If you're explaining, you're losing - JC Watt
|
|
|
Obama Twitter hacker freed
INSPECTOR PIERRE KNACKER of le Paris Yard has fingered the collar of the 25 year-old unemployed bloke who hacked into US President Obama's Twitter account.
The unnamed bloke has been told to show up in court and face the music. Despite the fact that he has been the subject of a huge police and FBI inquiry, coppers insist that he is not a criminal genius who plotted to overthrow the West using Obama's Twitter feed as his unwitting tool.
It took the feds several months to track down the bloke, who was known only by the pseudonym "Hacker Croll".
French prosecutor Jean-Yves Coquillat said that Croll had explained how he did it and he was not a hacker mastermind. "He was a young man spending time on the Internet. He acted as a result of a bet, out of the defiance of the hacker. He is the sort who likes to claim responsibility for what he has done."
He could get up to two years for hacking into a database.
However Croll never attempted to profit financially from his hacking activities on Twitter. He had managed to secure Twitter's administrator codes and was able to create, modify or delete accounts at will.
Apparently it was a doddle to do. He simply guessed people's passwords by working them out from information on their blogs or online pages they had created about themselves. µ
Share this:
Share
Hilarious! This was supposed to be the new wave, tech savvy administration!
This is hardly hacking, just a lot of detective and guesswork, basicly he went to the extreme of looking for someone's password hint. If an administrator for Twitter is dumb enough to have a simple password then it deserved to be broken into. Twitter should really tighten their security.
This is no different to how thousands of facebook and myspace pages are broken into every day. I've done it myself using a facebook page someone made for their dog. Facebook requested their birthdate for access, I found they had a page for their dog, the dog had their birthday...easy
Hence the reason I dont use any of those $2 padlock security social networking sites.
I say kudos to the kid, give him a job, he obviously knows what he's doing
That allows this:
"He had managed to secure Twitter's administrator codes and was able to create, modify or delete accounts at will."
Why are administrator accounts accesible from anywhere, on any machine? Isn't there *any* red-flagging of attempts? -- I suppose there may be too many of them to do so, but that simply points up that it's possible to do from anywhere.
This seems to me a problem that should have been solved long ago. Access needs to be tied to specific systems. One way, off the top of my head, would be to edit Firefox's about:config user agent string to a custom one that the server then checks for in the request header.
He's not a Genius: He's a very naughty boy!
There fixed that for you.
Damnit how did you miss the obligatory Monty quote!