
Line breaks vs hyphenation
I was worried for a second there when I read "simply by viewing booby", as my Interweb habits involving viewing a lot of booby. Phew
Twitter was hit over the weekend by powerful, self-replicating attacks that caused people to flood the micro-blogging site with tens of thousands of messages simply by viewing booby trapped user profiles. The worm attacks began early Saturday morning and were the result of XSS, or cross-site scripting, bugs in the Twitter …
Come on, really? 10K messages? That's hardly massively successful on a site the size of Twitter.
Yes they should respond quickly to security holes, yadda, yadda, yadda but ten thousand messages in 36 hours is a tiny drop in the ocean. No user action required because the vast, vast majority won't have noticed anything wrong.
10k is very slow for 36 hours. This type of infection creates a usual pyramid style.
1 User > 2 Users > 4 Users > 8 Users
If each twitter person had two followers that read the infected page.
But Twitter should have filtering this BASIC BASIC javascipt
<script> is one of the first ones whenever you are adding xss filtering to use.
i really hate twitter
Even more now i have watched tv and have seen news presenters pushing their Fucking twitter accounts on National TV, then on Radio1 + 2 I FFS ....
Please can somebody for the love of god just take twitter down i dont care how !!!!
i will pay £10.20, i am sure we can pool some money together.
that the article says that people Trust twitter... and that if we think that worms on social networking sites are harmless we should think again because big business are involved.
firstly, anyone who trusts something user generated, is a fool, anyone who thinks that they should be safe because their friends are their friends and they completely trust them is a fool, because they don't know what their friends are getting up to. and what they'vev downloaded/been infected by etc...
secondly, anyone who rates twitter as important because some celebs decided to write about their lives, or because a few businesses think it's a great way to get free adverts in 140 char or less messages is also a fool.
if you like using twitter, then fair enough, each to their own, but don't inflate it's importance by saying that everyone trusts the site and that big celebrities and big businesses use it.
I started using Firefox some with the noscript, but found one problem is that yes it
blocks this from happening, but if you think its something you want to look at, you just enable Firefox to look at it, without any real worning. I got this for my son because he clicks on everything, so really they shouldn't say Firefox blocks this with noscript because its like most things the user usually accepts the problems
@Anonymous Coward:
NoScript blocks this even if your son wants to use Twitter and enables scripting on twitter.com and googleapis.com (where Twitter's "good" scripts come from).
This is because the malicious code comes from a different site (mikeyy.uuuq.com), which you've got no interest in allowing and is disabled by default.
... actively updates TV programmes on his Twitter account. I am convinced no-one gives a shit but I don't really have the urge to go and find out. It sounds really pathetic as a website/idea/notion really. I'd sooner pass a note in class behind the teachers bac... Oh, wait I'm a grown man. These twits should realise the same and go get a bloody life.
I'll join your anti-twitter cause, I've got a big jar of spare change to help pay for twitter's downfall.
Remember the Merlin mini-series with Sam Neill and how they defeated Mab by simply ignoring her, thus losing her power over the people. That would be the perfect way to destroy twitter, except there are too many "look at me!" people out there believing what they tweet is important enough to regularly continue tweeting.
(yes I realize the irony of airing my views in the manner)