Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Thursday, 23 March, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

First Tweet suffers certificate issues

by The Gurus
March 20, 2014
in Editor's News
Share on FacebookShare on Twitter

Twitter’s eighth birthday has been marred by a certificate issue that saw users face a warning page on its “First Tweet” page.
 
The page, which offered to show users their first ever tweet, worked on a standard HTTP request, but when using HTTPS users faced a page warning them that the connection was untrusted. Amar Singh, CISO and head of the UK chapter of ISACA, told IT Security Guru that despite the website being owned by Twitter, the website gives a certificate error, as the certificate could not be verified.
 
Twitter added HTTPS across the whole website in 2011 and in this incident, the First Tweet website was not recognised as the site certificate is registered to Twitter.com.
 
Speaking to IT Security Guru, Bruce Morton director of certificate services at Entrust, said that this was a “really bad mistake on the web server” as the domain name does not match the certificate name. “The browser does not trust the certificate as the names do not match and so this brings up the error page,” he said.
 
“The certificate for Twitter.com has SSL and I think that the manager of the server has put the wrong certificate on the server. It let me redirect through to another page and I found the error page showed when using Internet Explorer, Mozilla Firefox and Google Chrome.”
 
Morton discouraged users from generally clicking through as they could end up at a compromised site. “This appears to be a silly error and it is either done wrong by someone at Twitter, or they have not tested it or they put it in without SSL, maybe the testing is not complete?”
 
Singh said that the likes of Twitter, Facebook and LinkedIn are mostly seen as trusted organisations by the majority of their users, and most users may not pay attention to a warning and over time, and especially if this is repeated, most regular users would ignore this type of an error message.
 
He said: “What’s the right behaviour? No user should accept and continue on to the site, but the question is how many actually will notice? Also, when a real certificate issue happens, the typical mind may think ‘oh this happened with this big company website too so it’s nothing big and serious, but all it takes is one certificate, one website, one incident.”
 
The page was set up to mark Twitter’s eighth birthday by allowing users to see their first tweet by putting a username into the website.  However some users have claimed that the site is not working, with Guardian technology editor claiming that what was supposed to be the first tweet was three years out of date.
 
Twitter has been made aware of the issue.

FacebookTweetLinkedIn
Tags: Certificate
ShareTweetShare
Previous Post

“XP Migration the Only Salvation”

Next Post

Hacker who broke into ‘League of Legends’ database arrested

Recent News

call centre

MyCena Improves Customer Data Access Protection in Call Centers and BPOs

March 23, 2023
Blue logo, capitalised letters. SPECOPS.

Fortune 500 Company Names Found in Compromised Password Data

March 23, 2023
Ferrari Data Breach: The Industry has its say

Ferrari Data Breach: The Industry has its say

March 22, 2023
security

What Is Observability, And Why Is It Crucial To Your Business?

March 21, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information