- Has anyone experienced hacking/spam via If-This-Then-That connectors to third party social media sites? #ifttt #
- The #ifttt Delicious connection apparently uses the password antipattern with a password held on the IFTTT side; unsure if that's persistent #
- @jonworth Some very curious spamthings occurred last night via our Delicious channel; will ping @ifttt about it later. Still investigating. #
- Well I'd love to ask @IFTTT how events are triggered from Delicious into IFTTT? Callback? Rendezvous? Polling? RSS? Howis the password used? #
- . @riduidel it seems that someone has means to convince #ifttt that one's #Delicious account has added new bookmarks. /cc @IFTTT #
- . @riduidel Looks like at least 2 other ppl are similarly affected, by twitter-searching on keywords from the spam.
/cc @IFTTT #ifttt # - . @riduidel We had 39 spam messages arrive about 13 hours ago, + suspicious history of failed #IFTTT triggers going back thru August @IFTTT #
- . @riduidel Key question is whether this is a replay of previously-stolen credentials, or an outright fake/spoof to the @IFTTT API ? #ifttt #
- . @riduidel We have a bunch, all about "loanshop payday" and suchlike
/cc @ifttt #ifttt # - . @gwire Oh that would be novel, if there were some sort of memcache-injection technique to trigger the cascade.
/cc @ifttt #ifttt # - . @ColinNewell In fairness to #IFTTT it may not be their fault. Need answer to http://t.co/jnxzT2xF to establish.
/cc @riduidel @IFTTT # - . @ColinNewell Depends on how #ifttt get their data from #delicious and how they identify source & veracity, if at all
/cc @riduidel @IFTTT # - @riduidel While you're at it I presume you have used delicious for a while, possibly pre-flotation, so change your yahoo pw also. #
- @riduidel also take a moment to review which apps may post to your twitter, in Twitter settings. #
- "You’d probably need some random motorway stop signs every few miles and maybe a 'get out and push' section as well"
http://t.co/9j9WRiqf # - @IFTTT go on then, what was it? #
- @IFTTT ps: am reasonably technical, can cope with quite long words. 🙂 #
- @IFTTT in particular i don't understand why the Delicious channel on IFTTT demands the delicious password just to pull a RSS feed? #
Leave a Reply