Comments on: On Twply and giving out your Twitter password (updated)

By: Crilushinhile

Crilushinhile — Fri, 05 Mar 2010 12:10:49 +0000

Заходи к нам:
http://family.freehostwebs.com

By: zopumoup

zopumoup — Mon, 08 Feb 2010 05:34:04 +0000

а все таки: восхитительно. общение с иностранцами: познакомлюсь с парнем 17 лет Ухта в Жуковском женщина желает познакомится - знакомства мужчины москва познакомлюсь с парнем icq в Новошахтинске - женщина желает познакомиться Новошахтинск Чебоксары познакомлюсь с парнем 17 лет: как оригинально познакомиться с парнем Ижевск познакомиться с австралийцем: девушка познакомится с мужчиной Ижевск как познакомиться с соседом Ноябрьск познакомлюсь с нудистами хочу попробывать секс с парнем: знакомство с мальчиками в Калуге женщина желает познакомится: познакомиться с японцем женщина в Тольяттах с большим бюстом познакомится: как познакомиться со звездой как познакомиться с хакером: хочу познакомиться с байкером в Муроме познакомлюсь замужем: в Москве секс знакомства с парнями

By: Marcelinea

Marcelinea — Sat, 30 Jan 2010 06:39:18 +0000

Hey I would like to present interesting site: acomplia online acomplia overnight ceftin oral ceftin prices celexa prescription celexa toronto cleocin pharmacy cleocin sale diflucan medikament diflucan oral elavil drug elavil doctor hytrin order hytrin medikament imitrex online imitrex generic lexapro drug lexapro sale prednisone espana prednisone prezzo remarin discount remarin generic prevacid prezzo prevacid online sustiva prescription sustiva uk testosterone purchase testosterone espana topamax buy topamax prezzo viramune prescription viramune oral xenical rezept xenical toronto zyban espana zyban doctor zyloprim prescription zyloprim overnight zyprexa effects zyprexa uk To greet! See you!

By: do the pee wee herman

do the pee wee herman — Sun, 19 Jul 2009 00:17:54 +0000

any news coming ?

By: Nick

Nick — Mon, 13 Jul 2009 10:16:10 +0000

I was robbed on craigslist by some lowlife using a pager number. Jerkwad was speechless when I got his addy info and paid a visit lol! Reverse Number Lookup

By: Galgalo

Galgalo — Mon, 04 May 2009 11:50:32 +0000

emm.. love it.

By: Dave

Dave — Wed, 14 Jan 2009 19:20:55 +0000

I think you’re confusing encryption and hashing.

Encryption is what you do when you need to get the data (maybe a password, maybe something else) back out intact. Hashing is a one-way process – you hash a password and you can’t retrieve the password text.

Someone else (who evidently knows the Twitter API, where I do not) posted that it’s possible to access twitter’s API by providing the credential hash. So if Twply were being honest (I’m not making that claim) they COULD handle credentials safely and not store your password…

By: The Curious Case of Twply and Twitter - Bokardo

The Curious Case of Twply and Twitter - Bokardo — Fri, 09 Jan 2009 15:07:59 +0000

[...] Twply story is a lesson in many ways (see the discussion about the password anti-pattern here, here, and here), but I going to focus on the interface of the service in [...]

By: Identity, relationships and why OAuth and OpenID matter « Derivadow.com

Identity, relationships and why OAuth and OpenID matter « Derivadow.com — Thu, 08 Jan 2009 15:13:21 +0000

[...] Twitter hasn’t had a good start to 2009, it was hacked and then there were concerns that your passwords were up for sale and that’s not a good thing; except there may be a silver lining to Twitter’s cloud [...]

By: Andreas Pizsa

Andreas Pizsa — Sun, 04 Jan 2009 06:49:14 +0000

Following up on my own post: sorry, I was wrong. Username and password are not protected by twitters current authentication scheme.

To quote from the Specs (RFC 2617):

To receive authorization, the client sends the userid and password,
separated by a single colon (“:”) character, within a base64 [7]
encoded string in the credentials.

So even if you encrypt credentials in the database, they still get sent as quite easily readable text through the wire.

Ouch :)