Slashdot Mirror
Hacker Takes Over Oculus CEO's Twitter Account, Announces New CEO (techcrunch.com)
Another day, another high-profile becoming victim of a hack attack. Somebody managed to find a way into Oculus CEO Brendan Iribe's Twitter account late Wednesday. The hacker, who appears to be a user who goes by the alias "lid" on Twitter changed Iribe's bio and cover photo, and made a couple of interesting "announcements" -- including him becoming the new CEO of Facebook-owned virtual reality company. TechCrunch reports:This is just the latest in a string of tech CEO's having their Twitter accounts compromised, this attack does not appear to be from the same hacker group responsible for the hacks on the accounts of Travis Kalanick, Sundar Pichai, Mark Zuckerberg and Dick Costolo. Late Wednesday night, Iribe's Twitter bio temporarily read, "hey its @Lid ... im not testing ya security im just havin a laugh." The hacker told me in a Twitter DM that he accessed the password via last month's MySpace breach, he also said that he also would've managed to access Iribe's email account had he not had two-factor authentication enabled.
can't they be as least as creative as Bart Simpson's bar calls?
"Win treats sysadmins better than users. Mac treats users better than sysadmins. Linux treats everyone like sysadmins."
Ma penis! Now, in stunning hyper-reality and coming to a face-mounted apparatus near you soon.
No1Curr
The internet is loosing security creditibility.
You too can be elite if you copy a password out of a text file.
"Here Lies Philip J. Fry, named for his uncle, to carry on his spirit"
Mais um ano e meio ignorando essa bastarda é mais fácil do que 6 meses esperando essa merdinha ir embora com o mexicano dela. Vou repetir: Essa filha da puta fez brincadeira comigo, ela que vá procurar criança pra chupar longe de mim. Aliás, pergunta pro filha da puta do teu pai, como é a sensação de ter tudo que o governo brasileiro oferece pra ele ser da policia, eles dão pra ele criança pra comer, cocaína pra cheirar, seuranças pra cuidar da filha retardada... Dão de TUDO, mas não consegue me convencer a virar babá dessa espírito de porco.
AWKWARD!
Bad karma and lack security: these guys have a unique developer API policy:They own whatever you develop for their platform. (surprised anyone agreed to this..) so I say "it couldn't happened to a nicer guy". Perhaps they were eluding to what should happen later on given they way they treat the developers who for some odd reason create stuff for their platform under ethically questionable terms.
"Imagination is more important than knowledge" - Einstein
Taking a poo. Wanted to share. #yolo #willitblend #whatsthatsmell #wheresthetoiletroll
Had this been a pro they'd have sold this log-in. It seems feasible that if it were properly managed and timed, a more realistic "Announcement" could have yielded big bucks in stock trading. My wee brain can't wrap itself around someone that is smart enough to hack the account and too stupid to do anything useful with said hack. I'm going to suppose that said hacker isn't really evil. Hell, just letting the guy know privately that you did it and how you did it would probably be fairly profitable. Let's just call him clever but stupidly shortsighted.
but it's not as easily done as hacking a Twitter account.
HTC has horrible management too, with non-existent customer support, and no replacement parts available, but at least they can deliver a product.
I wish someone who knows what they were doing would produce a room-scale VR system.
I take everything on the internet very seriously.
Twitter is a communications platform.
Corporate CEOs have never been known as the brightest bunch, but some of them are showing just how stupid they by becoming twitter TWITs! If they had any brains at all, they would avoid these data mining sites like the black plague that they are!
No, just shitty breathless "reporting"
would have? or would not have
The latter implies that Iribe didn't have two factor auth on. the former implies that two factor auth is why he was able to breach? These are critical mistakes.
This is hacking now?
When are high-profile people - particularly tech people - going to learn to use any of the multi-factor auth options available to them? *I* even use it on Twitter, and I barely use Twitter. He deserved to have it hacked. And he's an asshole.
When are high-profile people - particularly tech people - going to learn to use any of the multi-factor auth options available to them?
As soon as Twitter allows a person with more than one account to use two-factor authentication on more than one account without multiple cell phone lines.
If you control both a personal account and a business account, you can expect the following error message when adding a second account: "The phone number you gave us is currently used by another Twitter account. Only one account can be used with a mobile phone at a time." (screenshot). Many major 2FA IDPs other than Twitter support TOTP, and some support U2F keys through Google Chrome. Though the Twitter Rules allow a user to manage more than one account with distinct purposes,* a user has to either forgo 2FA for one account or fork over $120 per year for a second cell phone line. Have things changed materially since September 2014 when this article was written?
Furthermore, this article claims that an account can't have more than one number, which makes 2FA impractical for multiple staffers who tweet on a single account. One might consider using a landline shared by staffers in an office, but that doesn't work either. I tried to associate my Twitter account with a landline in May of this year, but it gave an error message that my carrier was unsupported.
If any of this has changed, link me the announcement.
* As opposed to these Twitter accounts, all of which which exist to praise GNU/Linux and bash "M$".