Twitter Warns of Possible API Keys Leak

Twitter is notifying developers today about a possible security incident that may have impacted their accounts. From a report: The incident was caused by incorrect instructions that the developer.twitter.com website sent to users' browsers. The developer.twitter.com website is the portal where developers manage their Twitter apps and attached API keys, but also the access token and secret key for their Twitter account. In an email sent to developers today, Twitter said that its developer.twitter.com website told browsers to create and store copies of the API keys, account access token, and account secret inside their cache, a section of the browser where data is saved to speed up the process of loading the page when the user accessed the same site again. This might not be a problem for developers using their own browsers, but Twitter is warning developers who may have used public or shared computers to access the developer.twitter.com website -- in which case, their API keys are now most likely stored in those browsers.

Anonymous posts disabled for logged in users on D2

[lessSockMorePuppet]

is this intentional?

Re:

[Mattcelt]

How many times are you going to ask the same question?

Re:

[lessSockMorePuppet]

Until I get an answer?

It's really that simple.

Re:

[thegreatbob]

Care to explain why you, specifically, are owed an explanation?

Re:

[thegreatbob]

No? Okay... guess you're just whining in the form of a question.

Re:

[lessSockMorePuppet]

They just removed the checkbox from D1, so I gather this is an official, intentional, unannounced change.

Slashdot, fuck yourself with a rusty pogo stick. This is how your treat your core, multiple decade readers? Fuck y'all.

PopeRatzo, I expect to see you and ColdFjord on SN.

Why do we use Consumer Stuff for important things

[jellomizer]

We have grown much to dependant on Consumer Grade goods and Services, to do things, that we really should have a solution better suited to your needs.
Don't waste time on a a good SAN put your data onto Google Cloud! Your corporate emails will now be on Office 360, or Gmail.
Our cheapness is putting us at a disadvantage. If it is important to you, you better put out the big bucks and do it yourself, where you have control on what you need done.

Re:

[omnichad]

It's way cheaper to manage at their scale. It's not necessarily being cheap to use it - just taking a cut of the savings on economies of scale. I don't think everything should go cloud just because it can be less expensive. There are always trade-offs to consider.

Why the regression?

[scdeimos]

It used to be that the "S" in "HTTPS" meant "Secure" because connections between browsers and origin servers were encrypted and browsers weren't supposed to cache HTTPS content on disk. So why are browsers caching HTTPS content on disk now?