Wow! Twitter api abused (again)... can a threat be more "mainstreamy" than this?
I've just read this newly posted article from threatpost.com on this.
https://threatpost.com/twitter-api-abused-to-uncover-identities/152521/
I guess it's a good example how "they" can get you even if you have more than an eye on your own OpSec... besides having an Twitter account that is... ;-)
These type of threats aren't going away anytime soon.
Imho the people running online services in the social media realm must be held accountable for such fumbles in a way that ensures future adequate funding of a functioning ITSM with sufficient resources in quality and security gates before stuff goes life in their services.
When risks are miscalculated it's often due to the fact that painful consequences like fines and compensations for the affected aren't substantial.
Just saying...
So, what do you think? How do you feel about other big players dropping the InfoSec and OpSec ball at your privacy cost?
Let me know in the comments!
Cheers!
Lucky