Jan 05 2009
I don’t have a lot of time this morning, but here are four bits of information on Twitter and the phishing attack against it that started this weekend. Haven’t there been a number of us that have been saying for a while “Don’t put your username and password into 3rd party applications on the web!”?
- Twitter and the Password anti-pattern – I’ve only gotten about half way through this paper, but I like the ideas I’m reading. This is basically an argument for taking Twitter beyond username/password and adding in functionality that would allow you to share some of your capabilities as a user with a third party.
- Phishing Scam spreading on Twitter – This was the first article I read on the Twitter Phishing this weekend.
- Gone Phishing – This is Twitter’s take on the phishing scam. Glad they’re being proactive.
- Twitter Users attacked by Phishing efforts – Symantec’s take on events.
I asked once before “Is Twitter a security risk?“. This isn’t a problem with twitter, this is a problem with people who are willing to give up their usernames and passwords for … what? A little sense of an ego boost as they find they’re relevant somehow? A pretty graphic that shows how they’re connected to other Twits? People don’t seem to realize this is another extension of their digital identity, just like a facebook account or email address.