Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest
Twitter Hack
-
21-09-2010 1:25pm#1There is a massive hack on Twitter today - take care of the following tips.
- Do not use the Twitter homepage
- Use 3rd party platforms
- Hack spreads by hoovering mouse over "infected" tweet
From thejournal.ie:TWITTER USERS ARE being advised to avoid using the service’s website and instead to use third-party applications, after a series of malicious security exploits spread like wildfire over the microblogging platform.
Shortly after noon, users began seeing large chunks of blacked-out text in timelines, which – when hovered over by users mistaking the message for blacked-out formatting – automatically filled the ‘New Tweet’ space on the page and tried to post the message.
The code in question is a JavaScript exploit which masquerades itself as a traditional hyperlink, so as to evade Twitter’s automatic filters, but triggers a sequence that automatically posts the same message to a user’s own timeline, thus continuing its spread.
Perhaps ironically, one version of the bogus “link” purports to direct to a fictional site called a.no – or, if read aloud, “Ah No”. No such site exists.http://a.no/@”;onmouseover=”;$(‘textarea:first’).val(this.innerHTML);Other versions of the malicious tweet substitutes in the ‘t.co‘ website – Twitter’s in-house URL shortening service, so as to further bolster their appearance of legitimacy.
$(‘.status-update-form’).submit()” style=”color:#000;background:#000;/
Because the exploit affects all browsers using JavaScript, it cannot be avoided unless users deactivate the JavaScript function from within their browser.
The exploit has also manifested itself as a string of tiny characters (right), which also activate the hack when hovered over:
Other users have reported seeing ‘giant text’ when logging into the Twitter.com web-based service, though it is not known if the exploit is an identical one or a similar security flaw.
Another version of the flaw – including one that infected the account of Sarah Brown, wife of former British prime minister Gordon – redirects to Japanese pornography websites.
In the meantime, third-party applications which access the server through its API should be immune from the exploit.
Click the following for details on…0
Advertisement