Gary Warner: Twitter Hack: From "Harmless" Exploration to Criminal Action

‘The underlying discovery for all of the Twitter mischief yesterday was that when a URL was followed by an “@” sign, whatever followed the @ sign would also be interpreted as part of the URL. The primary use of this activity yesterday was to show that a URL, even a short and unresolvable URL such as “http://t.co/” could be followed with an “onmouseover=” command which would execute whatever javascript followed when a Twitter reader moved their mouse over that URL.’

23 September 2010
15:19

About me

a friendly linkblog covering email technology, spam prevention, "deliverability," and related topics.

Box of Meat is not associated with any particular company or organization.

Lijit Search

Hate the web? Get your daily Box of Meat delivered by newfangled electronic mail!

www.flickr.com

More Meat!

Box of Meat is licensed under a Creative Commons Attribution-Share Alike 3.0 United States License.