It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
Twitter Admits All Passwords Visible to Employees Due to ‘Bug’ and Advises Password Change
page: 1share:
Twitter has "announced" as many as 300 million user passwords have been visible to lots of employees because of a "bug" !!
They say nothing unusual happened and they didn't even have to tell you !!
But from the bottom of their heart, they are anyway.
And still are advising people to change their passwords even though they "fixed it" and there's no reason to be "alarmed" !!
Gotta wonder how many accounts of any special kind got "compromised" and "un-checked" !!
Twitter Admits All Passwords Visible to Employees Due to ‘Bug’ and Advises Password Change
😉
They say nothing unusual happened and they didn't even have to tell you !!
But from the bottom of their heart, they are anyway.
And still are advising people to change their passwords even though they "fixed it" and there's no reason to be "alarmed" !!
Gotta wonder how many accounts of any special kind got "compromised" and "un-checked" !!
Twitter Admits All Passwords Visible to Employees Due to ‘Bug’ and Advises Password Change
Social media company Twitter has advised users to change their account passwords after it was discovered that a bug resulted in user passwords being stored in an insecure manner.
In a blog post titled “Keeping your account secure,” company CTO Parag Agrawal explained that the platform utilizes software that masks user passwords, preventing anyone at the company from viewing them. But due to a bug, all user passwords were stored in plaintext in an internal log. Agarwal says that they have investigated and fixed the bug and so far have found no signs of misuse or breach of user data.
😉
I always ask my wife why she has these social media accounts. I just don’t understand exposing my personal information to these immoral data
collectors.
a reply to: xuenchen
They actually don’t have to tell you. Maybe stop spreading doom porn and encourage others to fully read contracts and be helpfully a contributing member of ATS.
All you do is contradict yourself every other day and post nothing helpful. I truly believe your only reason for being here is help great a larger divide in America. And sadly it is working for the uneducated individuals.
They actually don’t have to tell you. Maybe stop spreading doom porn and encourage others to fully read contracts and be helpfully a contributing member of ATS.
All you do is contradict yourself every other day and post nothing helpful. I truly believe your only reason for being here is help great a larger divide in America. And sadly it is working for the uneducated individuals.
a reply to: xuenchen
A plaintext log?
No way, that is a bug!
You don't just randomly write something that makes *the* biggest no no of all no nos of password storing.
Either it is deliberate or it is a mistake, but it is definitely not a bug.
But due to a bug, all user passwords were stored in plaintext in an internal log.
A plaintext log?
No way, that is a bug!
You don't just randomly write something that makes *the* biggest no no of all no nos of password storing.
Either it is deliberate or it is a mistake, but it is definitely not a bug.
I would image that any Twitter user who has ever been a victim of identity theft could bring a case against Twitter for negligence.
A minimal check during development would reveal this.
I tend to think it was the design because someone would have seen it long ago.
I tend to think it was the design because someone would have seen it long ago.
a reply to: xuenchen
So the POTUS, Twitter account is compromised. That is not cool....he shouldn't be tweeting the crap he does, including threatening other countries with a Tweet. Its unacceptable to say the least, but someone could set him up.
So the POTUS, Twitter account is compromised. That is not cool....he shouldn't be tweeting the crap he does, including threatening other countries with a Tweet. Its unacceptable to say the least, but someone could set him up.
edit on 3-5-2018 by kurthall because: fix
originally posted by: Allaroundyou
a reply to: xuenchen
They actually don’t have to tell you. Maybe stop spreading doom porn and encourage others to fully read contracts and be helpfully a contributing member of ATS.
All you do is contradict yourself every other day and post nothing helpful. I truly believe your only reason for being here is help great a larger divide in America. And sadly it is working for the uneducated individuals.
Creating a larger divide in America?
Did we read the same post?
A company has screwed up big time by storing 300 million passwords in plaintext. That in itself is a greater breach of security than actually being hacked and having all your salted user data stolen. It is beyond terrible.
They say that they have found "no signs" of "misuse "- however, if the date lies in plaintext, that says so little, that it is actually misleading. There are thousands of ways (well, no, not really) to leave virtually no signs behind after having compromised. Especially in a infrastructure that lax in security!
I would say there is cause for concern - they are *very* vague about whether or not anyone has been compromised. Actually they do not even mention it and instead talk about misuse without ever defining what *that* constitutes.
They don't come out and say the assuring "we don't believe anyone has seen your passwords" or "the plaintext list was never accessed by anyone".
There is likely a reason for that.
Anyway, point is, this is a very real and important story, and I don't know why you read all that into it.
Go news is twitter really doesn't do much. It's not ecommerce or performing control functions (other than some people's minds).
a reply to: DupontDeux
Great post.
Why would anyone defend a company for being so careless with extremely private information?
How many employees does Twitter actually have, anyways?
Are they ALL honest and trustworthy?
Great post.
Why would anyone defend a company for being so careless with extremely private information?
How many employees does Twitter actually have, anyways?
Are they ALL honest and trustworthy?
So Twitter employees could at any time have posted to anyone's account if they wanted to. No problem in that
I wonder how many employees have come, gone, quit or been fired while it was available to them.
I wonder how many employees have come, gone, quit or been fired while it was available to them.
Not much personal info there unless it's been posted in tweets.
originally posted by: roadgravel
Not much personal info there unless it's been posted in tweets.
Great for smear campaigns.
And selective censoring too !!
🧐🔑
a reply to: DupontDeux
Yea we read the same post though I was referring to other posts. I don't use twitter and think the whole thing is stupid and spreads disinformation at a fast rate. They have not violated any laws and someone would know that if they read the terms and conditions.
Yea we read the same post though I was referring to other posts. I don't use twitter and think the whole thing is stupid and spreads disinformation at a fast rate. They have not violated any laws and someone would know that if they read the terms and conditions.
originally posted by: IAMTAT
a reply to: DupontDeux
Great post.
Why would anyone defend a company for being so careless with extremely private information?
How many employees does Twitter actually have, anyways?
Are they ALL honest and trustworthy?
Clearly you don't know how I feel about Twitter. Which is fine because why would you? I am only pointing out what should be clear as day.
If you call a help line for hardware or software they will ask for info so they can verify who you say you are. They already have the info in front of them. So why be upset when Twitter does that?
A company worth billions (not sure why) can't get a couple of descent programmers. I imagine there is a lot of finger pointing going on there unless
it is just a cover story.
a reply to: roadgravel
I think they got caught and were "told" to publish an excuse.
Confucius said:
"Success is the hardest thing to beat, and Failure is the hardest thing to fix"
💡
I think they got caught and were "told" to publish an excuse.
Confucius said:
"Success is the hardest thing to beat, and Failure is the hardest thing to fix"
💡
a reply to: roadgravel
That's not the problem though.
Many people use the same password on more than one site and the password and real name combined is not good to have floating around the Internet.
Also imagine if a rabid partisan employee got angry and had the password so they could post to others accounts. Or even if they just disliked something someone posted, they could mess with them.
Hopefully this will be all over the news so people can deal with it. I'm suspicious that Twitter has a motive for suddenly announcing this.
That's not the problem though.
Many people use the same password on more than one site and the password and real name combined is not good to have floating around the Internet.
Also imagine if a rabid partisan employee got angry and had the password so they could post to others accounts. Or even if they just disliked something someone posted, they could mess with them.
Hopefully this will be all over the news so people can deal with it. I'm suspicious that Twitter has a motive for suddenly announcing this.
new topics
-
HORRIBLE !! Russian Soldier Drinking Own Urine To Survive In Battle
World War Three: 56 minutes ago -
Bobiverse
Fantasy & Science Fiction: 3 hours ago -
Florida man's trip overseas ends in shock over $143,000 T-Mobile phone bill
Social Issues and Civil Unrest: 3 hours ago -
Former Labour minister Frank Field dies aged 81
People: 6 hours ago -
SETI chief says US has no evidence for alien technology. 'And we never have'
Aliens and UFOs: 7 hours ago -
This is our Story
General Entertainment: 10 hours ago
top topics
-
President BIDEN Vows to Make Americans Pay More Federal Taxes in 2025 - Political Suicide.
2024 Elections: 12 hours ago, 16 flags -
One Flame Throwing Robot Dog for Christmas Please!
Weaponry: 17 hours ago, 6 flags -
Florida man's trip overseas ends in shock over $143,000 T-Mobile phone bill
Social Issues and Civil Unrest: 3 hours ago, 6 flags -
SETI chief says US has no evidence for alien technology. 'And we never have'
Aliens and UFOs: 7 hours ago, 5 flags -
Don't take advantage of people just because it seems easy it will backfire
Rant: 17 hours ago, 4 flags -
Ditching physical money
History: 16 hours ago, 4 flags -
Former Labour minister Frank Field dies aged 81
People: 6 hours ago, 4 flags -
Bobiverse
Fantasy & Science Fiction: 3 hours ago, 3 flags -
This is our Story
General Entertainment: 10 hours ago, 3 flags -
Ode to Artemis
General Chit Chat: 13 hours ago, 3 flags
active topics
-
-@TH3WH17ERABB17- -Q- ---TIME TO SHOW THE WORLD--- -Part- --44--
Dissecting Disinformation • 643 • : Thoughtful3 -
HORRIBLE !! Russian Soldier Drinking Own Urine To Survive In Battle
World War Three • 8 • : Astyanax -
New whistleblower Jason Sands speaks on Twitter Spaces last night.
Aliens and UFOs • 51 • : Ophiuchus1 -
The Reality of the Laser
Military Projects • 40 • : Zaphod58 -
President BIDEN Vows to Make Americans Pay More Federal Taxes in 2025 - Political Suicide.
2024 Elections • 67 • : UnderAether -
Windows tracking links to WEF and more:
New World Order • 21 • : milaganenogan -
SETI chief says US has no evidence for alien technology. 'And we never have'
Aliens and UFOs • 29 • : SchrodingersRat -
"We're All Hamas" Heard at Columbia University Protests
Social Issues and Civil Unrest • 274 • : YourFaceAgain -
Manly P. Hall says Freemasonry is a religion?
Secret Societies • 21 • : SchrodingersRat -
Florida man's trip overseas ends in shock over $143,000 T-Mobile phone bill
Social Issues and Civil Unrest • 4 • : VariedcodeSole