Header photo by Hamish Grant. Used with permission.

Monday, May 10, 2010

Twitter Security Hole: Forcing Friends & Spreading Panic

Tech blog, Gizmodo just posted a Twitter hack that exploits a security hole, which can be used to force anyone to follow you.  Interesting.

In case you're wondering how, here's the link.  However before you go ahead and get yourself followed by Twitter kingmakers and celebrities, a word of caution: Hacking someone's Twitter account to force a follow is not only a personal violation; but will also do your personal brand some damage.

In March, I blogged about how Conan O'Brien followed Sarah Killen at random, and her Twitter following immediately skyrocketed.  Conan's decision to follow Sarah cast her into online notoriety.  But will forcing a follow do the same for you?  Not likely.  Actually, it might have the opposite effect.  It could do some damage to your personal brand - "forcing" Conan to follow you might actually imply to people that you don't care about infringing on their digital privacy and you're willing to go to great lengths to help yourself ... and at what expense?

Upon seeing the link from Gizmodo, I checked Conan, Oprah and Stephen Colbert.  They were all following a whole bunch of randoms.  Obviously a lot of people were taking advantage of this security hole and trying to be followed by "big names."

Conan Tweeted this:

He was following a lot of people:

Then, minutes after Gizmodo's tweet, I looked at Conan's followers again (to write this post) and they were cleared to zero.  He had zero followers too (from two million or so).  I checked my followers, and I was reduced to zero and zero too!  It's most likely Twitter trying to fix the bug.

People on Twitter are panicking! 

Incredible!  It seems as though Gizmodo has caused quite a stir ... again.  It's been a busy month for the tech blog!

Update: It seems that my speculation was right.  From the Twitter update blog:
We identified and resolved a bug that permitted a user to “force” other users to follow them. We’re now working to rollback all abuse of the bug that took place. Follower/following numbers are currently at 0; we’re aware and this too should shortly be resolved.

No comments:

Post a Comment