How did Twitter CEO Jack Dorsey's account get hacked?

Originally published at: https://boingboing.net/2019/08/30/twitter-ceo-jacks-account-g.html

1 Like

There’s probably a good reason that I shouldn’t laugh at this, but…

gosling-repressed-laugh

11 Likes
11 Likes
15 Likes

As someone tweeted there 45 could also be potentially hacked and tweet out racist stuff, but… How could we tell…?

17 Likes

It’s odd that @jack was taken over before @realDonaldTrump. Which one of those do you think is more likely to have two-factor enabled, a strong password, not have any active session tokens on a 5-year-out-of-date Android phone…

5 Likes

Ambien… you’ve got to stay away from that Ambien.

4 Likes

this reminds me that we’re all thinking nation states are trying to hack the US election systems - what if these indie hacking “groups” also are taking shots at it for “fun” if nothing else

Good thing we don’t live in an era where any one person’s twitter account can have a profound and immediate impact on global markets and international relations.

Also, who wants to bet that 45’s Twitter password is just “Trump”?

16 Likes

I’ll acknowledge at the outset that nothing usable is unhackable. (Probably even unusable things are always hackable.) So I’m not mad that Twitter’s CEO’s Twitter account was hacked, exactly. There exists, somewhere on the planet, sufficient brainpower and willpower to do this, always.

However.

This especially sucks because it’s going to give a shit-ton of cover to the next thousand public figures who accidentally dance a little too far over that line and get caught tweeting something racist/sexist/*ist that goes viral. “Oops, I was hacked! And that’s a totally valid excuse because even the Twitter guy himself was hacked!”

7 Likes
6 Likes

Jump back, jumpin’ Jack;
Yo’ shit’s done been hacked
You okayed all that smack
Now enjoy the resulting flack
You opportunistic sad sack.

9 Likes

That’s what makes it such a scary scenario - we probably couldn’t. Using a hackable platform controlled by someone else to release official government statements and announce policy is bad enough - combined with an already deranged president, that’s a recipe for potentially creating enormous chaos.

Trump’s already manipulating the stock market with his tweets (sometimes illegally); if someone took control of his account, they could easily profit off huge fluctuations if they announced that, for instance, the US was going to war with China, Iran, etc. It’s plausible enough that Trump would actually make a declaration of war that way to have a real impact. Given his penchant for declaring things that take the rest of his administration by surprise, and tweeting at hours when the rest of government is asleep, it could be quite a while before corrections could be made, too.

Testing the waters? Or maybe this person was just afraid of the consequences if they did it with the president’s account. I can’t imagine they face any penalties for doing it to jack.

4 Likes

The answer is, as usual at Twitter, hapless techies reporting to feckless managers. This time they crossed the streams and Jack got burned.

Hold on, you need a service to tweet via sms now? I thought the whole reason Twitter’s posting length was constrained was because SMS was the original UI. When did they rip that out?

1 Like

I am Jack’s lack of security.

14 Likes

You can still text 40404 with your message to post directly to Twitter from your phone. It sounds like Cloudhopper is just another service that let you do that, which Twitter bought and just never shut down.

Twitter never actually removes anything (except from their public API). You still can’t start a tweet with "M " (that’s capital M and then a space) because it’s an archaic holdover for starting a DM conversation via SMS.

3 Likes

That would be a change, how, exactly?

5 Likes

Would be fun to try to guess it, but I really don’t want the CFAA charges.

Fuck an edit function. Get rid of the goddamn Nazis. Give me a button which does that, and if Twitter wants, it can also be heart shaped.

7 Likes