learn what you can do

share a tip, submit a link, add something new

Today's Security Fix

by Cara Garretson

Security

July is the Month of Twitter Bugs

Be the first to comment | 6I like it!
Tags: Twitter bug

More »

Recent Posts

July 6, 2009, 06:07 AM —

Last week security researcher Aviv Raff launched a new feature on his Twitter security threat Web site. Called the Month of Twitter Bugs, the site will describe a Twitter bug a day in order to raise awareness of Twitter API concerns and third-party services that leverage them, and to warn end users of potential problems with the software and systems they use.

The posts will take a limited disclosure approach, meaning it will notify Twitter and its partners of high-risk vulnerabilities 24 hours in advance of posting in order to give them an opportunity to come up with a fix before the information about the threat goes public.

This isn’t the first time Raff has dedicated a month to raising public awareness about security threats found in a certain technology; in July of 2006 Raff was part of the Month of Browser Bugs. That initiative was successful enough to make browser vendors pay attention to the vulnerabilities in their products, he says, and hopes the same will happen with Twitter.

Raff says he’s aware of enough vulnerabilities in Twitter to easily fill a month’s worth of posts, though he invites others to send him vulnerabilities they find in third-party Twitter services.

The Symantec Security Response team said it will monitor the posts about Twitter threats closely, and may even “create a Twitter account and tweet about them ourselves.”

Do you tweet? Follow me on Twitter here.

Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world

I like it!

Email
Print
Share
- Slashdot
- Digg
- Stumble
- Reddit
- Newsvine

Post a comment

Your name: *

E-mail: *

The content of this field is kept private and will not be shown publicly.

Subject:

Comment: *

Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
Lines and paragraphs break automatically.

peer-to-peer

Esther Schindler
If the comments are ugly, the code is ugly

claird
SVG a graphics format for 21st century

pasmith
Take Chrome OS for a test spin

Sandra Henry-Stocker
Solaris Tip: Have Your Files Changed Since Installation?

sjvn
64-bits of protection?

jfruh
Android fragments vs. the iPhone monolith

mikelgan
What Gizmodo missed about the Pro WX Wireless USB disk drive

Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325

Join the conversation here

Quick, practical advice for IT pros. Made fresh daily.

Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.

Newsletters

Subscribe to ITWORLD TODAY and receive the latest IT news and analysis.

*E-mail address:

*Verify E-mail:

*Job Title:

*Industry:

*Company Size:

*Country

* State:

I would like to receive offers via email from ITworld partners.

By clicking submit you agree to the terms and conditions outlined in ITworld's privacy policy.

view all newsletters »

webcasts & white papers

view all webcasts» view all white papers»

RESOURCE ALERTS

Get instant email notifications when E-business/E-commerce white papers, webcasts and case studies are added to our library.
Sign up »

featured download

Ease integration of Unix, Linux and Windows-based computers

Surviving Windows is easier than you think… MKS offers the power of an integrated all-in-one environment and provides you with the Power of UNIX on Windows
Learn More

Brought to you by:

contests & free stuff

We have 5 copies of these two new books to give to some lucky readers. The deadline for entries is November 30, 2009.

	iPhone for Programmers: An App-Driven Approach Everything you need to start developing great iPhone apps. Enter now!
	The Google Way Discover how Google's culture of innovation is reinventing business. Enter now!

IT Jobs

apple adam

Priceless! The 25 Funniest Vintage Tech Ads
My oh my, how things have changed. These 25 vintage tech ads are guaranteed to take you back -- and, in most cases, remind you how truly terrible our tastes once were. Click ahead, and enjoy the shame-free trip down memory lane.

Case Study: AISO grows its "green" business

AISO founders envisioned a Web hosting company that was environmentally friendly. While the company employed energy-efficient innovations like solar panels, its infrastructure produced unacceptable power and cooling requirements. Find out how AISO leveraged AMD technology to overcome their challenge in this case study white paper.

Download this white paper »

Myth of the Million Dollar Database

In this whitepaper, Scalar explores the opportunity to change the landscape with respect to mission critical databases built around Oracle. Leveraging technologies such as Linux, high-end commodity processing power and Oracle RAC technology to architect, design, build and maintain database infrastructure that delivers maximum availability, reliability and performance at a fraction of traditional cost.

Download this white paper »

Success Story: Weather.com handles whatever nature serves up

On a typical day, weather.com, the Web site for The Weather Channel in Atlanta, serves up between 15 million and 20 million page views. But in September 2004, when back-to-back hurricanes ransacked Florida, the peak traffic on one day more than tripled: over 70 million page views by more than 7 million unique visitors. Read the full success story now.

Download this white paper »

Marketplace

Sponsored links

See how AT&T can help protect your network.

Unified Communications: Thoughts, Strategies and Predictions. Join the discussion.

Slow PC? Automatically update your drivers with DriverAgent

Engineer's Toolset v10: A collection of Tools for Fast Fixes to Network Issues

ITwhitepapers.com - Access thousands of whitepapers on 300+ technical topics.

Free Exchange webinar from Microsoft and Double-Take Software

Top 5 Reasons Application Performance and Network Security Go Together