Tweetsteria: Everyone's Panicked Over Twitter Executive's E-mail Hack
July 16, 2009This same scenario reminds us all of the 2008 hacking of then-vice-presidential nominee Sarah Palin's Yahoo e-mail account. That security breach wasn't the result of some slick, Hollywood-style-super-spy-tech hacking. It was a kid who correctly guessed a password.
Bloggers and the media are fixated right now on this Twitter hack. One blogger even made an asinine leap in logic as to somehow attribute the Twitter executive's e-mail hack to a security flaw in Google Apps, simply because the e-mail account contained documents created in Google Apps:
The hacker who broke Twitter's rather feeble security last month was able to find and copy confidential documents because they were shared between Twitter employees using Google's Web apps.
This is not some inherent flow within Google Apps. This is a flaw of weak passwords. Just about all of the big-name platforms out there are guilty of it -- Hotmail, Gmail, Twitter. These sites are designed for the masses and the companies are often lax with providing proper password policies. The reasoning behind it could be that the companies do not want to turn off Jane and Joe Average User by making him or her adhere to password complexity policies.
Even The New York Times jumped on the bandwagon, bringing readers this astounding tidbit of technical sagacity:
... it also means that the security is only as good as the password.
Even the most wet-behind-the-ears network administrator would know to enforce a strong password policy in a corporate network.
So what will come of this latest "hack?" Most probably companies like Twitter and Gmail will shore up password security. Implement mandatory password changes. Require alphanumeric complexity the same way many online financial institutions do.
In the meantime, everyone needs to relax. The real hand-wringing security issues out there include deliberate attacks against government networks, the countless numbers of bots out there designed to drop Trojans that can steal information from our machines, and attempts to bring down critical infrastructures through cyberterrorism like we saw with the attack on the electric grid.
In the meantime, Microsoft, Google, Twitter and the like know what needs to be done and it's easily remedied: Shore up those password policies.
- Juniper Honors 12 Americas Partners
- Facebook And Four More Web Sites We Love To Hate
- Cisco Honors Top Partners During 2010 Partner Summit
- HP Salutes Top Partners At APC 2010 Award Show
- Upclose And Personal With AMD And friends
- Will Oracle's Phillips' Affair Revelation Be A Distraction?
- Apple, Microsoft Unlikely Allies Against Google
- HP-Microsoft Cloud Partnership Needs To Show Us The Goods
- Blog: It's Time For A Cybercrime Public Service Announcement
- Nortel Sell-Off Continues: Ethernet Business To Ciena?
- Want To Deploy Exchange 2007 SP2 In A Server 2008 R2 Domain? Sorry
- Apple Improves iTunes 9 With Syncing, Visual Enhancements
- Oracle Ad Refutes Sun Hardware Fears
- U.S. Copyright Chief Rips Google Book Deal In Testimony
- Apple Slashes iPod Price Tags
- Price Is Right? Asus To Launch Low-Cost E-Reader
- Microsoft Xbox 360 Consoles Fail More Often Than Wii, PS3
- Privacy Group To Congress: Stop Online Advertisers In Their Tracks
- Microsoft, Intel Tout Their Collaboration On Windows 7
- Tech Data Adds Integration Services With New Center
| • |
| • |
| • |
| • |
| • |
| • |
| • |
|
|
