Credit card cutting flaw could have killed EVERY AD on Twitter Twitter has patched a flaw in its service that allowed unauthorised users to delete every credit card from all accounts, potentially relieving the company of its advertising revenue, security researcher Ahmed Aboul-Ela says. The attacks worked through a direct object reference vulnerability and involved the manipulation of …
The problem is that there are people who do actually say "of" instead of "have" or "'ve" - I hear it often. And they are definitely saying "of" - it's not me mishearing them. I suspect the origins lie further up the line where they've heard people saying "should've" etc, and actually thought they were saying "should of" etc, and that then gets repeated and offspring/other family members pick up on it and perpetuate it further.
So when someone writes "should of" instead of "should've" - it might not be that they can't spell, instead it might be that they actually think it should be "should of", and actually say it that way.
@VinceH
"So when someone writes "should of" instead of "should've" - it might not be that they can't spell, instead it might be that they actually think it should be "should of", and actually say it that way."
I think that nails why you see so much of this now. My take is that people increasingly have what might previously have been informal pub etc conversations online in forums, comments, twitter etc, and do so using pretty much the language and tone of a conversation. They may be fairly eloquent speakers, but they end up using words and phrases they've never encountered in written form and have made assumptions about what is actually said, with speech tending to gloss over minor slips - particularly after a few beers - whereas text is unforgiving. Before net use was widespread, most people wrote little beyond occasional formal correspondence, so it just wasn't an issue that came up anyway.
I've occasionally had something similar with words read in books as a kid that I've never had reason to say or heard spoken, and when I do my pronunciation is way off. My German girlfriend, who speaks almost flawless and accent free english, finds herself constantly tripping over herself when trying to use english idioms (which she loves) in emails; she keeps finding phrases she likes, but has misheard repeatedly, and although she broadly understands the meaning and context, the words are completely wrong to the point of being unrecognisable as an attempt at the original phrase. It can get surreal. She's now getting very twitchy when one of her German colleagues keeps repeatedly using "to my opinion" in emails rather than "in".
... Whoops, just realised this is a year old thread - must pay more attention!
And it's the biggest prize to date??? How many security specialists/hackers have discovered similar flaws and decided to keep them secret, because either they consider these amounts a pittance and an insult, or they reckon they'll be able to gain much more by selling these flaws to the highest bidder or exploiting the flaws themselves?
Twitter are a bunch of cheapskates -like most other companies with similar bug hunting programs- and this will bite them in the ass sooner than later.
Fantastic! A researcher discovers a vulnerability, reports it, the company concerned immediately fixes it and pays a reward. This is going to start a positive trend in responsible reporting, with security benefits for end users.
Oh, no, wait... nevermind.
Where's the cynic icon?
Kind of but not really, it has to do with the consumers tolerance to certain issues.
Consumers are far more touchy about risks to money than "personal information", and not only consumers but banks, governments, the police, and many others.
Also what personal information does one store in a private place in twitter?
So, let me get this straight, Twitter uses easily guessable URLs in a small namespace to carry information that they just _assume_ the user/client has not messed with?
Reminds me of the days when the power company would send out actual IBM cards with your account number and amount due (with "Do not Fold, Spindle, or Mutilate" printed on the face, of course), and _some_ folks would "X-punch" the amount before returning the card with their payment. Just be careful not to run up too much credit.
Not that I would ever do such a thing. Oh, no, I'm just too honest and anyway not that old. Grandpa told me that story as a cautionary tale about trusting data that comes back into the system. Yeah, that's what he said.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
