Our wholly insecure web

Our wholly insecure web

“The internet is poorly designed from a security perspective and last week’s Tweetdeck Twitter client cross-site scripting incident serves as a salutary reminder.

Having left the web version of Tweetdeck running in a browser tab, I like many other users of the otherwise excellent Twitter app, encountered a dialog on the page that shouldn’t have been there.

That’s panic stations time, because it could have meant having fully lost control of your Twitter account with all sorts of reputational unpleasantness arising as a result.”

To those that were not involved in what happened concerning twitter and tweet deck you can count yourself lucky.   This is another one of those problems that constantly appears when applications that have access to secondary websites come into play.

My questions are – why do we tolerate this?   Yes we know that tweetdeck rushed to fix the problem but why did the problem arrise to start off with

Roger Smith, is an educator. Teaching students at ADFA (UNSW) and showing them how vulnerable they are to cybercrime.

He is also CEO at R & I ICT Consulting Services Pty Ltd, an Amazon #1 author on Cybercrime and founder of the SME Security Framework. He is a Consultant who specialises in inexpensive and highly effective security strategies for small and medium businesses and not for profit organisations.

He has developed and authored the SME Security Framework and the Security Policy Training Course which are considered to be the definitive guides to helping SME's protect their organisation using the principles of Technology, Management, Adaptability and Compliance.