Weinergate's Twitter Hack?
by Dan Lyons
Dan Lyons is technology editor at Newsweek and the creator of Fake Steve Jobs, the persona behind the notorious tech blog, The Secret Diary of Steve Jobs. Before joining Newsweek, Lyons spent 10 years at Forbes.
Anthony Weiner blames a hacker for sending a Twitter message with a naughty photo and, according to Dan Lyons, that's a lot easier than you think.
Weiner denies tweeting the wiener, and there is no proof that the wiener even belongs to Weiner, but if the wiener is not Weiner's and if Weiner did not tweet the wiener, then to whom does the wiener belong and how did it get tweeted from Weiner's Twitter account?
Rep. Anthony Weiner's Twitter feed.
These are the pressing questions in what has now come to be known as Weinergate, a would-be political scandal that began over the weekend when someone supposedly sent out a photo of a bulge-bearing pair of men's jockey shorts from the Twitter account of Rep. Anthony Weiner, a influential Democrat from New York.
The intended recipient of the photo was a young woman in Seattle who says she's a fan of Weiner's politics but has no interest in his bulges and is not his girlfriend.
Weiner claimed his Twitter account was hacked.
Right-wingers like Andrew Breitbart at BigGovernment.com gleefully pounced on the story, saying Weiner had been caught sending a naughty photo to a young lady who is not his wife.
Left-wingers on DailyKos, examining time stamps onphotos and tweets, claim the whole thing was a hoax perpetrated by right-wingers?perhaps Breitbart himself?looking to smear a liberal.
"It's just someone with intent and access to a Web browser."
So how plausible is Weiner's claim that hackers broke into his online accounts? After all, that's the same excuse that Rep. Christopher Lee lamely tried to use in February when he was caught sending a shirtless photo of himself to a woman he was hoping to meet via a Craiglist personal ad.
Herbert "Hugh" Thompson Well, according to Herbert "Hugh" Thompson, a computer security expert, breaking into someone's email or social networking account can be relatively easy to do.
You don't have to find out the person's password. Instead, you just need to trick a site into letting you reset someone's password. It turns out that's not so difficult. The system will validate your identity by asking you to answer one or two security questions, like, "What is your father's middle name?" or "What is the name of your favorite pet?"
And that stuff, these days, is pretty easy to find. "Fifteen years ago the only people who would know your biographical information were people close to you, but now because so much information about you is being broadcast online, and not just by you but by your friends, your sister, your mother, your cousin?it's so easy for someone to quote-unquote `know' you," says Thompson, an adjunct professor at Columbia University who teaches a course called "Software Security and Exploitation."
A few years ago Thompson used this password reset method to gain access to bank accounts belonging to friends who gave him permission to do it. Thompson wrote an article for Scientific American explaining exactly how to do it.
"It was a lot easier than I thought it would be," he says.
will kate middleton william and kate marry zooey deschanel cd zach galifianakis bill
沒有留言:
張貼留言