Ashton Kutcher Meets Firesheep, Twitter Hacked
It appears that Ashton Kutcher has become a high profile victim of Twitter’s negligence when someone at the TED conference hijacked Kutcher’s Twitter account using tools like Firesheep. The Twitter PR account @TwitterGlobalPR twitted that Kutcher should have enabled SSL by typing HTTPS in front of twitter.com, but that deflects from the fact that it’s Twitter’s responsibility to keep their users safe. I and other security experts have warned for years that online services need to enable HTTPS SSL security by default and without requiring the user to manually turn it on.
A few months ago, I issued an online security report card that flunked a few online services like Facebook and Twitter. Facebook added a persistent SSL option that users have to manually enable while Twitter wants users to manually type in HTTPS or install some other tool to enforce that setting automatically, but either solution leaves the vast majority of users wide open since they don’t know about the setting. Last weekend, we had Senator Chuck Schumer join in the fight to make security a default setting when he sent letters to these negligent online services. Ashton Kutcher is just another victim of bad online security but perhaps his pain and publicity can get Twitter and Facebook to do what they should have done a long time ago.
[Cross-posted at Digital Society]
A message from John Furrier, co-founder of SiliconANGLE:
Your vote of support is important to us and it helps us keep the content FREE.
One click below supports our mission to provide free, deep, and relevant content.
Join our community on YouTube
Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.
THANK YOU