans to continue development, and quickly removed the reference on the support page, replacing it with "Emergency hotfix" instead.
In any case, here's a shoutout from Neowin to the developers for supporting the seemingly unsupported!
5 Comments - Add comment