President Obama’s Twitter Hacked !

As we all know, Twitter is a micro-blogging website used by millions of people including politicians, movie stars, sports celebrities and so on. People use this medium to express their opinions in a status message format which can’t be longer than 140 characters.

http://news.bbc.co.uk/2/hi/europe/8586269.stm

The above news article is about a young Frenchman who hacked into President Obama’s Twitter account. The accused confessed that he cracked passwords by simply trying different possibilities. He also said that it is against his ethics to steal or destroy any information and that his only aim was to prove that twitter is vulnerable to attacks.

The hacker’s act is clearly a cybercrime, however it has made everyone doubt and worry about the website’s security policies. This is called “White Hat” hacking, or ethical hacking, where the hacker’s only intention is to expose the security flaws of a particular system or website.

Now the obvious question is whether anyone can claim to be a “white hat” hacker and get involved in these types of activities?
In my opinion, if ethical hacking becomes an excuse for malicious hackers then there is no end to it. “White hat” hackers should be recognized legally and should work under a recognized firm and hacking should be part of their profession, not their hobby.

http://www.bbc.co.uk/news/10409802

Since the accused was unemployed and hacked into Obama’s account by sheer personal interest, he was given suspended jail terms.

On another note, to what extent is Twitter to be blamed in this hacking issue? Generally speaking, is a single password enough to verify identity when it comes to social networking websites?

4 thoughts on “President Obama’s Twitter Hacked !

  1. Currently there is this program call CEH which stands for Certified Ethical Hacker. A lot of White Hat Hackers work for audit companies and some even in R&D side. Yes anyone can claim to be a WH after they done hacking but I think if no harm is caused but a loop hole was found and been reported to the owner, I do not think that using the term WH will be an excuse for malicious hacker. I also think that the owner of the account also should be blamed by not setting a good and strong password to protect his/her own account. Lastly I do not think that social websites like Facebook or Twitter should be blamed for such hacking issue. Because most of the time it is the users who never take good care of their password or even set a good/strong password. Also, if user want to put their own information online, they also must be prepared to face the price if their account been hacked because it is the user who willingly put it online and no one using a gun to force them.

  2. Hey pehshaohong! Interesting!

    Few points I would like to share with you..

    “I think if no harm is caused but a loop hole was found and been reported to the owner, I do not think that using the term WH will be an excuse for malicious hacker”. I don’t really agree with you here. Hacking into accounts to prove that there are flaws with their system should be a profession and not a social service or a hobby. The Frenchman who hacked President Obama’s account was unemployed, had no certificate (like the one you mention) and finally did not report it to anyone. And sometimes it is difficult to check whether there has been any information stolen or not. The so called “white hacker” can steal information but be passive about it. But who do you refer to when you say “owner”? Is it the owner of the account or the website? Well, if you mean the owner of the account then what’s the use of reporting to the owner? Unless the hacker was certified, the first reaction the user will have is to complain to the police that this random guy has hacked his account. So, in my opinion, a hacker is qualified as a “white hacker” only if he has a certificate or works for a related firm.

    “the owner of the account also should be blamed by not setting a good and strong password”. Well I don’t think President Obama was careless enough to have an easy password (like “whitehouse”). But yes to some extent the users should be more careful about it.

    “I do not think that social websites like Facebook or Twitter should be blamed for such hacking issue”. I kind of disagree here with you. Facebook or Twitter assures users that their privacy system is great and that all our information will be kept private unless we want to make them public. I think they should take more precautions and force us to choose strong passwords like Hotmail does. They should check on the spot whether our password is strong or not. I think these social networking sites need to take more initiatives to help us keep our information private.

    What do you think? Anyways really thanks for your interesting commets 

  3. Hi! Maybe I should put it across this regarding the CEH cert, CEH cert is just a cert that shows that u follow the code of conduct that the org have design and you will keep to it.
    As for the part regarding “WH” hacker, normally when they manage to break through the system and they will keep their hand “clean” on the information on the system itself but he/she will report to the owner of the system but the user regarding the flaw of the system. Of course if the suppose to be “WH” hacker did some thing to the system, he/she will not be labeled as White hat but it will be Black Hat. Normally the way that WH thinks is that he/she will find flaw of the system and make it that the admin of the system quickly patch up the flaw.
    As for the password part, I still think that users normally set password that relate to them and hacker will take advantage of this point and do wild guess hack on it and I think still is the user fault for not setting a strong password.
    Lastly, yes Facebook and Twitter assures uses that all their information will be kept private unless the user wan to make it public. The question is if you want your information to be private then you should not even put those information on a public server then. It is just like you pass your house key to a friend who assures you that he/she will not give the key to anyone else. But someone stole it from that friend of yours, do you blame your friend for not protecting well or do u start to ask yourself why you pass to your friend in the 1st place. And of course due to human’s selfishness, they will start to blame their friend. So I do not think that social website should be blame because they already did their best to protect but you know there is a risk of information theft but you still choose to give the information.

  4. Hi rameshsindujasusan,

    Wow, this conversation is great! Singapore has a few security companies that employ WHs. Typically they get hired to test corporate systems for security intrusions and theft of data.\

    The discussion you are having about FB should not be about PRIVACY, but about SECURITY instead. There’s a difference. A intrusion could lead to information being stolen, and this is a security issue, and not a privacy one. When we use ANY such system, we are at risk of security breaches accessing our information (whether it is public or private, shareable or not on the system).

Leave a Reply

Your email address will not be published. Required fields are marked *