Twitter identity controversy? Or a Betwittered Bug? Oy!
I’ve gotten linked into a bit of a mess related to Twitter. It appears that a Twitter user named Tocaya posted a message, which then appeared as coming from another Twitter user, Louis Gray. Very bad news. The part where I come into the picture? BeTwittered was the source of the message. I have some investigating to do. Here’s a link to a thread discussing the issue.
You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
July 30th, 2008 at 6:47 am
There are definitely security bugs with BeTwittered.
See, for example: http://twitter.com/tocaya/statuses/872626846
I posted that. Send me an e-mail to louisgray@mac.com and I can explain.
July 30th, 2008 at 7:00 am
Thanks Louis. I really appreciate you letting me know about this. I’ll email you right away.
thanks,
Robert
July 30th, 2008 at 1:55 pm
Thanks to Louis Gray, I have zeroed in on the security issue. I’m glad to find that it requires a specific set of circumstances to create the issue. Now that I know what the issue is, I will begin working on a fix today, and implement it as soon as possible.
Thanks,
Robert
July 30th, 2008 at 6:19 pm
BeTwittered Bug squashed.
I hadn’t made it clear, but the bug found appears to be unrelated to the original controversy. In investigating things, Louis Gray came across a security bug and let me know the details and how to exploit it. I used the info he gave me to track down the actual bug in BeTwittered and fix it.
I’ve tested the fix in IE, and Firefox. I’ll be working through other scenarios over the next few days, but I’m confident that the bug Louis Gray found is fixed up.
Thanks,
Robert