Tuesday, July 5, 2011

You just can't believe everything you read

Hi folks,

Over the weekend, our friends over at Sophos noticed that Fox News got one of their Twitter accounts "hacked". The "hacker" posted four or five bogus tweets about the President being assassinated, over a ten hour period, before the Fox guys noticed. I guess we could say that it took them ten hours to tweak that their tweets were being twampled. (Sorry)

Once they realized what had happened, they (presumably) changed their password, and deleted the dud tweets.

Their public response was that they had been "hacked", and they were demanding a full explanation from Twitter about what happened.

Well, I can tell you what happened. You weren't "hacked". Your person, or people, running that Twitter account got his or her password phished.

It hurts a bit, but it wasn't Twitter's fault, so there's no point in blaming them.

What it really underscores is the danger of password re-use. It's dangerous, and you simply must adopt the idea that you'll have one password per website that you want to use. If that's 50 websites, then you need fifty passwords. It sucks a but, but the alternative is that if you only have a few passwords, and one website fails, then that all the other websites that password accesses, are compromised.

Use a password manager, or even write them down and keep them in your wallet, but the rule has to be ...

No password re-use! Ever.

Keep safe folks,


No comments: