Archive for November 5, 2023

Elon Musk Appears To Be Selling Inactive Twitter Handles To Make Money

Posted in Commentary with tags on November 5, 2023 by itnerd

Forbes Magazine is reporting that Elon Musk has appeared to have set up a group whose sole purpose is sell inactive Twitter handles. Something that he did warn about after he bought Twitter:

Emails obtained by Forbes reveal that a team within the company, known as the @Handle Team, has begun work on a handle marketplace for the purchase of account names left unused by the people who originally registered them. In at least some cases, X/Twitter has emailed solicitations to potential buyers requesting a flat fee of $50,000 to initiate a purchase.

The emails, which Forbes agreed not to publish in their entirety to protect the anonymity of their recipients, came from active X employees and noted that the company recently made updates to its @handle guidelines, process and fees.

An automated response from X’s press email account to Forbes as of publication time said only: “Busy now, please check back later.”

Musk’s company has been rumored to be planning to put such a program into effect for months. As early as November 2022, Musk posted on the social media site that a “vast number” of handles had been taken by “bots and trolls” and that he planned to start “freeing them up next month.” (In response, a user suggested a “Handle Marketplace” where people could sell accounts to each other, with the site pocketing a fee; Forbescouldn’t determine whether such a practice is now in place.)

By the next month, X employees were already discussing the sale of X/Twitter handles, per a January report by The New York Times, with Musk posting that he planned to free up as many as 1.5 billion usernames “soon.” In May, X began purging defunct accounts from its site.

As of Friday evening, X’s username registration policy posted on its website still stated “unfortunately, we cannot release inactive usernames at this time.” Its “inactive account policy,” meanwhile, warned users to log in every 30 days to avoid being considered inactive, but also said X was not currently releasing inactive usernames.

I think that money is only part of the story here. Elon has to know that once that this story got out there, people who have sort of become laissez faire about their Twitter usage may be encouraged to use Twitter more often. That of course boosts engagement which helps Elon try to convince people that Twitter is worth being on. Let’s see how well this latest brainwave works out for Elon.

Wireless Test Alerts Coming To Some Places In Canada On November 15

Posted in Commentary with tags on November 5, 2023 by itnerd

A new post on the Alert Ready website indicates that there are new tests of the system coming on November 15. Here’s where these tests will be conducted:

  • British Columbia: 1:55 PM PST
  • Manitoba: 1:55 PM CST
  • New Brunswick: 10:55 AM AST
  • Newfoundland & Labrador: 10:55 AM NST
  • Northwest Territories: 1:55 PM MST
  • Nova Scotia: 1:55 PM AST
  • Nunavut: 2:00 PM EST
  • Ontario: 12:55 PM EST
  • Prince Edward Island: 12:55 PM AST
  • Quebec: 1:55 PM EST
  • Saskatchewan: 1:55 PM CST
  • Yukon: 1:55 PM MST

On that day, you might want to shuffle around any Zoom or Microsoft Teams calls to way before or after those times so that you don’t interrupt those calls. The reason being is that the test alerts will hit TV, radio and wireless LTE devices. As in wearable devices that have LTE or phones that have LTE or 5G. The alert is loud and will get your attention as well as the attention of anyone else within earshot or on a Zoom or Microsoft Teams call. Thus consider yourself warned.

You Won’t Believe How Okta Got Pwned

Posted in Commentary with tags , on November 5, 2023 by itnerd

You might recall that Okta’s support systems were pwned by hackers. That led to Okta customers getting pwned shortly thereafter. Well, you won’t believe how Okta got pwned. Here’s the details:

The unauthorized access to Okta’s customer support system leveraged a service account stored in the system itself. This service account was granted permissions to view and update customer support cases. During our investigation into suspicious use of this account, Okta Security identified that an employee had signed-in to their personal Google profile on the Chrome browser of their Okta-managed laptop. The username and password of the service account had been saved into the employee’s personal Google account. The most likely avenue for exposure of this credential is the compromise of the employee’s personal Google account or personal device. 

That’s not good from a specific point of view. More on that in a second. Anurag Gurtu, Chief Product Officer at StrikeReady had this to say:

“The recent security breach at Okta serves as a stark reminder of the potential vulnerabilities that can arise from seemingly innocuous practices, like using personal accounts on company devices. This incident underscores the critical need for organizations to reinforce their cybersecurity policies and ensure that employees are fully aware of the risks associated with mixing personal and professional digital activities.

It’s also a call to action for companies to continuously monitor and manage access privileges, and to deploy multi-layered security measures that can detect and mitigate unauthorized access promptly. Effective cybersecurity is not just about having the right tools; it’s about instilling the right discipline and awareness at every level of the organization. As we assist our clients in navigating their cybersecurity landscape, incidents like these are invaluable learning opportunities to fortify their defenses and prepare for the inevitability of human error.”

Okta said the breach impacted 134 customers, representing less than 1% of all their customers. Not that it matters because one customer who was affected by this is one too many. But to me, it really feels that Okta is throwing the employee under the bus here for having a support system that was clearly vulnerable to attack. Honestly, I think Okta needs to do better here for themselves, and more importantly their customers.