Comments on: Social networks could be secure! http://blogs.kuppingercole.com/kuppinger/2009/10/22/social-networks-could-be-secure/ KuppingerCole Wed, 08 Feb 2012 09:08:03 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Tweets that mention Social networks could be secure! | Martin Kuppinger -- Topsy.com http://blogs.kuppingercole.com/kuppinger/2009/10/22/social-networks-could-be-secure/comment-page-1/#comment-167 Tweets that mention Social networks could be secure! | Martin Kuppinger -- Topsy.com Thu, 22 Oct 2009 08:53:55 +0000 http://blogs.kuppingercole.com/kuppinger/?p=221#comment-167 [...] This post was mentioned on Twitter by Kuppinger Cole, pramatr. pramatr said: RT @kuppingercole: Social networks could be secure! http://is.gd/4vkXZ [...] [...] This post was mentioned on Twitter by Kuppinger Cole, pramatr. pramatr said: RT @kuppingercole: Social networks could be secure! http://is.gd/4vkXZ [...]

]]> By: Ed (pramatr.com) http://blogs.kuppingercole.com/kuppinger/2009/10/22/social-networks-could-be-secure/comment-page-1/#comment-169 Ed (pramatr.com) Thu, 22 Oct 2009 08:48:49 +0000 http://blogs.kuppingercole.com/kuppinger/?p=221#comment-169 "Security has to be done by design, from the very beginning. Otherwise it is hard to implement it" January saw an 18 year old hacker get admin rights to twitter by running a dictionary attack against a known admin account. There was no password policy and no failed logon limit. A simple script left to run overnight was all that was needed to give the hacker access to obama's twitter account. You can go to twitter today and do the same thing again. The problem with introducing new security measures into existing applications, with users in the millions, is the repercussions. The crux of whether existing social network applications can be secured is whether a business is willing to deal with these repercussions or deal with the consequences of being compromised - if it ever happens. "Security has to be done by design, from the very beginning. Otherwise it is hard to implement it"

January saw an 18 year old hacker get admin rights to twitter by running a dictionary attack against a known admin account. There was no password policy and no failed logon limit. A simple script left to run overnight was all that was needed to give the hacker access to obama's twitter account.

You can go to twitter today and do the same thing again.

The problem with introducing new security measures into existing applications, with users in the millions, is the repercussions.

The crux of whether existing social network applications can be secured is whether a business is willing to deal with these repercussions or deal with the consequences of being compromised – if it ever happens.

]]>