undefined | Better HN

0 pointsjsnell5y ago0 comments

Just what kind of an operation is Twitter running here? It seems crazy that they don't have any kind of anti-abuse system in place that could just block tweets with this specific Bitcoin address or possibly tweets matching the regexp of any Bitcoin address. I.e. limit the damage and buy a couple of hours while they try to find the root cause.

(Yes, yes, staged rollouts. But anti-abuse systems don't work by those rules, at least in emergencies.)

0 comments

adriancooney5y ago

It's absolutely crazy. This doesn't look like just leaked keys - it looks like genuine, manual access to accounts (as well as automated). The whole system must be compromised. @kanye replied to the scam tweet with "Sent out over $2,000,000!" [1].

[1]: https://i.imgur.com/wN7u43C.png

madmulita5y ago

They might be too busy renaming all their 'master' branches.

webXL5y ago

Daaaaaaamn! I bet morale really has deteriorated since national politics leaked into business decisions and employees being cut off from their daily social interactions isn't helping.

khazhoux5y ago

I can't count the number of times people have asked here "How can Twitter possibly employ 4,000+ employees?". Well, I suppose we've learned 4K isn't even enough for good anti-abuse systems.

Aperocky5y ago

Um why not enough and not too much? This alone doesn't say anything in regard to twitter's user count.

This means twitter had omni backend tooling that have manual/programmatic admin level access to production database.

This is a very bad idea, access to production tables should be through a controlled medium and always challenged.

redisman5y ago

Any 20 person startup in cyber security-adjacent fields has thought more about this than Twitter? Jeez this is not a good look.

blisseyGo5y ago

On a serious note, does that 4000+ employees include the content moderators? If yes, then I can see why. If not, then I am not sure what that many employees is for.

golergka5y ago

For middle management to win their political games.

actuator5y ago

Yeah, I would have guessed a platform like Twitter would have anti-abuse systems with at least term filters.

Barrin925y ago

At this point I'd advocate for a huge red button or a gong that someone can smash and it just halts the platform

jsnellOP5y ago

Kill-switches are dangerous, since they get built and never get used. I work on an anti-abuse system. It caused two user-visible outages in the last couple of years, one of which was an accidentally triggered kill-switch that had not been used in years and had some unexpected side-effects.

So I can see why they wouldn't have one of those pre-built for setting the entire site to a read-only mode. It's not at all obvious whether the risks are larger with or without that capability built in. But a spam filter with configs you can push quickly seems like table stakes, and should be a system that gets excercised weekly if not daily.

3 more replies

Nextgrid5y ago

Even if there is no "huge red button", at this stage it should be easy to reconfigure their load balancers to just return 500 for all endpoints or even take down their DNS records and essentially shut down the platform until they sort it out.

1 more reply

Klathmon5y ago

If this exploit is deep enough, the attackers might be disabling the anti-abuse systems as well.

arduinomancer5y ago

In the article it shows the tweet isn't a bitcoin address, its just a link to another site which presumably has the actual scam.

actuator5y ago

The ones I saw from Musk, Buffett etc had the actual address.

j / k navigate · click thread line to collapse

0 comments

adriancooney5y ago

[1]: https://i.imgur.com/wN7u43C.png

madmulita5y ago

They might be too busy renaming all their 'master' branches.

webXL5y ago

Daaaaaaamn! I bet morale really has deteriorated since national politics leaked into business decisions and employees being cut off from their daily social interactions isn't helping.

khazhoux5y ago

I can't count the number of times people have asked here "How can Twitter possibly employ 4,000+ employees?". Well, I suppose we've learned 4K isn't even enough for good anti-abuse systems.

Aperocky5y ago

Um why not enough and not too much? This alone doesn't say anything in regard to twitter's user count.

This means twitter had omni backend tooling that have manual/programmatic admin level access to production database.

This is a very bad idea, access to production tables should be through a controlled medium and always challenged.

redisman5y ago

Any 20 person startup in cyber security-adjacent fields has thought more about this than Twitter? Jeez this is not a good look.

blisseyGo5y ago

On a serious note, does that 4000+ employees include the content moderators? If yes, then I can see why. If not, then I am not sure what that many employees is for.

golergka5y ago

For middle management to win their political games.

actuator5y ago

Yeah, I would have guessed a platform like Twitter would have anti-abuse systems with at least term filters.

Barrin925y ago

At this point I'd advocate for a huge red button or a gong that someone can smash and it just halts the platform

jsnellOP5y ago

3 more replies

Nextgrid5y ago

1 more reply

Klathmon5y ago

If this exploit is deep enough, the attackers might be disabling the anti-abuse systems as well.

arduinomancer5y ago

In the article it shows the tweet isn't a bitcoin address, its just a link to another site which presumably has the actual scam.

actuator5y ago

The ones I saw from Musk, Buffett etc had the actual address.

j / k navigate · click thread line to collapse