MetroTwit comes out of retirement, but only for SSLv3 hotfix

Yesterday we reported on the SSLv3 vulnerability that three Google engineers helpfully announced, called POODLE which is short for: "Padding Oracle On Downgraded Legacy Encryption". The attack can basically be used to downgrade a connection from the TLS standard and instead force an SSLv3 connection, which can then be attacked to steal cookie information. Once the cookie is obtained, the attacker could potentially impersonate a user session for themselves.

Due to the above vulnerability Twitter quickly patched their servers which resulted in MetroTwit getting blocked from the service, unable to retrieve tweets, or anything else for that matter, including account verification when the app started.

Thankfully, despite announcing the retirement of MetroTwit back in March, the developers have swooped into action and released an update/hotfix to fix communication with Twitter which was pushed online around an hour ago. To get the update simply fire up MetroTwit and you should be prompted to update.

Although the update had been dubbed, "The comeback tour", users probably wondered if the app would be picked up where it left off in March, but the developers have no plans to continue development, and quickly removed the reference on the support page, replacing it with "Emergency hotfix" instead.

In any case, here's a shoutout from Neowin to the developers for supporting the seemingly unsupported!

View: MetroTwit support page for v1.2.0.1

Report a problem with article
Next Article

Windows 10: How to get the Charms bar back using the mouse

Previous Article

Nokia Lumia 735: A closer look at Microsoft's new 4G ‘selfie phone'

5 Comments - Add comment