Twitter security: There's still a lot of work to do by Don Reisinger, Webware (Feb 12)
New term - clickjacking - and that's what malware artists do in twitter.
"There are two potential security issues currently plaguing the popular social network: the popular use of link shorteners like TinyURL that lead users to unknown destinations, and a single login system that some hope will be fixed with the arrival of OAuth."
Interesting especially for what he says about using TinyURL's preview feature. "TinyURL's preview feature doesn't require registration and instead asks to place a cookie on your machine. Once you surf to the company's preview page, it asks if you want to enable a TinyURL preview. If so, you only need to click the link on the site and from that moment forward, any TinyURL link you click in Twitter or elsewhere across the Web won't immediately send you to the destination site. Instead, you will be redirected to a TinyURL preview page that allows you to examine the link and decide if you want to go to the respective page."
Posted by Gwen at February 13, 2009 01:08 PM