Tag Archives: security

How not to get your Twitter account hacked

Twitter has issued advice on keeping your account secure.

It follows a recent case of the Fox News politics Twitter account being hacked.

Hacking is rare, according to Twitter’s blog, but phishing, when a spam message ask for your password, is relatively common.

Here are some recommendations from Twitter.

  • Use a strong password with at least 10 characters and a combination of letters, numbers and other characters for your Twitter account. And use a unique password for each website you use (email, banking, etc.); that way, if one account gets compromised, the rest are safe. A personal email account that is compromised is the second most likely way an intruder gains access to Twitter accounts.
  • Use HTTPS for improved security on Twitter. This is the same encryption technology that allows you to safely make payments online. Learn how to do this here.
  • We recommend linking your phone to your Twitter account. Doing this could save your account if you lose control of your personal email and/or password. Here’s how to do it.
  • If you think your account has been compromised, visit our help page for compromised accounts to find out how to fix it quickly.

For advice on protecting your phone, see Journalism.co.uk’s How not to get your phone hacked blog.

How not to get your phone hacked

In the wake of the News of the World phone-hacking scandal some major news organisations have sent out emails to journalists and other members of staff advising them to protect their phone against hacking.

As this blog post by mobile phone security expert David Rogers points out, hacking is a misnomer. What went on at News of the World was “illicit access to voicemail messages”.

Rogers’ post points out various methods that could have been used to do this. Here are ways to keep your voicemail secure. Okay, so it is unlikely that journalists will be voicemail-hacking in the future but conmen and women may now have ideas.

How hacking took place:

1. By using default PINs

Mobile phone voicemail boxes are set up so they do not require a PIN or use one of several default codes which can be worked out by a two minute internet search.

Solution: You’ll need to set up a PIN by following the advice from your phone company. There are step-by-step instructions on how to do this for Vodafone, O2, Orange, and T Mobile. A quick search will help you if you are with an alternative carrier.

You can also set up or change your voicemail password on your handset. (On an iPhone this is found in settings / phone / change voicemail password.)

2. By using default PINs and remote access

Rogers explains in his post:

Operators often provide an external number through which you can call to access your voicemail remotely.

This was one of the mechanisms allegedly used by the News of the World ‘phone hackers’ to get access to people’s voicemails without their knowledge.

Solution: Find out the remote access number for your voicemail from your phone provider and set up a PIN using the links above.

3. By calling your own phone

When you want to access your voicemail remotely you can do so by calling your own phone number and interrupting the voicemail message by pressing *.

Rogers points out:

Claims about the voicemail hacking scandal say that one journalist would call up a celebrity to engage the phone while another would then go into the voicemail using this method.

Solution: Set up a PIN using the links above.

There is more advice and a more detailed explanation on how voicemail hacking took place at this link.

This Mashable post on how to protect your phone is also worth reading, particularly if you are an Android user.

Image by John Karakatsanis on Flickr. Some rights reserved.

Leaked US military video boosts donations to Wikileaks

Whistleblowing website Wikileaks has received more than £150,000 in donations since Monday, when it published a leaked US military video of the killing of 12 civilians – including two Reuters staff – in Iraq in 2007. According to the Wikileaks site, the project requires $600,000 a year to run.

The video has been hailed as a turning point for the controversial site (see this Wired article from 2009), which uses a network of volunteers to release information and promises full confidentiality for its sources.

As the Editors Weblog summarises:

Many news outlets might find themselves in a love-hate relationship with the news outlet. Wikileaks is situated at an important spot within the news industry as the only place willing to publish stories others can’t or wont. The website can function as a voice capable of breaking high profile scandals news outlets don’t want to break.

While Wikileaks acts as an important watchdog against corruption, the sometimes-paranoid tone of the site might undermine the website’s value while making it a target for criticism. To an extent, Wikileaks has every right to indulge in their paranoia. Several democratic governments around the world, all of whom have laws protecting free speech, have passed or discussed creating new laws which block the public’s access to the website. Just last night, the UK passed the digital economy bill, which contains a clause that could be used to justify blocking Wikileaks. The site is also blacklisted in Denmark and Australia.

Democracy Now is claiming videos it has obtained feature eyewitness accounts of the 2007 attack from the day after event; while international media organisations have called for a fresh investigation of the incident by the US military.

DutchNews.nl: Regional press agency leaks thousands of telephone numbers

A leak in the security system of Dutch regional press agency GPD meant thousands of phone numbers for public figures were openly accessible.

Other personal information was also available via a Google search.

Full story at this link…

Original story by Tweakers.net (in Dutch).