Now it can be told (apparently). The Twitter abuse that I posted about yesterday resulted from a Twitter employee giving their password to a third party service. Someone then used that password to access Twitter with administrative rights and amuse themselves.
Part of the problem here is that the credentials required to access your account through the API are the same as those required to access the site through the Web interface. But the other lesson here for developers is that you should really split up the administrative features of your application and the end user features into separate accounts. They probably shouldn’t even use the same interface. That may be more painful for users but it eliminates a lot of risks. And of course employees should know better than to hand out their passwords to random Web sites.
Update: Turns out the password in question was guessed, not phished. Either way, it’s an argument for separating the administrative functions from the standard user interface.
Leave a Reply