TechEcho

7 comments

homm88over 10 years ago

<__>: it's fake<__>: the SSL seal is missing<__>: it's a javascript edit<__>: open a https site in firefox and look at the addressbar<__>: sec<__>: yeah<__>: it DOESN'T appear if you used a javascript hack to make it go away<__>: and changed the page

评论 #8480072 未加载

评论 #8480008 未加载

评论 #8480024 未加载

评论 #8480093 未加载

评论 #8480343 未加载

评论 #8480189 未加载

ggggggggover 10 years ago

anyone care to let me know just why this is so bad? i.e. does it really matter?

评论 #8479684 未加载

评论 #8479702 未加载

评论 #8479673 未加载

评论 #8479678 未加载

评论 #8479680 未加载

评论 #8479699 未加载

评论 #8479893 未加载

l33tbroover 10 years ago

I'm not convinced. Anyone could do this "hack" with MS Paint. If it were real, then surely the proof would manifest with some kind of change of the Twitter interface.

pronikover 10 years ago

A stupid 1am question: is it common among ops teams to replace these "common" binaries by a honeypot-like wrapper which notifies the security team immediately, just in case of a complete meltdown on the web developer side?

评论 #8479936 未加载

评论 #8480016 未加载

kentosiover 10 years ago

Sorry but could someone please explain to me what the joke is about?I don't get what's going on, and cards.twitter.com throws an error page saying that the site is down :-(

hackerthenewsover 10 years ago

Has this confirmed to be real? Seems somewhat trivial of an exploit for such a large company (url-based RCE)?

kodishaover 10 years ago

i hope that twitter has 24/7 team to respond to this.

评论 #8479922 未加载

Go home Twitter, you're drunk

7 comments

Go home Twitter, you're drunk

7 comments