Feeds

Twitter bans security maven for sharing naughty link

"We scan evrythng"

Seven Steps to Software Security

A well known security researcher was banished from Twitter for more than two days for including the address of a malicious website in a two-month-old dispatch.

On Tuesday, Mikko Hypponen, chief research officer for anti-virus provider F-Secure, found his Twitter account suspended with no explanation. Every one of his tweets had been erased, and those trying to visit his page found a message that said: "Sorry, the account you were headed to has been suspended due to strange activity. Mosey along now, nothing to see here."

Hypponen said his messages to Twitter officials went unanswered, as, indeed those from The Register did as well.

On Friday, his account was reinstated, and around the same time, he received an explanation of sorts. It read:

I've unsuspended your acct.
You were suspended for using the malware URL rnyspeceDOTcom in DMs.
Be careful!
We scan evrythng for malware.

This link shows Hypponen making a reference to a MySpace phishing site on August 3 that read: "I guess somebody will fall for it... a desperate Myspace phishing site at www. rnyspece. com. (don't go there)."

No, it wasn't a direct message, and no, there was no malware involved with the site. And yes, the URL contained spaces to prevent the security challenged from accidentally visiting the site. Ironically, Hypponen happened to be among the first to discover Twitter's malware filter.

The incident highlights the fine line Twitter has to walk in policing its site. As The Reg and plenty of others have pointed out, the site has become a hot bed for come ons that try to trick people into visiting sites that steal their personal information or install malware. Twitter, with its millions of dollars in financing, has an obligation to filter out at least some of the garbage.

But if it hopes to be taken seriously, it can't indiscriminately banish users who legitimately include a suspicious looking phrase or link in a message, especially one that's two months old. Just ask Hypponen, who writes on his newly reinstated account: "This sucks."

Mobile application security vulnerability report

More from The Register

next story
Yorkshire cops fail to grasp principle behind BT Fon Wi-Fi network
'Prevent people that are passing by to hook up to your network', pleads plod
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade
Misc memory hazards 'could be exploited' - and guess what, one's a Javascript vuln
NEW, SINISTER web tracking tech fingerprints your computer by making it draw
Have you been on YouPorn lately, perhaps? White House website?
BMW's ConnectedDrive falls over, bosses blame upgrade snafu
Traffic flows up 20% as motorway middle lanes miraculously unclog
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Attackers raid SWISS BANKS with DNS and malware bombs
'Retefe' trojan uses clever spin on old attacks to grant total control of bank accounts
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Reducing security risks from open source software
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.