Twitter and Jott spoofing

Technology
Twitter and Jott spoofing

Make 518
Nitesh Dhanjani @ the ONLamp blog shows that it’s fairly easy to spoof someone’s Twitter & Jott – looks like you can require a PIN for twitter if you’re worried-

Both Twitter and Jott authenticate users by their phone number. Twitter does this by validating users based upon the source of SMS messages sent to the phone number 40404 (US), and Jott does this by trusting the incoming Caller ID when someone calls 877-568-848. From a security perspective this means the following:

  • Anyone who knows your phone number can update your Twitter page by spoofing a SMS message, i.e. post a Twitter entry as you.
  • Anyone who knows your phone number can spoof his or her caller ID to send a Jott message as you.

Twitter and Jott Vulnerable to SMS and Caller ID Spoofing – O’Reilly ONLamp Blog – [via] Link.

What will the next generation of Make: look like? We’re inviting you to shape the future by investing in Make:. By becoming an investor, you help decide what’s next. The future of Make: is in your hands. Learn More.

Tagged

current: @adafruit - previous: MAKE, popular science, hackaday, engadget, fallon, braincraft ... howtoons, 2600...

View more articles by Phillip Torrone
Discuss this article with the rest of the community on our Discord server!

ADVERTISEMENT

Escape to an island of imagination + innovation as Maker Faire Bay Area returns for its 16th iteration!

Prices Increase in....

Days
Hours
Minutes
Seconds
FEEDBACK