Begin forwarded message:
From: privacy@vortex.com
Date: December 18, 2009 3:39:42 PM EST
To: privacy-list@vortex.com
Subject: [ PRIVACY Forum ] Confirmed: Twitter DNS diversion used Twitter login credentials
Reply-To: PRIVACY Forum Digest mailing list <privacy@vortex.com>
Now confirming [ Ref: http://www.nnsquad.org/archives/nnsquad/msg02460.html ]
that the Twitter DNS diversion last night was the result of someone using
Twitter's own login credentials to change DNS data at Dyn's site,
according to Dyn's CTO:
http://bit.ly/80Ve4Y (Wired)
So as suspected, this was not a "sophisticated" attack (e.g.,
DNS cache poisoning) but rather a conventional login attack.
It is interesting to consider that apparently a single
username/password pair was able to take Twitter's entire Web site
effectively offline globally.
At the very least one would hope that more advanced account control
mechanisms (e.g., certificate-based access authentication) would be
employed with critical accounts for organizations at this level.
--Lauren--
Lauren Weinstein
lauren@vortex.com
Tel: +1 (818) 225-2800
http://www.pfir.org/lauren
Co-Founder, PFIR
- People For Internet Responsibility - http://www.pfir.org
Co-Founder, NNSquad
- Network Neutrality Squad - http://www.nnsquad.org
Founder, GCTIP - Global Coalition
for Transparent Internet Performance - http://www.gctip.org
Founder, PRIVACY Forum - http://www.vortex.com
Member, ACM Committee on Computers and Public Policy
Lauren's Blog: http://lauren.vortex.com
Twitter: https://twitter.com/laurenweinstein
_______________________________________________
privacy mailing list
http://lists.vortex.com/mailman/listinfo/privacy