Twitter & Social Media security issues

by Justin Souter on January 12, 2009

You may have seen the recent furore over Twyply, which seems to have turned out to be a simple way to harvest the Twitter usernames and passwords of the Great and the Good [sic].

The same Great and the Good then had to change their passwords, as this fly-by-night application was then sold on to the highest bidder (i.e. with the credentials of Twitter users who had tried it out).

Although I didn’t fall for this one, I did myself get caught in the Twitterank fiasco. There’s also the recent hack of a Twitter administrator’s account and the fall-out from that.

The reason for writing this post was that I was thinking over Christmas that Twitter, in conjunction with geolocation tools like Dopplr and Brightkite, are a techie’s equivalent to not cancelling the milk. I.e., if you say you’re going to be out, then surely people know where you are – I mean *everyone* :-(

So, perhaps this post is more a ‘cry for help’ than anyway particularly constructive. However, there is fast coming a time when Social Media (and other Web 2.0) tools will need a standard set of security and disclosure rules to prevent identity theft.

OpenID describes itself as “An open and decentralized identity system, designed “not to crumble if one company turns evil or goes out of business””, and is the start of a back-lash and / or a toughening up of the rules.

Just as ‘Net Geners’ are having to re-assess their attitudes to employment—as expounded in this article from The Economist*—so might their / our attitude towards information security. :-(

Twitter Pack

Photo credit to Carrotcreative

*registration may be required in future

Previous post:

Next post: