Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Staying Safe & Secure on Twitter Tom Eston SocialMediaSecurity.com
Who is this guy? • Tom Eston, Security Researcher • Blog: Spylogic.net • Podcast: Securityjustice.com • SocialMediaSecuri...
5 1/2 Twitter Threats
Distributed Denial of Service (DDoS)
Short URL Services
Third-Party Services
Web Vulnerabilities • XSS (Cross Site Scripting) • ClickJacking • Third-Party Applications (Twitpic, BrightKite)
Impersonation & Disinformation • Fake accounts (Celebrity) • Do you trust what you read? • Fake Re- Tw...
The employees at Twitter...srsly. • Two high profile attacks already! • Don’t use real information for pass...
How can you stay safe?
#1 #2
NoScript • Protects you from malicious JavaScript • Prevents XSS/ClickJacking • Kills unwanted ads..improved speed! •...
Use a Third Party Client • Safer then using the Twitter web client • Some have issues with clear text authenticatio...
Long URL Please Add-on • Shows you true URL • 73+ services supported • LongURLPlease.com
Use a Password Manager • KeePass • 1Password (iPhone) keepass.info • Or...think of a password scheme (C0mp1exP@as...
Careful what you believe, trust but verify... • Even Tweets from your friends! What if their account was comprom...
Careful what you tweet... Everyone is watching.
Monitor your brand It’s your reputation at risk.
Twitter needs to take security srsly... No really.
Questions? More information available at: SocialMediaSecurity.com Email: tom@socalmediasecurity.com Twitter:...
Upcoming SlideShare
Loading in …5
×

Staying Safe & Secure on Twitter

5,445 views

Published on

Presentation I gave at the CoolTwitter Conference in Cleveland, Ohio August 7, 2009. I talked about the top 5 1/2 threats to Twitter and ways you can use it safely. Yes, there are more then 5 1/2 issues but I only had 15 minutes! :-)

Published in: Technology, News & Politics
no profile picture user

Staying Safe & Secure on Twitter

  1. 1. Staying Safe & Secure on Twitter Tom Eston SocialMediaSecurity.com
  2. 2. Who is this guy? • Tom Eston, Security Researcher • Blog: Spylogic.net • Podcast: Securityjustice.com • SocialMediaSecurity.com @socialmediasec • Twitter: @agent0x0
  3. 3. 5 1/2 Twitter Threats
  4. 4. Distributed Denial of Service (DDoS)
  5. 5. Short URL Services
  6. 6. Third-Party Services
  7. 7. Web Vulnerabilities • XSS (Cross Site Scripting) • ClickJacking • Third-Party Applications (Twitpic, BrightKite)
  8. 8. Impersonation & Disinformation • Fake accounts (Celebrity) • Do you trust what you read? • Fake Re- Tweets • SPAM
  9. 9. The employees at Twitter...srsly. • Two high profile attacks already! • Don’t use real information for password reset questions! • Same passwords for all accounts = FAIL
  10. 10. How can you stay safe?
  11. 11. #1 #2
  12. 12. NoScript • Protects you from malicious JavaScript • Prevents XSS/ClickJacking • Kills unwanted ads..improved speed! • http://noscript.net
  13. 13. Use a Third Party Client • Safer then using the Twitter web client • Some have issues with clear text authentication...but...
  14. 14. Long URL Please Add-on • Shows you true URL • 73+ services supported • LongURLPlease.com
  15. 15. Use a Password Manager • KeePass • 1Password (iPhone) keepass.info • Or...think of a password scheme (C0mp1exP@assw0rd _Tw1tter) • If one account gets compromised...others are safe!
  16. 16. Careful what you believe, trust but verify... • Even Tweets from your friends! What if their account was compromised? (Koobface) • News sources can be sketchy...
  17. 17. Careful what you tweet... Everyone is watching.
  18. 18. Monitor your brand It’s your reputation at risk.
  19. 19. Twitter needs to take security srsly... No really.
  20. 20. Questions? More information available at: SocialMediaSecurity.com Email: tom@socalmediasecurity.com Twitter: @agent0x0 or @socialmediasec

×