{"id":11964,"date":"2009-07-19T15:20:47","date_gmt":"2009-07-19T14:20:47","guid":{"rendered":"http:\/\/www.pasteris.it\/blog\/?p=11964"},"modified":"2009-07-19T15:22:46","modified_gmt":"2009-07-19T14:22:46","slug":"lanatomia-del-buco-di-twittter","status":"publish","type":"post","link":"https:\/\/www.pasteris.it\/blog\/2009\/07\/19\/lanatomia-del-buco-di-twittter\/","title":{"rendered":"L&#8217;anatomia del buco di Twittter"},"content":{"rendered":"<p><a href=\"http:\/\/www.techcrunch.com\/2009\/07\/19\/the-anatomy-of-the-twitter-attack\/\">Techcrunch riassume e integra<\/a><a href=\"http:\/\/www.pasteris.it\/blog\/2009\/07\/16\/twitter-a-maglie-larghe\/\"> la storia della violazione di sicurezza a Twitter<\/a><\/p>\n<blockquote><p>The Twitter document leak fiasco started with a simple story that personal accounts of Twitter employees were hacked. Twitter CEO Evan Williams commented on that story, saying that Twitter itself was mostly unaffected. No personal accounts were compromised, and \u201cmost of the sensitive information was personal rather than company-related,\u201d he said. The individual behind the attacks, known as Hacker Croll, wasn\u2019t happy with that response. Lots of Twitter corporate information was compromised, and he wanted the world to know about it. So he sent us all of the documents that he obtained, some 310 of them, and the story developed from there.<\/p>\n<p>It\u2019s clear that Twitter was completely unaware of how deeply they were affected as a company &#8211; when Williams said that most of the information wasn\u2019t company related he believed it. It wasn\u2019t until later that he realized just how much and what kind of information was taken. It included things like financial projections and executive meeting notes that contained highly confidential information.<br \/>\n<!--more--><\/p>\n<p>We\u2019ve already said a lot about all of this and the related \u201cserver password = password\u201d story that was discovered by another individual last week. But we\u2019ve got two more stories to tell. The first, this post, is exactly how the hacks took place, based on information gathered from hours of conversations with Hacker Croll. The second is what was happening behind he scenes with Twitter as the story unfolded. We\u2019ll post that later this week.<\/p>\n<p>When the story first broke the true scope of what had taken place and how it occurred was not understood. Various bloggers speculated about the cause of the attack &#8211; with some placing the blame on Google while others blaming the rising trend of hosting documents in the cloud.<\/p>\n<p>We immediately informed Twitter of the information we had in our possession (and forwarded it to them), and at the same time reached out to the attacker. With some convincing, the attacker responsible for the intrusion at Twitter began a dialog with us. I spent days communicating with the attacker in an effort to gain insight into how the attack took place, what the true scope of it was and how we could learn from it.<\/p><\/blockquote>\n","protected":false},"excerpt":{"rendered":"<p>Techcrunch riassume e integra la storia della violazione di sicurezza a Twitter The Twitter document leak fiasco started with a simple story that personal accounts of Twitter employees were hacked. Twitter CEO Evan Williams commented on that story, saying that Twitter itself was mostly unaffected. No personal accounts were compromised, and \u201cmost of the sensitive &#8230; <a title=\"L&#8217;anatomia del buco di Twittter\" class=\"read-more\" href=\"https:\/\/www.pasteris.it\/blog\/2009\/07\/19\/lanatomia-del-buco-di-twittter\/\" aria-label=\"Per saperne di pi\u00f9 su L&#8217;anatomia del buco di Twittter\">Leggi tutto<\/a><\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[33,17,6],"tags":[306,328,344],"class_list":["post-11964","post","type-post","status-publish","format-standard","hentry","category-computer","category-economia","category-internet","tag-sicurezza","tag-techcrunch","tag-twitter"],"_links":{"self":[{"href":"https:\/\/www.pasteris.it\/blog\/wp-json\/wp\/v2\/posts\/11964","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.pasteris.it\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.pasteris.it\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.pasteris.it\/blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.pasteris.it\/blog\/wp-json\/wp\/v2\/comments?post=11964"}],"version-history":[{"count":4,"href":"https:\/\/www.pasteris.it\/blog\/wp-json\/wp\/v2\/posts\/11964\/revisions"}],"predecessor-version":[{"id":11968,"href":"https:\/\/www.pasteris.it\/blog\/wp-json\/wp\/v2\/posts\/11964\/revisions\/11968"}],"wp:attachment":[{"href":"https:\/\/www.pasteris.it\/blog\/wp-json\/wp\/v2\/media?parent=11964"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.pasteris.it\/blog\/wp-json\/wp\/v2\/categories?post=11964"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.pasteris.it\/blog\/wp-json\/wp\/v2\/tags?post=11964"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}