back to article Bloke leaks '1000s' of Twitter login tokens, says he can hack ANY twit

A hacker calling himself the "Mauritania Attacker" claims he has compromised every Twitter user account on the planet - and leaked the OAuth tokens for thousands of Turkish tweeters. Meanwhile, a security researcher claims to have obtained similar details by creating a fake app that masqueraded as Twitter's own third-party …

COMMENTS

This topic is closed for new posts.
Anonymous Coward

...he can hack ANY "twit"

Yes, that sounds about right.

1
1
Silver badge

I don't even use twitter but...

The end of the stone age. Two bearded, loin-skinned cavemen stab around huge slabs of stone.

CAVEMAN1: Ha, ha, ha, only idiots use papyrus to writer "letters".

CAVEMAN2: Yeah! Ha, ha, ha! Everybody can read their letters. Ha, ha, ha! They should inscribe their messages on stone.

History does not record what happen to these men. Maybe we just haven't looked on the underside of the right rock.

4
1
Bronze badge
Devil

Re: I don't even use twitter but...

"History does not record what happen to these men..."

Sure it does.

One went on to start Farcebook...the other Twatter.

3
1
Anonymous Coward

Re: I don't even use twitter but...

Pretty much everything the Egyptians ever wrote on Papyrus has been lost through decay or fire. Most of what they carved into stone remains, and a large amount of that was idle boasting of riches and martial prowess.

Admittedly, benefitting future archaeologists isn't much of a selling point.

1
0

Re: I don't even use twitter but...

>Most of what they carved into stone remains, and a large amount of that was idle boasting of riches and martial prowess.

So that would be their equivalent of Facebook & Twitter, then?

0
0
Boffin

Re: I don't even use twitter but...

In essence - it's ephemeral.

You'd barely even known our "digital society" existed if the power went out and our computers rusted and so forth but our carved monuments will go on for a few thousand years at least.

0
0
Go

Re: I don't even use twitter but...

>Pretty much everything the Egyptians ever wrote on Papyrus has been lost through decay or fire.

And the best medium? Clay tablets (as long as they don't get too wet) - especially as building fires just bake them harder whereas stone tends to shatter.

0
0
Silver badge

Re: I don't even use twitter but...

Depends on whether you've whallopped all of the air out of the clay first.

Try putting something in a kiln where you haven't done that. Be prepared to open the door who a whole load of explodified mess.

0
0

The problem with resetting tokens...

is that Twitter have arbitrary and silly limits on the number of tokens for each app. If you reset your token for a popular app, there's a possibility you won't get it back. Not good if you've paid for it.

0
0

Twitter's OAuth2 implementation is not vulnerable

The "security researcher" is simply describing how OAuth 2 works. If a native application is acting as the client, it is normal for its "consumer secret" to be embedded somewhere in the application. There is no expectation that the consumer secret is actually secret.

0
0

No surprise here

The clueless TWITS need to get a life.

0
2
Silver badge

Maybe not

Well, he sure as hell can't hack mine.

(Clue: I don't have one...)

0
0
This topic is closed for new posts.

Forums