University Research Team Outlines TweetDeck Hack

11/06/2014

News image

This news item is covered in The Conversation.

On 11 June 2014, there was a major hack on TweetDeck which caused many messages to be send from TweetDeck. The message from Twitter at 5:59pm outlined:

We've temporarily taken TweetDeck services down to assess today's earlier security issue. We'll update when services are back up.

The university team have now analysed the back and have outlined it here.

Some text is:

Almost every day we see new threats with the security of applications. At one time our problem was with viruses and worms, where malicious code hide themselves on systems and aimed to trick the user into installing themselves on the host system, and then do damage.

The world is changing though, were we are moving into the Cloud, and where code is run on Web servers, and where are data is stored within Cloud-based systems. In the past, software development teams would spend a great deal of time testing their programs for a range of activities, and often test them to destruction.

The new code now runs on severs, and produces HTML and JavaScript, which has never been designed to be secure. Along with this the teams who are writing Web-based code often have little training in how to actually test their applications. With many native code programs, such as for Windows and Mac OS, we often see code which is extensively tested, but because of the horrible HTML and JavaScript code, there is often a lack to testing of the user interface and the associated middleware software.

It’s a well-known problem in testing, as testers who test their own programs often do not exercise them in a way that we make them break. This article outlines the key elements of designing computer software, and highlights the specific example of the Tweet Deck hack.

The rest is at:

http://billatnapier.wordpress.com/2014/06/11/tweetdeck-hack-the-lesson-of-poor-software-design-and-testing/

 
[Read More]

Associated people

William Buchanan
Director of CDCS
w.buchanan@napier.ac.uk
+44 131 455 2759
Cyber-Security
Electronic information now plays a vital role in almost every aspect of our daily lives. So the need for a secure and trustworthy online infrastructure is more important than ever. without it, not only the growth of the internet but our personal interactions and the economy itself could be at risk.

Resources