Twitter collects personally identifiable information about its users and shares it with third parties. The service considers that information an asset, and reserves the right to sell it if the company changes hands.[31]
A security vulnerability was reported on April 7, 2007, by Nitesh Dhanjani and Rujith. The problem was due to Twitter using the phone number of the senders of SMS messages as authentication. Nitesh used FakeMyText to spoof a text message, whereupon Twitter posted the message on the victim's page.[32] The vulnerability could only be used if the spoofer knew the phone number registered to their victim's account. Within a few weeks of this discovery Twitter introduced an optional personal identification number (PIN) that its users could specify to authenticate SMS-originating messages.[33]
On January 5, 2009, 33 high-profile Twitter accounts were compromised after a Twitter administrator's password was guessed by a dictionary attack.[34] Falsified tweets—including sexually explicit and drug-related messages—were then sent from the accounts.[35]
Twitter launched the beta of its Verified Accounts service on June 11, 2009 allowing famous or notable people to make it clear which Twitter account belongs to them. The home pages of these verified accounts displays a badge to indicate this special status.[36]
No comments:
Post a Comment