Jump to content

  • Log in with Facebook Log in with Twitter Log In with Google      Sign In   
  • Create Account

Subscribe to HRA Now!

 



Are you a Google Analytics enthusiast?

Share and download Custom Google Analytics Reports, dashboards and advanced segments--for FREE! 

 



 

 www.CustomReportSharing.com 

From the folks who brought you High Rankings!



Photo

4 Reasons To Not Use Twitter!


  • Please log in to reply
6 replies to this topic

#1 NASA

NASA

    HR 4

  • Active Members
  • PipPipPipPip
  • 183 posts

Posted 14 April 2009 - 03:43 AM

Apparantly Twitter was struck by 4 worms over the easter break.

www.sophos.com/blogs/gc/g/2009/04/12/stalkdaily-twitter-users-warn-attack/

Though I thought the browser didn't allow cross site scripting to execute with 'Permission Denied' JS error.

So how did they manage it?

#2 NASA

NASA

    HR 4

  • Active Members
  • PipPipPipPip
  • 183 posts

Posted 14 April 2009 - 06:43 AM

I've been discussing this on another site and it would seem it's more incorrect use of terminology , they haven't been able to execute 'cross-site scripting'.

What they did was 'Code Injection' as user input was / is not being validated and 'cleaned' before being added to the user profile page for display!

I'm very surprised this school boy error was made by such a large company! but i guess no-one is perfect smile.gif

#3 Randy

Randy

    Convert Me!

  • Moderator
  • 17,540 posts

Posted 14 April 2009 - 07:25 AM

Nobody is perfect for sure. In my experience the bigger the fish, the easier it is to find security holes. Mostly because everybody thinks someone else is minding the store. lol.gif Sad, but true I'm afraid.

On the flip side the guy who did it wasn't too smart in his own right. By admitting it was him he's now opened himself up to all sort or legal problems. Namely getting a huge bill from Twitter to cover their clean up work. Hope he either has a lot of money to hand them. Because I expect they'll be going after him to recoup those costs.

#4 NASA

NASA

    HR 4

  • Active Members
  • PipPipPipPip
  • 183 posts

Posted 14 April 2009 - 07:30 AM


hysterical.gif , it just goes to show how even clever people are stupid!

<- hey mr police man, I robbed that bank. d'oh.

Not sure if the USA have a program like the UK called 'Crime Watch' , where they beg the public to phone in and grass on wanted criminals.

I wonder if a criminal has ever rung in and grassed on themselves and confessed lol.gif


#5 Randy

Randy

    Convert Me!

  • Moderator
  • 17,540 posts

Posted 14 April 2009 - 08:30 AM

Well, crooks usually aren't incredibly smart to begin with. If they were really bright they wouldn't have to steal after all. wink1.gif

We had a bank robbery case here a couple of months ago where the guy went in wearing a mask and the whole bit like normal, but they were able to crack the case pretty quickly. It seems the guy was really on the lower end of the brightness scale, because he used one of his own deposit slips (from the same bank he was robbing!) on which to pen his This Is A Stick Up note. He of course forgot to take his little note with him after the robbery.

Took 'em all of about 30 minutes to arrest him. They were waiting for him at home when he got back with his bag o' loot.

You've gotta know the cops had to be busting a gut when they realized the guy gave them his name, address, etc.

#6 NASA

NASA

    HR 4

  • Active Members
  • PipPipPipPip
  • 183 posts

Posted 14 April 2009 - 08:43 AM

omg.gif -> he used his own paying in slip to write the stick up note. That's gotta be "Guinness book of idiots" worthy!

My sides hurt, just like the police's must have!

roflmao.gif

#7 harpsound

harpsound

    HR 4

  • Active Members
  • PipPipPipPip
  • 222 posts
  • Location:Victoria BC Canada

Posted 14 April 2009 - 10:10 PM

Then there was the guy who tried to rob a donut shop at knife point.
There were two booths in the back full of cops on coffee break.
Needless to say he did not survive.

We are all blessed by the altruism of our forebears who lost the genetic lottery so that the gifted few could reproduce.

As far as I can see robbing a donut shop is the ultimate altruism.....

Edited by harpsound, 14 April 2009 - 11:22 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

We are now a read-only forum.
 
No new posts or registrations allowed.