Security issues with allowing access to third-party apps and websites were brought to the fore last week, after a photo-sharing site was forced to disable its sharing of Twitter images. We Heart It experienced what was possibly a stream hack.
Some users of micro-blogging platform Twitter saw a number of Tweets in their timeline, all saying, ‘If I didn’t try this my life wouldn’t have changed’, and were prompted to click on a link. A number of the posts featured the tag ‘weheartit.com’.
The following day, We Heart It Tweeted that it had turned off its Twitter sharing feature and disabled the ability to sign in.
We Heart It had previously enabled the Twitter stream with Twitter’s extended API function.
However, there was a downside to the API access in that, even if a user changes their Twitter password, access typically continues due to the app or other service being able to reach the API portal directly.
The cause of the spam is being looked into by both Twitter and We Heart It. The latter’s president, Dave Williams, spoke to Ars Technica, saying that it has blocked malicious activity.
Users may be more wary of providing their details with news like this, and other businesses looking to create an app will need to take this into account. A company will need app-conscious security staff on board to ensure that the software cannot be easily exploited by hackers. Posting an advert for information security jobs certainly wouldn’t go amiss to ensure an experienced, qualified individual is in place.
Send us your CV and have our recruiters match you to the ideal opportunities
Do you already have an account with us?
Log inWant to have an account with us?
RegisterWant to just send us your CV?
By submitting your registration and CV to us you are agreeing to join our database and to be contacted about relevant jobs industry communications. Please read our terms of business for more information.