Avoid Twitter Until Further Notice:

ATTENTION: You are viewing a page formatted for mobile devices; to view the full web page, click HERE.

Main Area and Open Discussion > Living Room

(1/1)

KynloStephen66515:
A flaw in the website of micro-blogging service Twitter is being used to pump out pop-up messages and links to porn sites.

Initially, users only had to move their mouse over the link - not click it - to open it in the browser.

Thousands of Twitter accounts have so far posted messages exploiting the flaw including Sarah Brown, the wife of former Prime Minister Gordon Brown.

Twitter said it was aware of the problem and would issue a patch soon.

The flaw which caused pages to open automatically appears to have been fixed.

This command - written in a programming language called Javascript - automatically directed users to another website, some of which contain pornography. Whilst the links are still there, users must now actively click on them.
Continue reading the main story
Related stories
Twitter unveils major redesign
Twitter hit by security breaches

The malicious links look like a random URL and contain the code "onmouseover".

"There is no legitimate reason to tweet Javascript," Graham Cluley, a researcher at security firm Sophos, told BBC News.

The code is being spread by worms, self-replicating and malicious piece of code.
--- End quote ---

Read More:

http://www.bbc.co.uk/news/technology-11382469

Stoic Joker:
One man's exploit is another man's Ad campaign - Somebody in a corporate boardroom somewhere had to go Hot-Damn skippy that's a great idea, and sign-off on it before it "hit" the web.

It's the marketing people that are screwing up the web, it always has been. The only lesson that can be learned from Donald Trumps show the Apprentice (where they sell inedible cupcakes for $20,000 a piece) is AnyThing for a buck.

daddydave:
That seems very odd to me..bits of end user javascript have been allowed to pass through twitter unaltered all this time?

f0dder:
That seems very odd to me..bits of end user javascript have been allowed to pass through twitter unaltered all this time?-daddydave (September 21, 2010, 02:54 PM)
--- End quote ---
They did it for teh lulz!

Navigation

[0] Message Index

Go to full version