Help
Post your comments for LulzSec Reborn Posts 10,000 Twitter Passwords Online here
Page 1 of 1
Lulzsec Reborn Posts 10,000 Twitter Passwords Online
#2
nonseq 
- Expert
-
- Group: Members
- Posts: 4,469
- Joined: 09-August 09
- Location:Phoenix, AZ
Posted 12 June 2012 - 07:25 AM
Sarah,
The story could have been written without "naming" the perpetrators. By calling them LulzSec Reborn you feed their childish need for publicity.
The public could have been warned without even the slightest hint of promoting these children.
The story could have been written without "naming" the perpetrators. By calling them LulzSec Reborn you feed their childish need for publicity.
The public could have been warned without even the slightest hint of promoting these children.
#3
xyberviri
- Senior Member
-
- Group: Members
- Posts: 662
- Joined: 15-March 10
Posted 12 June 2012 - 10:40 AM
nonseq, on 12 June 2012 - 07:25 AM, said:
Sarah,
The story could have been written without "naming" the perpetrators. By calling them LulzSec Reborn you feed their childish need for publicity.
The public could have been warned without even the slightest hint of promoting these children.
The story could have been written without "naming" the perpetrators. By calling them LulzSec Reborn you feed their childish need for publicity.
The public could have been warned without even the slightest hint of promoting these children.
yup, your just giving them more reasons to sploit stuff.
#4
chrismckeevjpy
- Newbie
-
- Group: New Member
- Posts: 2
- Joined: 12-June 12
Posted 12 June 2012 - 11:23 AM
The actual data is OAUTH data; not passwords. Basically, twitterID, Username/API Consumer Key & Secret.
The users needs to access their settings and remove the tweetgif authorisation.
Saying it is passwords is simply sensationalist crap.
The users needs to access their settings and remove the tweetgif authorisation.
Saying it is passwords is simply sensationalist crap.
#5
deepsand
- Expert
-
- Group: Members
- Posts: 2,558
- Joined: 28-August 06
Posted 12 June 2012 - 12:45 PM
chrismckeevjpy, on 12 June 2012 - 11:23 AM, said:
The actual data is OAUTH data; not passwords. Basically, twitterID, Username/API Consumer Key & Secret.
The users needs to access their settings and remove the tweetgif authorisation.
Saying it is passwords is simply sensationalist crap.
The users needs to access their settings and remove the tweetgif authorisation.
Saying it is passwords is simply sensationalist crap.
From the description of the data posted on Pastebin, more than OAuth data were included.
And, as OAuth includes a password token, use of the word "password" in the article can hardly be deemed to be "sensationalist crap."
While each is entitled to his own opinion, no one is entitled to his own facts.
#6
dexterj
- Newbie
-
- Group: New Member
- Posts: 1
- Joined: 12-June 12
Posted 12 June 2012 - 03:57 PM
It was actually 8139 accounts - you can search for account handles that have been leaked here:
http://html-bin.apps...xIEUGFnZRi7wSEM
Its pretty basic, but strictly client side.
http://html-bin.apps...xIEUGFnZRi7wSEM
Its pretty basic, but strictly client side.
#7
chrismckeevjpy
- Newbie
-
- Group: New Member
- Posts: 2
- Joined: 12-June 12
Posted 12 June 2012 - 04:29 PM
deepsand, on 12 June 2012 - 12:45 PM, said:
From the description of the data posted on Pastebin, more than OAuth data were included.
And, as OAuth includes a password token, use of the word "password" in the article can hardly be deemed to be "sensationalist crap."
And, as OAuth includes a password token, use of the word "password" in the article can hardly be deemed to be "sensationalist crap."
Its an access token and secret; there's a difference. The article makes out like its the literal username & password; don't get me wrong its still a leak, but not quite on the scale of LinkedIn or eHarmony earlier this month.
The dump is an sql file containing the following headers...
CREATE TABLE `users` ( `userid` int(11) NOT NULL AUTO_INCREMENT, `twitterid` text COLLATE utf8_unicode_ci NOT NULL, `username` text COLLATE utf8_unicode_ci NOT NULL, `token` text COLLATE utf8_unicode_ci NOT NULL, `secret` text COLLATE utf8_unicode_ci NOT NULL, `realname` text COLLATE utf8_unicode_ci NOT NULL, `location` text COLLATE utf8_unicode_ci NOT NULL, `bio` text COLLATE utf8_unicode_ci NOT NULL, `avatar` text COLLATE utf8_unicode_ci NOT NULL, `lastupdate` varchar(250) COLLATE utf8_unicode_ci NOT NULL, PRIMARY KEY (`userid`)
#8
deepsand
- Expert
-
- Group: Members
- Posts: 2,558
- Joined: 28-August 06
Posted 12 June 2012 - 05:35 PM
chrismckeevjpy, on 12 June 2012 - 04:29 PM, said:
deepsand, on 12 June 2012 - 12:45 PM, said:
From the description of the data posted on Pastebin, more than OAuth data were included.
And, as OAuth includes a password token, use of the word "password" in the article can hardly be deemed to be "sensationalist crap."
And, as OAuth includes a password token, use of the word "password" in the article can hardly be deemed to be "sensationalist crap."
Its an access token and secret; there's a difference. The article makes out like its the literal username & password; don't get me wrong its still a leak, but not quite on the scale of LinkedIn or eHarmony earlier this month.
It's still an access credential, one that substitutes for the plain text version. And, it is one that exceedingly few readers would recognize by name, such that I doubt the title Lulzsec Reborn Posts OAuth data for 10,000 Twitter Accounts Online would have succeeded in conveying the essence of the matter to the large majority of PCW readers.
Furthermore, a Google search for lulzsec reborn usernames and passwords shows that the author of this article is not alone in choosing to use terms that are the most familiar across a broad swath of readers..
While each is entitled to his own opinion, no one is entitled to his own facts.
Share this topic:
Page 1 of 1