If Twitter is one of the most dangerous social networking sites, why haven’t they better prepared?

Click to read full story on Twitter privacy issue
 

The subject of privacy and protection within social media sites has been a critical issue since the creation of sites such as Facebook and Twitter.  The issue seems more magnified when it has to do with well-known celebrities and people in the spotlight.  Even our own president was just one of the high-profile victims involved in a Twitter hack back in 2009. 

Twitter has addressed this issue on multiple occasions, warning users that hacking is directly related to weak password choices.  A company recently experienced a hacking that left them with a huge problem.  They lost a significant amount of data after “fake followers” were hacking into their company Twitter account, an intricate attack that was later investigated. 

According to Twitter, hacking is a lot easier than one may think.  It doesn’t take a rocket scientist or a computer genius to figure out how to hack into a computer and steal information.  It is becoming more and more clear that there are flaws in the Twitter site that enable your information to be easily accessible to others.  When the site boomed in popularity, it is clear it wasn’t prepared for the mass amounts of people and companies that would join, and therefore privacy settings were not as tight-knit as they should have been.

In response to increasing privacy concerns, Twitter defended their social networking website by stating that people need to be more mindful of what they set their password to.  A lot of hackers create sites that offer downloadable material and are able to see anyone’s password and username.  Often, people, and especially companies, continually use the same username and password for multiple websites, and the hacker is then able to access their Twitter account.

According to an article in PCWorld, Twitter is predicted to be one of 2010’s top security threats, along with Facebook and various iPhone applications. 

Doesn’t it make sense that social media sites with popularity levels as high as Twitter need to be better prepared for hack attempts and have more sufficient privacy prevention?

There is also a fault in the way Twitter is programmed.  “Tweets” have a limit of 141 characters.  Many users enter URLs that go over this limit, which means they are automatically shortened into a “TinyURL” version. This makes it impossible for users to tell where the link is going when they scroll over to it.  What this means is that it is extremely easy for hackers to send out faulty links, which can sometimes be links to spam or even computer viruses that can ultimately ruin your whole computer and release all your personal information that was saved on your computer system.

Another fluke in the Twitter system is the authentication process in signing up.  Almost anyone can sign up for Twitter, you don’t need to prove legitimacy in order to create your own Twitter.  In fact, you don’t even have to have a valid e-mail address!  This is a spammer’s dream.  It makes it so easy to create fake accounts and ultimately spammers are creating vast fake networks on Twitter (click to read about even more faults in the world of Twitter).

The real problem is that so many people and businesses turn to social networking sites to expand awareness of their company, increase their celebrity status and sometimes just to join in on the Twitter craze, but could it be causing more good than bad?

This entry was posted in Thread Communications and tagged , , , . Bookmark the permalink.

12 Responses to If Twitter is one of the most dangerous social networking sites, why haven’t they better prepared?

  1. Pingback: If Twitter is one of the most dangerous social networking sites … » blog.lonelynot.org

    • kmcnally says:

      I think that as a user of an online Web site such as Twitter, you have to know that you are putting your information out their on the web for people to see. It doesn’t surprise me that it is easy for hackers to get your information easily. Its like anything else, if you don’t set it up to where it makes it difficult for someone to get access, then in a sense it is your fault as well.

      dolson’s comment about the unlocked door is a great example: you wouldn’t want to leave your door open or unlocked while you were away, because it would invite someone in, its the same as creating a password for anything you use online, you don’t want to make it easy for the hacker to access your things, because when you choose a password that is easy to figure out, you are just inviting them in.

      As a Web site, i think that Twitter needs to be cautious as well. They either need to up their privacy standards or they need to do something to ensure its users that they are safer than they think.

      • kwashburn says:

        I completely agree with you that as an user of social media sites such as Twitter, LinkedIn, Facebook, etc., you are essentially giving your right to putting your information out on the internet with the acknowledgement that strangers will most likely see what you are posting. I do believe though that privacy settings are important. For sites with as high traffic as Twitter, the privacy settings need to be tight and 100% hacker-proof. Especially because such high-profile people use this site, as well as big-name companies and people use this for personal use. The question is how will Twitter improve their faults, and how soon before it’s too late?

        • cnaughton says:

          Well said. When will they change their privacy settings? Is this a case of the concept growing out of control, literally? If Twitter can’t manage these issues they’re definitely setting themselves up. Their lack of control on this issue can potentially lead to so many more issues, that you mentioned, for their users.

          Take Facebook for example. Originally, users had to have a .edu email to register which limited its users. Popularity soon skyrocketed and has continued to for the last several years. Facebook hasn’t had such high-profile hacking incidents but is that because they were better prepared? Or did Facebook just transform slower than Twitter did?

  2. ebratkovich says:

    Great blog! I think maybe having a more stringent reminder of your password when setting up your account on any type of social networking site is really important. I think it is a good idea for people to change their password often, maybe even a couple times a month just to be extra protected. This can be hard for users to always remember their password when they are constantly changing it, but it is better to be safe than sorry, right? Also, I like the sites that give you the ‘strength’ of your password. People need to be smart when picking a password and I know I’m at fault for not doing this. Don’t pick easy things that hackers could figure out quickly-such as your pet’s name, birth date, nick name etc. Be creative-add numbers to a word you always remember if you have trouble remembering random words etc. I think sites such as Twitter are great for expanding awareness of companies and I think it is causing both good and bad-but this can be said about anything. There are many obvious benefits of social networking sites and if people chose to participate in them then they need to be aware and acknowledge that they are potentially at risk for hackers.

  3. Pingback: If Twitter is one of the most dangerous social networking sites … | CS3 Solutions LLC

  4. hhoma says:

    This is very interesting.. and nerve wracking! I have been very resistant to Twitter for a long time, and this post is making me resist it even more! I feel as if I am stuck when it comes to Twitter: I really want to learn how to use it because I know that it can be a great tool to help a client one day, but I do not want an account for myself. I really just do not want to have my name all over the Internet, but I know that I could benefit from having professional accounts with Twitter, Facebook and LinkedIn.

    To be completely honest, all of this social media is making me dislike the direction that PR is going. It seems like I’m hearing about new sites and tools everyday, and I hate the worrying feeling of having to keep up (because if I don’t, it will potentially hurt my future). Not only do I worry, but I also feel completely lost. I actually have two twitter accounts, (both which I don’t use but was forced to create for a class and an internship) and I don’t know how to even use them!

    So I am very pessimistic about learning Twitter for the following reasons:
    1) As I already mentioned, I don’t want my name to be all over the Internet (and I was told by a teacher that if you have privacy settings on your account, then there’s no point to having an account).
    2) I feel like another social media tool could become popular soon and Twitter will become old news.
    3) And now I have to worry about hackers if I ever do decide to join the bandwagon…

  5. dolson says:

    I think being safety/security savvy online, in this case with Twitter, is no different than in real life. You wouldn’t leave your front door unlocked or your windows open while you are away or asleep; you wouldn’t leave your iPod on the front seat of your car while you go to class. So you shouldn’t have a weak password for Twitter (or any Web site you are logging into). Having a complicated and unique password for each site you use makes good sense.

    As for fake accounts and bogus links, again, just be a little more cautious. I don’t have many Twitter followers, so I’m at a low risk of being hacked; everyone I know whose Twitter account has been hacked has hundreds of followers. Spammers are opportunists: if you have a weak password, and many followers to be duped, the spammers will do their thing. Every once in a while I find I have a new follower, and the first thing I do is check their profile. If they are following 200 people and have one tweet, I block that person right away. It looks suspicious, just as if I saw the same guy wandering around my apartment complex. It’s odd behavior, and that is a warning.

    As an aside, I think Twitter should change the tinyurl feature, something like if you hold the mouse over it, the full address will show up. Something to let you know exactly what that abbreviated link goes to.

    • kwashburn says:

      I think you bring up a good point about being cautious of fake accounts and links. It’s valuable for us, as students and social media users, to be aware of these dangerous issues online. But unfortunately for some people, actually the majority of the population, they are not aware of these problems and can be sucked into hackers’ traps. I believe if they were better informed of these dangerous and misleading links and possible problems with Twitter, they would be less likely to be victims of hacking and could prevent themselves from invasion of privacy.

  6. aguido says:

    Wow I am pretty shocked by the lack of email verification on such a well-known site such as Twitter. You always wonder if a celebrity’s of famous team’s Twitter you are following is the real one when in all actuality it could be ANYONE posing as them who just happened to gain a lot of followers.

    Do they have any sort of rules for their passwords to make them safer? Many sites require you to have something like at least one capital letter, lower case letters, a number and sometimes even a character (like an underscore). More of those different types of characters increases your chances that a hacker cannot discover your password, because statistically it would be nearly impossible with so many different character variations. I know that Twitter does allow for only letters to be used as a password and that would be much easier for someone to get into. So I do see the security threat there. Luckily, Twitter updates so quickly that if you had someone monitoring it constantly at your company, they could see if someone had gone in an posted something inappropriate and hopefully be able to remove it in time… in that case, do tweets disappear from a followers feed if removed by the tweeter? That is something I would really like to know.

    The Tinyurl issue doesn’t worry me so much, because I really wouldn’t recognize a virus or dangerous site if it bit me on the nose. Unless the URL was literally imavirus.net, I wouldn’t have a clue. That is not to say others wouldn’t be as ignorant as me to such a thing, but just pointing it out.

    What is also slightly alarming from the article you linked to, “Three Ways Twitter Security Fails,” one man named Mike Murray said that “It is like having a phone conversation where you don’t know who is listening in,” in regards to Twitter. He is absolutely right. Because just anyone with a Twitter account can follow you, your company could be under the scrutiny of competitors, hackers and every other person out there who could be a threat. The article mentioned it is wise to keep in mind that you are essentially just posting to the public, so make sure it is something you would be okay having up on your site.

    I liked this topic, because many people are unaware of the threats of Twitter.

  7. tburns says:

    When reading the book, “Wikinomics,” one thing I learned was that hacking is almost unavoidable.

    Say someone hacks into the system and bypasses the privacy settings, then whose ever sight it is will have someone come up with a different code or system for the privacy settings. What happens after that is someone will find another way to get around that new system, and the process starts all over again.

    For example, I know someone who jail-broke their iTouch. He read on the Internet to see if it was illegal, which he found it was not. (It’s just frowned upon and companies ask that their customers don’t do it.) A couple weeks later, iTunes asked if he wanted to upgrade the program, so he did. His iTouch was plugged in at the time, and every application he downloaded was erased. So what did he do after that? He looked on the Internet and found another way to jail-break the new program.

    So, I understand hhoma not wanting to have a Twitter account, because nothing is really ever completely safe. There will always be someone smart enough out there to get around the system. I think what makes social media sites so appealing to PR, though, is that transparency and that ability to see and know everything people put up on the Internet. It makes understanding and communicating with stakeholders that much easier. However, if people get so afraid to put information out there because of hackers, what use will the information/social media sites be if all that is posted is superficial and formal?

  8. a_hundza says:

    I think this was a great blog choice, especially with our seemingly constant focus on social media in our personal, school and job areas. I often times feel incredibly swamped with the amount of social media emphasis we have in our society now, and I know I’m not alone. So, it is no wonder that social media has also become one of the largest security issues ever.

    Like many people have said, it all comes down to being aware and safe with your information. I personally cannot believe when I see someone still has their personal address up their Facebook! There are always going to be issues with the sites, but personally I think there should have been more emphasis on security awareness for users right from the start. Our society has become trusting of these sites and very comfortable displaying any and all types of information, and each time the sites fail we are “amazed”.

    So, I’m all for security enrichment on the sites themselves, but I think no matter what there will always be hackers and there will always be site issues. We need to focus on creating a smarter user, not a smarter site.

Comments are closed.