0
Staying Safe & Secure
      on Twitter



            Tom Eston
     SocialMediaSecurity.com
Who is this guy?

• Tom Eston, Security Researcher
• Blog: Spylogic.net
• Podcast: Securityjustice.com
• SocialMediaSecuri...
5 1/2 Twitter Threats
Distributed Denial of Service
          (DDoS)
Short URL Services
Third-Party Services
Web Vulnerabilities
• XSS (Cross Site
  Scripting)
• ClickJacking
• Third-Party
  Applications
  (Twitpic,
  BrightKite)
Impersonation &
            Disinformation
• Fake accounts
  (Celebrity)
• Do you trust
  what you
  read?
• Fake Re-
  Tw...
The employees at
          Twitter...srsly.
• Two high profile
  attacks already!
• Don’t use real
  information for
  pass...
How can you stay safe?
#1



#2
NoScript

• Protects you from
  malicious JavaScript
• Prevents XSS/ClickJacking
• Kills unwanted
  ads..improved speed!
•...
Use a Third Party Client

• Safer then using the
  Twitter web client
• Some have issues
  with clear text
  authenticatio...
Long URL Please Add-on
     • Shows you true URL
     • 73+ services supported
     • LongURLPlease.com
Use a Password Manager
• KeePass
• 1Password (iPhone)     keepass.info

• Or...think of a
  password scheme
  (C0mp1exP@as...
Careful what you
    believe, trust but verify...
• Even Tweets from
  your friends! What if
  their account was
  comprom...
Careful what you
    tweet...
   Everyone is watching.
Monitor your brand
   It’s your reputation at risk.
Twitter needs to take
   security srsly...
        No really.
Questions?
     More information available at:
       SocialMediaSecurity.com

 Email: tom@socalmediasecurity.com
Twitter:...
Upcoming SlideShare
Loading in...5
×

Staying Safe & Secure on Twitter

4,926

Published on

Presentation I gave at the CoolTwitter Conference in Cleveland, Ohio August 7, 2009. I talked about the top 5 1/2 threats to Twitter and ways you can use it safely. Yes, there are more then 5 1/2 issues but I only had 15 minutes! :-)

Published in: Technology, News & Politics
1 Comment
1 Like
Statistics
Notes
No Downloads
Views
Total Views
4,926
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
69
Comments
1
Likes
1
Embeds 0
No embeds

No notes for slide

Transcript of "Staying Safe & Secure on Twitter"

  1. 1. Staying Safe & Secure on Twitter Tom Eston SocialMediaSecurity.com
  2. 2. Who is this guy? • Tom Eston, Security Researcher • Blog: Spylogic.net • Podcast: Securityjustice.com • SocialMediaSecurity.com @socialmediasec • Twitter: @agent0x0
  3. 3. 5 1/2 Twitter Threats
  4. 4. Distributed Denial of Service (DDoS)
  5. 5. Short URL Services
  6. 6. Third-Party Services
  7. 7. Web Vulnerabilities • XSS (Cross Site Scripting) • ClickJacking • Third-Party Applications (Twitpic, BrightKite)
  8. 8. Impersonation & Disinformation • Fake accounts (Celebrity) • Do you trust what you read? • Fake Re- Tweets • SPAM
  9. 9. The employees at Twitter...srsly. • Two high profile attacks already! • Don’t use real information for password reset questions! • Same passwords for all accounts = FAIL
  10. 10. How can you stay safe?
  11. 11. #1 #2
  12. 12. NoScript • Protects you from malicious JavaScript • Prevents XSS/ClickJacking • Kills unwanted ads..improved speed! • http://noscript.net
  13. 13. Use a Third Party Client • Safer then using the Twitter web client • Some have issues with clear text authentication...but...
  14. 14. Long URL Please Add-on • Shows you true URL • 73+ services supported • LongURLPlease.com
  15. 15. Use a Password Manager • KeePass • 1Password (iPhone) keepass.info • Or...think of a password scheme (C0mp1exP@assw0rd _Tw1tter) • If one account gets compromised...others are safe!
  16. 16. Careful what you believe, trust but verify... • Even Tweets from your friends! What if their account was compromised? (Koobface) • News sources can be sketchy...
  17. 17. Careful what you tweet... Everyone is watching.
  18. 18. Monitor your brand It’s your reputation at risk.
  19. 19. Twitter needs to take security srsly... No really.
  20. 20. Questions? More information available at: SocialMediaSecurity.com Email: tom@socalmediasecurity.com Twitter: @agent0x0 or @socialmediasec
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×