Tag Archives: Twitter

Hacks at Twitter, New York Times, WSJ and Washington Post highlight need for better security hygiene

email_header_710Earlier tonight, I received an email I would just as soon not have gotten from Twitter, along with 250,000 Twitter users who had their password reset. Twitter security director Bob Lord explained why I’d received the email on the company blog:

“This week, we detected unusual access patterns that led to us identifying unauthorized access attempts to Twitter user data. We discovered one live attack and were able to shut it down in process moments later. However, our investigation has thus far indicated that the attackers may have had access to limited user information – usernames, email addresses, session tokens and encrypted/salted versions of passwords – for approximately 250,000 users.”

Mike Isaac has been following the story the hack at Twitter at AllThingsD, if you want the latest news tonight.

After the password reset, I went through revoked Twitter authorization access to a number of unused apps, something I’ve been doing periodically for years now. That habit is among Twitter’s security recommendations.

I’m thinking about other social media accounts now, too. Shortly after Nicole Perloth began covering IT security for the New York Times, she shifted her practices:

“Within weeks, I set up unique, complex passwords for every Web site, enabled two-step authentication for my e-mail accounts, and even covered up my computer’s Web camera with a piece of masking tape — a precaution that invited ridicule from friends and co-workers who suggested it was time to get my head checked.”

She talked to two top-notch security experts and wrote up a useful list of good digital security practices. Unfortunately, it may be that it takes getting hacked and embarrassed (as I was on Twitter, on Christmas Eve a couple years ago) to change what how people approach securing their digital lives.

I don’t recommend that sort of experience to anyone. I was lucky, was tipped nearly right away and was able to quickly get help from the remarkable Del Harvey, head of the Twitter Safety team.

It could have been much, much worse. I’m thinking of Mat Honan, a Wired journalist who experienced an epic hacking that came about through a chain of  compromised accounts at Amazon, iTunes, Gmail and Twitter. After a lot of work, Honan managed to recover his data, including some precious pictures of his child. In the wake of the hack, he turned on 2-factor authentication on Google and Facebook, turned off “Find my” Apple device, and set up dedicated, secret accounts for password management. Honan isn’t alone in the tech journalist ranks: he just happens to have a bigger platform than most and was willing to make his own painful experience the subject of an extensive story.

A jarring reality is that even people who are practicing reasonably good security hygiene can and do get p0wned. Unfortunately, the weakest point in many networks are the humans — that’s reportedly how Google ran into trouble, when key employees were “spear phished” during “Operation Aurora,” targeted with social engineering attacks that enabled hackers to access the networks.

The last paragraph of Lord’s post suggests that a similar expertise was at work at Twitter, although he does not specify a source.

“This attack was not the work of amateurs, and we do not believe it was an isolated incident. The attackers were extremely sophisticated, and we believe other companies and organizations have also been recently similarly attacked. For that reason we felt that it was important to publicize this attack while we still gather information, and we are helping government and federal law enforcement in their effort to find and prosecute these attackers to make the Internet safer for all users.”

It’s been true for a decade but it’s even clearer in the second month of 2013: practicing basic information security hygiene is now a baseline for anyone else online, particularly those entrusted with handling confidential sources or sensitive information.

Chris Soghoian was clear about the importance of journalists and media companies getting smarter about keeping sources and information safe in 2011. Tonight, I am not sanguine about how much has changed since in the news industry and beyond.

Two days ago, the New York Times disclosed that hackers had infiltrated …the New York Times. The next day, The Wall Street Journal has disclosed similar intrusions. Earlier today, Brian Krebs reported that the Washington Post was broadly infiltrated by Chinese hackers in 2012. The Post confirmed the broad outlines of an attack on its computers.

If you’re a journalist & you’re not using a password manager+unique, long random passwords per website: stop, install and configure one now.

— Christopher Soghoian (@csoghoian) February 2, 2013

If you have a moment this weekend, think through how you’re securing your devices, networks and information. If you use Twitter, visit Twitter.com and update your password. If you haven’t turned on 2-factor authentication for Facebook and Gmail, do so. Update your Web browser and use HTTPS to connect to websites. disable Java in your Web browser. Think through what would happen if you were hacked, in terms of what numbers you would call and where and how your data is backed up. Come up with tough passwords that aren’t easily subject to automated cracking software.

And then hope that researchers figure out a better way to handle authentication for all of the places that require a string of characters we struggle to remember and protect.

3 Comments

Filed under journalism, security

Trumping Trump on Twitter

This is the most retweeted tweet I’ve ever tweeted:

It blew up so much it attracted Donald Trump’s notice. He responded:

I dream of the day that I get nearly 1,700+ retweets of a story instead of a sentiment. Apparently I touched a nerve. It just kept going and going and going.

By the numbers, my tweet was amplified five times as much as Trump’s, with a bit less than 10% of the followers. On particular count, I may have “trumped” the real estate mogul on Twitter, although I think it’s safe to say that this is an imperfect gauge of public opinion. He also shows no signs of shifting his course.

On a more qualitative level, Trump’s @mention of me exposed me to a day’s worth of emotional feedback online. I received many negative @replies on Twitter when the @WhiteHouse retweeted me last July. The angry responses after Donald Trump @mentioned me this week, however, were worse in scale and composition.

As I gain more surface area online and in the media, through television appearances, I’m finding that I’m encountering more hate, fear, ignorance and anger everywhere. Honestly, I have a hard time not responding to people online. I’ve never liked seeing broadcast journalists and celebrities ignore people, even angry viewers or fans. It’s not how I’ve worked over the last decade and I don’t intend to change.

As I gain more of a platform to focus attention on issues that matter, this won’t get easier. The Internet mirrors what is worst in humanity, along with what’s best in us. The Web is what we make of it. It’s a bitter reality, though I think it’s been part of the public sphere as long as we’ve had one.

14 Comments

Filed under microsharing, personal, social media, Twitter

Revisiting standards for moderation and community on social networks

If the Internet and social media represent the new public square, it’s important to talk about the rules of the road.

Over the past year, I’ve seen a lot of spam and pornography links on Google+, Facebook, Twitter and on comment sections of the blogs I maintain.

Google and Facebook both give us the ability to moderate comments and, if we wish, to block other people who do not respect the opinions or character of others.

Now that a lot more people are circling me on Google+, following me on Twitter and subscribing to me on Facebook, it’s time to revisit a post from earlier this years. If you have found your comment removed, I’d like to explain why and offer some guidelines. Here’s how I think about maintaining community, with a nod to ASU journalism professor Dan Gillmor‘s example:

I can and do block spammers and people posting links to pornography in my comment threads.

I generally leave comments on my blogs, precisely because I value conversations, despite the issues that persist online. I have been moderating discussion in online forums and blogs for many years, including those of my publishers. My full thoughts on the value of blog comments — and the social norms that I expect people comments to live within — are here.

Vilely insulting me won’t help your case. Insulting others will ruin it. I was a teacher in my twenties. I would not tolerate disrespectful behavior in my classroom, either to me or to other students. If you can’t be civil and continue to insult others, much less the person hosting the forum, you were asked to leave and see the principal.

If the behavior persists, you will lose the privilege of participating in the class at all. Eventually, you get expelled. On Google+ or blogs, that takes the form of being defriended, banned or blocked from my public updates. I prefer not to block users but I will do so. I respect your right to speak freely on your own blog, Twitter, Facebook or Google+ account, whether that involves cursing or ignorance.

I strongly believe in the First Amendment, with respect to government not censoring citizens. That said, I do not, however, feel obligated to host such speech on my own blog, particularly if it is directed towards other commenters. I believe that building and maintaining healthy communities, online of offline, requires that the people hosting them enforce standards for participation that encourage civil dialogue.

I hope that makes sense to readers. If not, you are welcome to let me know why in the comments. And if your approach differs, please explain how and why.

Following is a storify from a forum I participated in that featured perspectives from other people entrusted with online community moderation:

[View the story "A story of online community, comments and moderation" on Storify]

2 Comments

Filed under blogging, journalism, microsharing, social bookmarking, social media, technology, Twitter

A few thoughts on the use of Twitter by federal officials

“Yes, saw news @acarvin retweeted from Tunisia. On it. Please @reply from @StateDept. – Hillz”

Last month, Federal Computer Week reporter Alice Lipowicz interviewed me about how federal officials and Congressmen in the United States government were using Twitter. She ended up using just one quote in her article on Feds using Twitter, regarding the reality that the division between “personal” and “professional” accounts has become quite blurred in the public eye, regardless of disclaimers made.

Look no further than the Congressional staffers who were connected to tweets about drinking during the workday and subsequently fired. With millions of people on the service and the DC media listening closely, there’s simply a higher likelihood that a bad error will be noticed and spread — and corrections never travel as far as the original error. An offhand comment, even if meant to be funny, can be taken out of context.

If a government executive or editor shared pictures of cute puppies and dogs on an official Twitter feed, they do run the risk that some people may not take their professional leadership as seriously. Then again, citizens and colleagues might connect with them as a fellow ‘dog person,’ like me. I set up a Twitter account for my greyhound some time ago. (He doesn’t tweet much.)

Alice and I talked about much more than risk, though, and since I have notes from the conversation, here are a few other observations I made. (The caption above, for Secretary of State Hillary Clinton, is 100% fiction.)

First, we talked about Senator Chuck Grassley (R-Iowa), who writes cryptic tweets but appears to be doing something some of his colleagues may not: listen. He told the National Law Journal that he pays attention to reactions to his tweets.

“Twitter’s a new way to communicate with constituents,” said Senator Grassley. “The real-time feedback and contact with the grassroots that Twitter offers is a real value.”

Even though some of his more partisan tweets have drawn controversy at times, he is a notable example of a lawmaker in the Senate demonstrating personal use of social media, including typos, text speak and messages that his staff might prefer he hadn’t sent, like his recent comments concerning the President.

In general, if Congress is going to draft legislation that leads to rulemaking about social media, it makes sense that Senators and Representatives should have some basic familiarity with these tools and what’s being said on them or down with them, given the role that they’re now playing in the new public square.

Their staffers certainly realize that by now, tethered by BlackBerrys and iPhone and Android devices to a 24/7 newscycle that has compressed to 24 minutes — or even 24 seconds — from 24 hours. The modern workplace may reward working long hours outside of the office, or at least the appearance of it. Late night and early morning emails are part of Washington working culture. It takes a specific attitude, boundaries and discipline to find a healthy work-life balance in the context of pressure.

That’s certainly true of officials as well, like federal CIO Steven VanRoekel, who is a father to several young children. He is an unapologetically geeky guy who has been learning to use Twitter better, as Alice described, to go “direct” in answered questions from the government IT media.

He and his colleague, US CTO Todd Park, are actually both more advanced in their use of Twitter at this point in their tenures than Vivek Kundra and or Aneesh Chopra, their respective predecessors, neither of whom were tweeting when they began work. (Both men continue to tweet now, after they’ve left government, with Chopra much more active.)

VanRoekel tweeted infrequently as the managing director of the FCC, although he demonstrated that he both knew the basics. Using hashtags for comedic effect in his tweets now strongly suggests he’s learned something about the culture of Twitter since then. Yes, it was a bit of inside baseball, since you’d need to understand the context of Molly’s column to understand his comment, but the tweet was a reply to a specific column.

I thought that he was trying to be funny, with respect to confirming that APIs would be part of the federal government’s digital strategy using a “#specialsauce” hashtag and “#thereIsaidit.” At least for my (admittedly) geeky sense of humor, I think he succeeded.

I still see a perception in some quarters that Twitter is a fad and a waste of time — and currently, given the political context around taxes, the federal budget and spending, conversations about government wasting anything trend pretty negatively. Even with 100% of federal agencies on the service, I find that it still takes a demonstration of how Twitter is useful to accomplishing a mission before an uninitiated person’s eyes open to its value. Searching for topics, events or the name of an employer or agency is often effective.

That’s true for every other social network or tool, too. In 2012, I’m still enjoying exploring and experimenting with what the right approach to each platform, from blogging to Twitter to having family, friends and subscribers on Facebook and Google+ to tumbling or staying LinkedIn to my professional network or sharing video on YouTube. The same is true of federal officials.

We’re all “stumbling” along together.

Leave a comment

Filed under article, social media, technology, Twitter, video

New Sky News social media policy would cripple journalists working on the real-time Web of 2012

Another month, another firestorm over a poorly thought out social media policy from a massive media company. This time, it’s Sky News that’s made a misstep.

I think Reuters social media editor Anthony De Rosa is spot on in his assessment of assessment of the failings of the new social media policy advanced by Sky News: it’s longing for a return to the Victorian Internet

Cory Bergman nailed why it’s OK for journalists to be human on Twitter and Mathew Ingram, as usual, offered his usual common sense analysis of what makes sense, in context. (

Where I think Anthony knocks it out of the park, however, is with respect to the professional rationale for retweeting other accounts: “The idea here at Reuters when it comes to social media is to be the beacon for all news, which makes us the go-to source, no matter what the source may be, after being put through our own filters of verification.”

Just so.

If you’re on a beat, you want to be THE source for news on it. Generally, that means you’ll get beaten on being first to a story. No worries: RT them, then blog it, and link in articles. Over time, people (and algorithms) will value you for that work.

Any entity that distributes content online — whether they’re in the media, government, academia, nonprofit or other organizations, needs to be thinking about search engine optimization (SEO) and social media optimization (SMO) in 2012. Any policies that force journalists into internal silos will eviscerate that capability.

A RT is social media currency. Instructing journalists not to give them out where deserved is like sending them into a conflict or disaster zone with no funds for a fixer, fuel or food. It’s not just bad form. It’s bad business.

1 Comment

Filed under blogging, journalism, microsharing, social media, Twitter

Begun the Drone Wars, have they [VIDEO]

“Luke, you must use the Forge…”

The video above shows a series of experiments performed with a team of “nano quadrotors” at the GRASP Lab in the University of Pennsylvania. These wee vehicles were developed by KMel Robotics.

1 Comment

Filed under scifi, social media, technology, Twitter, video

5 Social Media Week DC 2012 Panels: Conversations, Politics, Technology, Public Diplomacy and eDemocracy

Social Media Week DC  is going to be a busy conference for me this year. If you haven’t heard about it yet, the week-long festival starts 12 days from now. The week will feature speakers, panels, workshops, events, and parties all across the District celebrating tech and social media in the Nation’s Capital, including a special edition of the DC Tech Meetup. I’m going to be moderating four panels and participating on a fifth. I’m excited about all five and I hope that readers, friends, colleagues and the DC community comes to one or more of them.

If the panels that I’m involved in aren’t your cup of tea, you might find something more to your taste in the full SMW DC schedule.

Social Media Week DC 2012

Following is the breakdown of the five panels that I’ll be participating in this year:

  • Creating & Managing High Quality Online Conversations
    Location: Science Club
    Date: Monday, February 13 at 6:30 PM – 8:00 PM |  Add to Google Calendar | Add to iCal
    Description: Discussions in online comment sections and social media can be tricky to manage. Some sites are bogged down full of low quality comments, spam, and more. How do we create high quality online discussions? How do we filter out the noise – the spam, the solicitation, harassment, and hateful speech that often becomes part of any online discussion? We will discuss examples of those that have done it well, and some that haven’t. We will also speak to individuals who have dealt with harassment and negativity online and learn how they fought back and still used social media tools for constructive discussion and engagement.
  • Politics and technology: the media’s role in the changing landscape: ASK QUESTIONS
    Location: Powell Tate
    Date: Tuesday, February 14 at 10:00 AM | Add to Google Calendar | Add to iCal
    Description
    : Digital platforms have changed the media landscape forever, but how has it changed the way the media covers politics? We’ll ask a panel of reporters from Gannett, National Journal, ABC News and Politico as they discuss 2012 election coverage.
  • Social Politics: How Technology Has Helped Campaigns: ASK QUESTIONS
    Location: Powell Tate
    Date: Tuesday, February 14 at 2:00 PM | Add to Google Calendar | Add to iCal
    Description: The social media landscape has changed drastically since 2008. We’ll hear directly from panelists from Google, Twitter and Facebook as they delve into the tools and innovations that candidates and campaigns have utilized as the 2012 campaign heats up.
  • Public Diplomacy in the Age of Social Media
    Location: New America Foundation
    Date: Thursday, February 16 at 9:30 AM – 11:00 AM | Add to Google Calendar| Add to iCal
    Description
    : How does social media change how statecraft is practiced in the 21st century? Who’s participating and why? What have been some lessons learned from the pioneers who have logged on to listen and engage? Three representatives from the U.S. Department of State will share case studies and professional experiences gleaned directly from the virtual trenches.
  • Social Media, Government and 21st Century eDemocracy
    Location: The U.S. National Archives
    Date: Friday, February 17 at 1:00 PM – 2:00 PM | Add to Calendar | Add to iCal
    Description: While Sean Parker may predict that social media will determine the outcome of the 2012 election, governance is another story entirely. Meaningful use of social media by Congress remains challenged by a number of factors, not least an online identity ecosystem that has not provided Congress with ideal means to identify constituents online. The reality remains that when it comes to which channels influence Congress, in-person visits and individual emails or phone calls are far more influential with congressional staffers.“People think it’s always an argument in Washington,” said Matt Lira, Director of Digital for the House Majority Leader. “Social media can change that. We’re seeing a decentralization of audiences that is built around their interests rather than the interests of editors. Imagine when you start streaming every hearing and making information more digestible. All of a sudden, you get these niche audiences. They’re not enough to sustain a network, but you’ll get enough of an audience to sustain the topic. I believe we will have a more engaged citizenry as a result.”

    This conversation with Lira (and other special guests, as scheduling allows) will explore more than how social media is changing politics in Washington. We’ll look at its potential to can help elected officials and other public servants make better policy decisions.

If you’re not in DC, check to see if there is a Social Media Week event near you: in 2012, the conference now include New York, San Francisco, Miami, Toronto, London, Paris, Rome, Hong Kong, Tokyo, Singapore, and Sao Paulo.

2 Comments

Filed under article, government 2.0, journalism, social media, technology