Taken From i-hacked
I hereby declare that WED JULY 1st is Twitter Security Day (#twittersec). I do so with good reason. As it stands, the guys at http://twitpwn.com/ have declared July the â€œMonth of Twitter Bugsâ€ (MoTB). Taken from their site:
Today, three years after the â€œMonth of Browser Bugsâ€, Iâ€™ve decided to declare July 2009 as â€œMonth of Twitter Bugsâ€ (MoTB). Iâ€™m doing so in order to raise the awareness of the Twitter API issue I recently blogged about. MoTB could have been easily converted to any other â€œMonth of Web2.0 service bugsâ€, and I hope that Twitter and other Web2.0 API providers will work closely with their API consumers to develop more secure products.
Each day I will publish a new vulnerability in a 3rd party Twitter service on the twitpwn.com web site. As those vulnerabilities can be exploited to create a Twitter worm, Iâ€™m going to give the 3rd party service provider and Twitter at-least 24 hours heads-up before I publish the vulnerability.
Even though I have enough vulnerabilities for this month, you are more than welcomed to send me (via emailÂ or twitter)Â vulnerabilities you find in 3rd party Twitter services. I will do my best to publish all submitted vulnerabilities. I will, of course, credit the submitter.
So what does #twittersec mean? What should you do?
Simple: On Wed, July 1st CHANGE YOUR TWITTER PASSWORD.
How many times have you given your twitter password to a third party site? Did you change your password after you did that? Well, if not here is a good time to do so. Yes, it is true that changing your password doesnâ€™t invalidate all of the â€œMoTBâ€ however, it could help stop a few.
Even more importantly #twittersecâ€™s goal is to raise awareness to the â€œMoTBâ€ and to put pressure on the developers to fix the vulnerabilities in these third party apps.