Comments on: Updated: Many Unknowns In Twitter Document Breach

By: Twitter: How to Increase Yor Followers on Auto-Pilot and Make Sure Cheaters are Caught

Mon, 20 Jul 2009 02:47:06 +0000

[...] Updated: Many Unknowns In Twitter Document Breach [...]

By: Richard

Richard — Fri, 17 Jul 2009 16:18:37 +0000

Passwords aren’t really enough to keep confidential data secure in the cloud. Just like traditional VPN access, companies that are serious about security should require use of two-factor authentication – a password known by the user, AND a randomly-changing number generated by a hardware token. In fact this is what my company uses for employees needing web access from outside the firewall to the internally-hosted corporate email.

I don’t know if Google Apps offers this, but it really needs it to make a dent in the corporate market.

By: A.j

A.j — Thu, 16 Jul 2009 22:51:03 +0000

Apprarently Evan Williams did not give techcrunch the go ahead on publishing the documents :

@TechCrunch @arrington "we have been given the green light by Twitter to post this information" What?! By whom? That's not our understanding—
Evan Williams (@ev) July 16, 2009

By: Griffon

Griffon — Thu, 16 Jul 2009 04:10:10 +0000

Yeah… I kind of wish that techcrunch had taken a pass…. these are not smoking gun documents that the release of can be seen to serve the public good, even in some offhand way. There is a world of difference printing a little ink around what one get’s from some inside contacts over lunch and useing stuff burgled in this fashion, and the techcrunch line about news is what they don’t want you to print… blahblah just dose not hold up IMO. The whole thing is so valley wag, in the worst possible way. Ah well, so the valley turns… I’m going to do my best to tune the rest of this out.

By: Security Breach At Twitter; Twitter Plans To Be The 1st Internet Service To Reach 1 BILLION Users! | TechDusts

Wed, 15 Jul 2009 20:38:47 +0000

[...] GIGAOM : Many Unknowns In Twitter Document Breach by Jordan Golson [...]

By: courtney benson

courtney benson — Wed, 15 Jul 2009 20:28:58 +0000

Some of the docs have already shown up on Techcrunch. From my perspective far to many companies including many Fortune 2000 types don’t pay enough attention to security issues. This is one of the reasons we hear so much about breaches after the fact. I think Twitter will all the publicity should have expected the possibility of an event and hired someone – outsourced or otherwise to provide the troops with do’s and don’t and to tighten up logical security systems.

By: Jamie Lin

Jamie Lin — Wed, 15 Jul 2009 19:27:14 +0000

Though I hate to say this, I have to agree with Arrington on this particular issue and he should indeed post the documents. Here are my thoughts:
http://linjamie.com/2009/07/15/why-michael-arrington-should-post-twitter-docs/

By: Jamie

Jamie — Wed, 15 Jul 2009 19:19:15 +0000

Twitter’s confirmation that the breach occured kinda makes that particular conspiracy theory a non-starter, no?

By: إختراق تويتر...مرة آخرى!! | تيدوز

إختراق تويتر...مرة آخرى!! | تيدوز — Wed, 15 Jul 2009 19:12:52 +0000

[...] [ GigaOM [...]

By: Jordan Golson

Jordan Golson — Wed, 15 Jul 2009 18:48:06 +0000

Yes, that’s true — and one of the major trade-offs of the cloud.

“Physical access is access,” as the saying goes. With the cloud, you (and everyone else) has “physical” access from anywhere. Sort of.

By: Krishna Santani

Krishna Santani — Wed, 15 Jul 2009 17:58:02 +0000

You can’t rely on third party applications like google doc for keeping up your confidential documents. I also think this whole episode is fabricated by Arrignton who is always interested in spreading rumors and creating controversies in order to gain some mileage.

By: WD

WD — Wed, 15 Jul 2009 17:49:31 +0000

>I suspect it comes down to poor data handling and security on Twitter’s part, and weak password reset protocols on the part of Google — not some fundamental weakness of the “cloud.”

But part of the Twitter weakness was having documents outside the domain of their control, and hence, that is part of the fundamental weakness of the ‘cloud’.