6
This content is rated TV-MA, and is for viewers 18 years or older. Are you of age?
Sorry, you are not old enough to view this content.

Inside Scoop: Twitter's advice to media after high-profile hacks

About Video Transcript

Inside Scoop: Twitter's advice to media after high-profile hacks

4:30 /

Twitter wants to make one thing clear to the media -- it takes two to protect Twitter accounts. Twitter sent out a warning memo asking media groups to do their part to protect passwords after several high-profile accounts were hacked. CNET's Sumi Das and Seth Rosenblatt have the Inside Scoop on what Twitter is doing to prevent future hacks, including work on two-factor authentication.

-Hello and welcome to Inside Scoop. I'm Sumi Das and joining me is Seth Rosenblatt. -Thanks. -Thanks for being with us. -Thanks for having me on again. -He's Senior Writer for CNET. And today, we're talking about Twitter and this high-profile hacks that have happened recently. -Uh huh. -AP News got hacked. CBS got hacked- -Our game former player. -Exactly, that hits close to home. -Uh huh. -And now, Twitter has released this memo, it happened on Monday. -Uh huh. -Tell us what this memo said. -Basically, it's said to companies "You're responsible for your own passwords. Good luck." -But some good advice in this memo, right? Basically-- -Absolutely. -it was sent to journalist and people that might be targeted in the future. -Uh huh. -Twitter has had a problem with spear-phishing. So, explain what "spear-phishing" is, first of all. -So, "spear-phishing" are phishing attacks that are directed at specific people using information that they are likely to recognize as familiar. So, that they are basically more susceptible to the phishing attempt which is where they enter-in their password or other authentication information into a website that looks real but in fact, is they are just to steal their information. -Okay. So, what should people be doing with their passwords? What constitutes-- -That is-- -to the strong one, what constitutes a weak one. We get these advice all the time and-- -We do. -it seems like-- -It will-- it's a big deal. Traditionally, people think of having one-word passwords with a lot of funny characters in them; pound signs and dollar signs and percent signs and-- -That's no big-- -and capitals and numbers, and things like that. There're actually very hard to remember. -Yes. -And not only that and which is actually much worse, they're very easy for machine-logic to guess. The way to do it actually is to go in the other direction, choose a password that's easy to for you to remember,-- -Okay. -but harder for a machine to guess and one of the best ways to do that is to choose a multiword password that uses spaces. It's less important, although it's helpful, to have funny characters in there but if you have four random words as your password, that's really the best way to go. -And you're saying you can use spaces in your password. This is actually information and news to me. -Yeah. -So, that's acceptable for Twitter. You can put spaces in your password. -Twitter supports it, Facebook supports it-- -Okay. -Google supports it. I don't believe that Microsoft does but Microsoft does support two-factor authentication, which a lot of other services also support. -And what is Twitter doing, I mean, besides saying "Create stronger passwords"-- -Uh huh. -and "Change your passwords"? What-- they're actually doing some-- taking some security measures on there in too? -They are. They are apparently working on two-factor authentication. -Uh huh. -That's a big step. -Yeah. Let's explain what that is. -Sure. So, two-factor authentication, or 2FA as it's called, involves using two of three different kinds of information to authenticate that you are who you say you were when you're logging in. -Okay. -There's a knowledge component. So, that can be a password or a pattern or a pin number. There's a physical component, an ATM card or a Smart card of some kind, or there can be a biometric components such as a fingerprint. -Okay. Twitter doesn't have this yet. -Does not. -Do we know when it's coming? -We don't. -Okay. -There are a lot of services that do offer it. Google has it, Facebook has it, Amazon Web Services has it, Dropbox has it, Microsoft has it, Hotmail, Yahoo uses it. There's a lot of high-profile services that do use 2FA which is great, however 2FA is still susceptible to spear-phishing which is kind of phishing that's been used in the past to get people's Twitter account passwords. And at the end of the day, there is no such thing as a 100% secure authentication method. -If you're not a member of the media,-- -Uh huh. -you're not a journalist,-- -Uh huh. -should you be worried about these, sort of, spear-phishing attacks? -I think you should be concerned. I think it's always important for people to remain vigilant about opening emails. It's less of a concern now with attachments whenever one is using a webmail. It's much more important that when you look at an email, they, you know, you're taking a look at who it's coming from, the domain of words coming from, the link. If you click on a link, before you do, take a look at it, see where it's going. If it says something like being that or something weird and you're looking for your bankofamerica.com-- -Right. -then you've got a problem and you probably just to leave the email. -Right. Okay. All right. So in the meantime, we'll just keep watching for Twitter to release that two-factor authentication. -Absolutely. -Seth, thanks you so much. -Thanks a lot. -For Inside Scoop, I'm Sumi Das. Thanks for watching.

New releases

Tomorrow Daily 140: Google's Atari AI, a futuristic doghousedoghouse for £20,000 and more
26:40 March 5, 2015
On today's show, we check out an impressive robot that could be a precursor to dinosaur robots, an AI build from Google that learns...
Play video
The push to make VR headsets mainstream
1:42 March 5, 2015
Video games are literally going to people's heads. At the Game Developers Conference, virtual reality headsets were all the rage as...
Play video
Inside Scoop: Watches and what else to expect from Apple on March 9
2:49 March 5, 2015
CNET's Kara Tsuboi and Shara Tibken talk about what news might emerge from Apple's upcoming media event in San Francisco. Price and...
Play video
Hackaball brings the iPad to the playground, Ep. 194
4:37 March 5, 2015
This week on Crave we get to play with the Hackaball at the playround, find out what it would be like if Wes Anderson directed an X-Men...
Play video
Meerkat mania: Live-streaming app is new Twitter trend
2:50 March 5, 2015
Learn how to broadcast video on Twitter with Meerkat, get the band back together for Rock Band 4, and let Google be your bartending...
Play video
Netpicks: Free TV episodes and new movies on iTunes for March 2015
1:51 March 5, 2015
It can be hard to catch all the new shows on TV, so Apple's made some premieres free for a limited time. Plus, iTunes gets some movies...
Play video
Kyocera heads for Europe with the rugged Torque
1:07 March 5, 2015
The durable and waterproof Kyocera Torque (s701) sports a 4.5-inch display and sets sail for Europe in the spring.
Play video
Gionee Elife S7 is a super-thin smartphone
1:01 March 5, 2015
This smartphone is a mere 5.5mm thick, and has a 'chameleon' app that themes your mobile around colours picked out by the camera.
Play video