| General > General Technical Chat |
| Twitter Hackage |
| << < (4/10) > >> |
| tom66:
That's ridiculous. |
| Ed.Kloonk:
--- Quote from: magic on July 16, 2020, 06:07:16 am ---The first point of eti's being wrong doesn't preclude the other from being spot on :P In my days, we simply called it a hack ::) --- End quote --- In my day, I remember a couple of people who pointed out that innocuous hackers are annoyed that they are lumped in with 'crackers' who attack and crack things, like Twitter. Of course I understand the problem with calling people crackers. Maybe we should call the people who attacked twitter what they are: terrorists. |
| RenThraysk:
They could be terrorists if there was a political motivation. But seems there was none atm. |
| magic:
--- Quote from: Ed.Kloonk on July 19, 2020, 04:21:54 pm ---In my day, I remember a couple of people who pointed out that innocuous hackers are annoyed that they are lumped in with 'crackers' who attack and crack things, like Twitter. --- End quote --- I'm familiar with this concept but it failed to gain traction so much that I didn't even remember about it while writing that post :) The only people legitimately called "crackers" are those making software cracks, sorry. I'm afraid that pwning websites is simply hacking. |
| DrG:
A few details speculating on what might have happened. How the initial compromise of a number of so-called admin accounts was accomplished is not not detailed. https://www.cnn.com/2020/07/17/tech/former-twitter-employees-sleuthing/index.html https://www.cnn.com/2020/07/26/tech/twitter-hack-remote-working-security-risks/index.html "Twitter said the breach was the result of a coordinated "social engineering" attack that targeted workers who had administrative privileges, with the aim of taking control of the accounts." translated from weasel-speak to English: We are either not saying or we have no freaking idea how they got so many admin passwords that had no two-factor authentication or any kind of sophisticated security. I was a little shocked to learn (if this was not speculation) that the admin accounts could disable two-factor authentication for user accounts as well as email address to send password reset instructions. That is, hack that and get a pw reset and you have it. Why do you need so many though? To keep it going for a few minutes? I don't know, but the initial reaction was to lock down accounts. BTW: I don't have a Twitter account. |
| Navigation |
| Message Index |
| Next page |
| Previous page |