Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
Twitter: Our investigation is still ongoing but here’s what we know so far (twitter.com/twittersupport)
242 points by jc_811 on July 16, 2020 | hide | past | favorite | 11 comments


This thread and the one about the Vice article at https://news.ycombinator.com/item?id=23853786 are close enough that I guess we should merge them.

The main thread about the hack is https://news.ycombinator.com/item?id=23851275.


Neither has any meaningful details on the penetration itself...

> We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.

...this could mean anything. Seems like they simply want to portray themselves as the victims, even though it's very possible one of their own employees was involved.


Am I the only one confused? The "headline" offers no information, other than there is an ongoing information. I click on the title and I see two tweets. One says people can tweet again, the other is essentially a repeat of the game. And that is it. Am I supposed to make up my own story now? Or read a bunch of random tweets to figure out what these two tweets are about? Like how is this site usable for anything? Reading the comments here, it seems someone hacked some twitter Asia , but that is all I've gleaned so far.


they made the completely user-unfriendly decision that when you're signed out at least, linked tweets you land on do not unfold the replies below, but rather some facebook-tier 'you may like' type unrelated garbage. You have to click the tweet again, to go to the same url (!) but with the normal display


Just click on any of the tweets (like the second one), to open the thread: https://twitter.com/TwitterSupport/status/128359184496275046...


If you’re not signed in, click on the date/time of the last tweet


You could use the Thread Reader App for that (and reading other Twitter threads as one article)


> Once we became aware of the incident, we immediately locked down the affected accounts and removed Tweets posted by the attackers.

@elonmusk was posting and deleting the scam tweets for hours. In what world is that "immediate"?


In the world where they're trying to mitigate PR outrage and legal fallout.


Once they knew what to do they did it, yaay!

How is it possible that it took them hours to figure this out is unimaginable.


Shameless plug: All the companies(Google, Microsoft...) are telling trust us. But, I believe that we should trust us instead of relying on third parties. They always change when businesses interest changes. This is where web3 is coming to play. Technologies like IFFS, safe network are coming. Looking at the scale issue, I guess this web3 takes at least 5 more years. But, this kind p2p technology is possible with small-scaled mesh. Mesh networks within our devices or families. From the beginning, I hate the idea of storing passwords in the third-party password manager. Later, I fell into the same trap because a managing lot of passwords is difficult. So, I building an open-source p2p password manger. Replicates the passwords within your devices, instead of storing everything at the vendor's cloud. It's half-way for the closed beta release. I would like to hear everyone's feedback on this idea.

Thanks




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: