16 June 2009
Security specialist Aviv Raff has nominated this July as the "Month of Twitter Bugs" (MoTB), during which he plans to publish details of one Twitter API-related vulnerability per day. The API allows users to configure, manage and query the status of their own account using http requests. Raff has already reported that it's possible to exploit the API query to the twitpic.com Twitter image service to spread worms. Strictly speaking, these are not vulnerabilities in the Twitter API, but rather careless or error-strewn implementations of API queries by third parties.
Raff claims to have already found enough security problems in third party services which make use of the Twitter API to fill the month. He is, nonetheless, more than happy to receive information on any other problems. Raff hopes his campaign will increase awareness of potential problems when using the Twitter API in particular and Web 2.0 APIs in general.
Because all of the vulnerabilities he has identified can be used to spread a Twitter worm, he intends to give each of the affected suppliers and Twitter operators 24 hours notice prior to releasing his report. It should be interesting to see whether all the parties involved are able to fix the vulnerabilities in their implementations within the time frame.
Help, my PC with Windows 10 won't shut down properly
Since upgrading to Windows 10 my computer won't shut down properly. I use the menu button shutdown and the screen goes blank, but the system does not fully shut down. The only way to get it to shut down is to hold the physical power button down till it shuts down. Any suggestions?