Tag: exploits

#oneaday, Day 247: This Is Why We Can’t Have Nice Things

Twitter broke earlier today. This in itself is nothing unusual, as the existence of the term “failwhale” will attest. But this time it was partly a result of some new changes that the service made, particularly with regard to posting links.

Twitter recently launched its own link-shortening service, called “t.co”. This is one of the shortest link-shorteners out there, and when characters are a precious commodity as they are on Twitter, that’s really important.

Unfortunately, some clever young person discovered that by using t.co it was, in fact, possible to embed HTML code and, worse, JavaScript in these links. It was also possible to format tweets, change their colour and black them out.

Said exploiter quickly discovered that by blacking out a tweet and adding a “mouseover” JavaScript event to automatically retweet the exploit, post giant text on the screen or in some cases, redirect to websites you wouldn’t want anyone to catch you on ever whenever a user moved their cursor over the blocked text, they could cause absolute chaos. Thankfully, most people got wise to the exploit pretty quickly and retreated to the safety of Twitter client apps, as it only affected users on the website itself. Of course, there were a few people who started screaming “OMG VIRUS!!!” and panicking, but most of them were put in their place pretty quickly with a simple, calm explanation (hah, right) that an exploit and a virus are two very different things. And Twitter stepped in to plug the security hole reasonably quickly, too. So the whole thing was over within a matter of hours.

The main point of this, though, is that it wouldn’t have happened at all without the new functionality that Twitter was offering. It seems that every single time something new and potentially awesome appears, there is at least one person out there who wants… no, seemingly needs to break it. Why? Because they can.

This explains the existence of “glitchers”, people who deliberately play video games in order to break them. It explains the existence of software pirates, who are out to break copy protection and DRM on software. It explains the existence of hackers, people who write viruses and spammers. And, indirectly, it’s the reason why every single time you turn on Windows you have fifteen bajillion updates to install.

This is all getting a bit tiresome now. It’s such a shame that things that are new must seemingly go through the “initiation” of being broken by some idiot sitting in his pants in his basement, probably masturbating furiously as he watches the chaos unfold before his eyes. Because you just know it’s a “he”, too. (I’m all for equality, but when it comes to stupid, pointless and inconvenient things to do with computers, it’s always a guy.)

Thankfully, the world seems adequately set up to deal with such dribbling idiots these days. We have spam filters, virus scanners, scripts to clean out malicious code from websites. Companies have teams to fix broken functionality like we’ve seen here. And of course, it’s easy to say that things should be tested more thoroughly before release. But there’s no way you can predict every single possible stupid thing that some member of the human race will try and do. If we could, no-one would ever go outside and the world and everything in it would be covered in sponge just in case we fell over and hurt ourselves and/or tried to kill someone else with something.

So if you know anyone who’s ever come up with one of these exploits, or anyone who’s ever ruined a Nice Thing for anyone else, do the world a favour and go and punch them really, really hard in the testicles.