Twitter Cuts Widget Feature Due to Account Hijacking Fears

Posted by Tanya Hall
January 25, 2010

Twitter has disabled a widget based on Adobe’s Flash Player after a security analyst notified the micro-blogging site of a weakness that left account login details exposed to hackers.

The security scare follows Twitter banning the use of 370 passwords that were deemed too obvious for hackers to crack.

The Flash-based widget was widely used by people wanting to display their tweets on their own websites.

Users of similar javascript widgets are unaffected by the security risk, with Twitter recommending Flash users make the switch as an alternative option.

“We’ve been notified about a vulnerability in our Flash widget and out of an abundance of caution we’ve disabled access as we assess the situation,” Twitter’s staff said in a status update.

Despite this action, the configuration error reportedly stems from a basic programming mistake back in 2006.

Mike Bailey, a senior security analyst with US-based company Foreground Security, said that the problem exploits a widely known vulnerability in the Adobe Systems Flash programming language.

“This is not Adobe’s fault,” Mr Bailey said.

“This is due to the fact that a lot of really bad programmers are coding Flash objects. I’ve seen literally hundreds of these things across the web.”

Adobe had previously released instructions to programmers on how to avoid the flaw. However, many people have failed to follow these recommendations, resulting in thousands of websites being affected by buggy Flash files.

At present, no known Twitter accounts have been affected by the vulnerability, but Mr Bailey said that if hackers had exploited the flaw, “it would be impossible to know.”

Have you been affected by a Twitter security breach? Leave us a comment and let us know.

Gadget Gift Ideas
If you like what you’re reading then learn more about joining our FREE newsletter here. Lucky readers will win some fantastic gadget prizes!

Also, check out our recession busting gadgety money saving ideas.

Related posts:

  1. Cyber Attacks on Facebook and Twitter Triple
  2. Twitter Targets Phishing Scams
  3. Twitter prunes its branches with Twitter Correction
  4. Twitter Made Easy for Newcomers by Creating Facebook-Like Features

Share and Enjoy:
Bookmark and Share
AddThis Feed Button
General, News, Social Networking

If you enjoyed this post, please consider to leave a comment or subscribe to the feed and get future articles delivered to your feed reader.

Comments

No comments yet.

Leave a comment

(required)

(required)