Twitter, Facebook Users: Review Account Settings
A major "hack" of prominent Twitter accounts has raised awareness of a big security loophole. The problem isn't with Twitter itself, but rather third party tools.
This morning several thousand accounts belonging to public figures and major organizations and businesses posted identical messages. The tweets included a swastika symbol and references to Nazi views in Germany and the Netherlands and are thought to relate to an ongoing political spat between the Netherlands and Turkey. (Source: bostonglobe.com)
There's never a good time for accounts to be hijacked in such a way, but today was particularly sensitive as people in the Netherlands were voting to elect a national government.
Automated Tool to Blame
Many observers initially assume either that Twitter itself had been hacked or that the people behind the tweets had managed to obtain the account passwords of the victims, perhaps through a phishing campaign.
In fact, it turns out the hacking was directed at Twitter Counter, a third party service. It's designed to help businesses keep track of how many people respond to and share particular tweets, something that's extremely useful for organizations that operate high-profile social media accounts and want to know how to reach more people with their message.
The way Twitter allows third-party tools to access its data means the Twitter account holder using the tool must give it specific permissions. With Twitter Counter, that meant giving permission to access their statistics and to post on their behalf.
Normally this latter permission is only ever used for automated posts when Twitter Counter users want to share a statistic, for example to highlight that a particular tweet was very popular. It relies on trust that companies such as Twitter Counter won't abuse the permission. That trust has been justified to date, but now the hackers were able to take advantage.
Permissions Can Be Revoked
While Twitter Counter is investigating the problem, it's proven an opportunity for many to review their permissions. To do so, users need to go to Twitter, click or tap their profile picture, select "Settings and Privacy" and then select "Apps". This will bring up a list of any third-party tools with account permissions, where users can revoke certain permissions if they don't recognize or are no longer comfortable with them. (Source: usatoday.com)
There's a similar setting for Facebook too. To get this, users need to select the downward arrow in the very top-right of the Facebook website, then select "Settings". On the page that appears, select "Apps" from the left-hand menu to see a list of apps and permissions.
What's Your Opinion?
Do you use any third-party tools on Facebook or Twitter? Do you trust them not to abuse permissions? Does this incident make you less comfortable about giving such permissions?
Infopackets Top Windows 10 FAQs
How to Upgrade from Windows 10 32-bit to 64-bit
How to Fix: Windows 10 Antivirus Missing, Not Compatible
How to Fix: Windows 10 Display Shifted; Screen Fuzzy
How to Upgrade Windows 7, 8 32-bit to Windows 10 64-bit
to Downgrade from Windows 10
- How to Fix: Windows 10 Upgrade Failed Error C1900208
- How to Fix: Windows 10 Upgrade Failed Error 80240020
- Can I Cancel my Windows 10 Reservation and Reserve Later?
- How to Clean Install Windows 10 using Windows 7, 8 License
- Will Windows 10 Install Automatically?
- Windows 10 Upgrade: Do I have to Reinstall Programs?
- Windows 10 Upgrade: Can I choose 32-bit or 64-bit?
- Which Version of Windows 10 Will I Get (Home or Pro)?
- How to Reserve Windows 10 Upgrade (Free)
- How to Fix: CPU Not Compatible with Windows 10 Error
- Windows 10 Upgrade: Can I keep my Old Windows Install?
- How to Cancel Windows 10 Reservation (Properly)
- Download Windows 10 .ISO (DVD) for Clean Install?
- Microsoft: Windows 10 Will Be The Last Version
- Does Windows 10 require the CPU to support PAE?
- Windows 10: Can I Upgrade or do I need a Clean Install?
Click here for more Windows 10 articles.