Business Startup - Business News - Business Loans

Twitterank Might Not Have Been a Phishing Scam, But It Was Fascinating

Posted by Internet Guru
November 15, 2008

This week has seen an incredible amount of interest around Twitterank, a new tool that popped up that computes a numerical score of … something.

At first, no one was really too sure what Twitterank was computing, but, it related to Twitter, one’s perceived popularity, and had a quirky site, so, why not enter in your credentials and see what the site had to say about you seemed to be the thinking.

Alas, as word of Twitterank spread (through automatic tweets of people’s scores), concerns arose that the site might be stealing user passwords, as Twitter users began seeing Tweets pop up in their timeline that they thought they didn’t make themselves. The phenomenon is perhaps best summarized by one of our commenters, Michael Bailey, who wrote:

“This whole password stealing rumor got started when a few people who did NOT bother to uncheck the box for sending their Twitterank to Twitter. Then it became a matter of self-preservation expressed in the form of “I did NOT give them permission to send that to Twitter” – well, yes they did because of the default setting, which they didn’t bother to read.

So, as most self-preservation of ones ego goes, many people began the rumors that the site must be stealing their passwords, even rumors of DM’s being sent from their account.”

In other words, the user flow on Twitterank – automatically tweeting one’s score unless the user explicitly opts out – was apparently enough to confuse a lot of people into thinking their accounts had been compromised. Additionally, you could (and still can) enter anything into

the “password” box on Twitterank and have your score computed, although this won’t post your score to Twitter since it can’t be authenticated (although several commenters dispute this).

Twitterank’s developer, now known to be Ryo Chijiiwa (@ryochiji), has noted in his blog that he regrets these decisions, writing “I probably would’ve done 2 things differently. Firstly, I would’ve come up with an algorithm that works with Twitter’s Search API, which doesn’t require authentication. Secondly, I would’ve handled posting to twitter differently, which would’ve sacrificed virality, but after today, I’m not so sure insane rapid growth is really worth it.”

Indeed, the design of Twitterank certainly had much to do with its massive word-of-mouth spread, and it’s still Twitter’s #1 trending topic today. This design is also what led to speculation that it might be a phishing scam – a fire we added fuel to by simply asking our readers: “Is Twitterank Ranking Your Popularity or Stealing Your Password?”

The answer now appears to be the former, though the design flaws of Twitterank are certainly a valuable lesson for anyone building a Twitter application, or, on a more serious note, applications that actually do important stuff (as a recent victim of being opted into a credit card scam, I can relate). And for users, the Twitterank “scare” was an important reminder to keep your passwords safe, and use a diversity of them. After all, if something as innocuous as Twitterank was actually a phishing scam, it could easily be parlayed into accessing email, bank accounts, and other sensitive data.

As for Twitterank’s future, it’s self-deprecating developer probably describes it best: “by tomorrow, most of Twitterdom will have forgotten about Twitterank. Thank goodness for short attention spans.”

Via Mashable

Related Posts:

  1. Is Twitterank Ranking Your Popularity Or Stealing Your Password? Something called “Twitterank” has been #1 on Twitter’s trending topics...
  2. Google Chrome Claims Facebook May Be A Phishing Site (Update: Safari Too) Conspiracy theory lovers are going to have a field day...
  3. Facebook Security Advice: Never Ever Enter Your Passwords On Another Site, Unless We Ask You To After the recent outbreak of a worm that hacked user...
  4. Honest Turbo Cash Generator Review! This Is A Scam This Is an honest Turbo Cash Generator Review! I bought...
  5. Profit Lance Review – Another Make Money Scam The Profit Lance Scam Review. Does it work or is...
  6. How to avoid work from home data entry scam Many people have the same sentiments regarding work from home...
  7. Facebook U.S. Visits Increase 194% Over Past Year; Tagged is Beating Twitter? New data released from Experian Hitwise reconfirms what we’ve known...
  8. MySpace Expands Twitter Syncing To Six New Countries Yesterday MySpace launched two-way syncing with Twitter for U.S. users,...
  9. How do you spot and avoid an online data entry scam all together It’s not as easy to spot an online data entry...
  10. How can you avoid an online data entry scam It’s hard to know how many people have fallen victim...
  11. Is getting a free ipod shuffle a scam ? Get a free ipod,iphone or other item from www.freeipod4.me.uk ProofIs...
  12. Is ACN A Scam? The short answer is no, ACN is not a scam....
  13. Swapclicx Scam? What Is Swapclix Swapclix scam? I will tell you my opinion about swapclix...
  14. online data entry scam There are so many people being scammed by online data...
  15. Why CarbonCopyPRO Is Not a Scam Why CarbonCopyPRO Is Not a Scam I’m writing this article...

Social Media

If you enjoyed this post, please consider to leave a comment or subscribe to the feed and get future articles delivered to your feed reader.

Comments

No comments yet.

Leave a comment

(required)

(required)