Somehow/somewhere, the @sijoe twitter account was compromised, and a bad tweet generated.
I deleted the tweet.
Then revoked all access to twitter from all accounts.
Then made sure I’ve got two factor authentication up everywhere possible.
Then changed all passwords on all accounts.
Are we having fun yet?
Somehow, I have a sense that this is our computational future. I’ll elaborate on this shortly. Let me finish hooking up the newly re-secured bits to each other (well, a more limited version of this …)
And no, I wasn’t able to identify the culprit vector. Looking through our machines, I didn’t spot anything that suggested a compromise. Which, does suggest to me, that it wasn’t on our end. That said, iOS apps and iOS itself may be trivial to compromise for all I know. c.f. jail breaking which is a form of compromise. My units have already been locked down before, now it might require even more diligence, and even a removal of functionality in order to reduce the attack surface.
Viewed 73365 times by 3258 viewers