Twitter restores @N to Naoki Hiroshima


#1

[Permalink]


#2

Digital sharecropper reunited with favorite address by benevolent landlord.


#3

I dunno.

Sharecroppers actually relied wholly upon the land they were allowed to use for their entire subsistence. I don’t care how special your twitter account is, your entire livelihood doesn’t depend on it, so I can’t get behind that comparison.

That said, it’s nice to hear that things have been put right. Malicious hackers are real jerks.


#4

How does someone with the frop to snag a single-letter username still depend on Godaddy?


#5

Let this be a lesson to you: The only way to protect your rights is to be famous enough to kick up a media shitstorm.


#6

Phew, now I can sleep again.


#7

I’ve never heard of this guy before, but I am friends with P.


#8

That angle is fair. Anybody with free time to devote to tweeting is markedly less screwed than an actual sharecropper on basically any economic measure (and probably most social/status ones as well).

My reaction was mostly based on vague and slowly waxing irritation at the (pretty much 100% consistent, across all outlets discussing the incident) deeply misleading, and really rather odd, tendency to write the story as though ‘there’s this guy, who owns a precious thing, and the precious thing gets stolen by a wicked thief, and will it be recovered by the end of act II?’, when “@N”, (the one that people care about, you can have your own, forever-alone twitter with whatever username you want, of course) is, continued to be, and never ceased to be, during the entire affair, nothing more than a smattering of data on Twitter’s systems, along with a corporate policy decision about whether or not to forcefully override the automated results of the access control mechanism in response to user pressure.

That’s so… utterly… Other to anything resembling ‘ownership’ that it just started to grate after a while.


#9

Dang First World Problems, eh? :smiling_imp:

Not sure which is weirder how stupid we can be about what ought to be a simple thing, or how hung up we can get over how stupid we can be.


#10

I too fail to give a shit. What I’d like to know is, what systems and processes allowed Mr. Hacker to do what he did, and is even the least effort being made to plug security holes? Has Twitter - and the web at large - learned anything? Is there anything stopping him from going right back after @N? What about @O, @P, @Q…?


#11

No wildly useful lessons. GoDaddy is still cheap, abusive shit. Social engineering is still easier than real hacking, and often more powerful. Customer support is lousy enough on services you pay for, and downhill from there. The probability that a given longish-term user of the internet has a web of (some active, some forgotten) accounts, email addresses, ‘security questions’ and similar nonsense large enough that they’ve forgotten parts of it, and densely connected enough that anybody with a brainstem and access to basic biographical data can probably find the single thread that allows them to unravel the entire mass, just by chaining reset-requests and pretexting phone drones still approaches 1.

It’s a disappointing story, really; but for every hack that pupates into a code patch (much less an actual lesson about something, rather than yet another buffer overflow), I don’t even want to think about how many of these get pulled.

It mostly reads like the sequel to this one, with a few variations in the details.


#12

What confuses me about the story, is how valuable could such a username be to any hacker, really? As soon as word gets out, it becomes more associated with extortion than with single character hipness.


#13

I suspect that if you have asshole friends, extortion is also a status symbol…

And, given how long Twitter sat on its hands and did nothing, despite this being one of only 26 maximally-iconic usernames, the attacker apparently did an atypically good job of sowing enough doubt/possible legitimacy/something to have had a reasonably credible shot.

Given the PR issues at play, and the fact that Twitter currently has a giant market cap made mostly of magic internet optimism to consider, the attacker must have had something pretty good (or twitter some sort of major malfunction extending well up the food chain and into the power-wielding humans) to make the attack stick for as long as it did. If I’d been betting, I’d have put the time-to-resolution at well under half what it ended up being, and most of that just being allowance for Official Postage to work its way back and forth between the contending parties…


#14

Or enough WMDs to make the security council blink, along with an elite guard of fanatical henchmen…


#15

This topic was automatically closed after 5 days. New replies are no longer allowed.