(Image used under: Creative Commons 2.0 [SRC])

So it's not just Facebook that's full of holes and privacy issues. Twitter has been warned by the Federal Trade Commission for their "serious lapses in data security".

The FTC had originally accused the social media service of making private tweets and the login credentials of users easily available to "hackers" between January and May of 2009. During that time, someone was able to gain administrative access to Twitter's system (and therefore access to thousands of user accounts, passwords, direct messages, and more) simply by using password-guessing software. That user reset numerous user passwords, allowing others to access those accounts.

As is always the case, when not required to provide adequate security or privacy, most companies will do what they can get away with and no more. If there's no penalty for doing a bad job, don't be surprised when they don't.

(Image used under: Creative Commons 2.0 [SRC])

I found this pretty amusing:

The world needs a simple word or term that means "the act of creating deliberately confusing jargon and user-interfaces which trick your users into sharing more info about themselves than they really want to." Suggestions?

Although we didn't specifically mention Facebook in our question, … suggestions included "Zuckermining", "Infozuckering", "Zuckerpunch" and plenty of other variations on the name of Facebook's Founder and CEO, Mark Zuckerberg. Others suggested words like "Facebooking", "Facebaiting", and "Facebunk".

In the end, they went with a suggestion of "Evil Interfaces" which refers to any user interface that is designed to trick people out of their data or make them do something they don't want to do. Check out the source article for examples of the kind of "Evil Interfaces" they're talking about.

And one more thing before we go:

OK, perhaps the word "evil" is a little strong. There's no doubt that bad user-interfaces can come from good intentions. Design is difficult, and accidents do happen. But when an accident coincidentally bolsters a company's business model at the expense of its users' rights, it begins to look suspicious. And when similar accidents happen over and over again in the same company, around the same issues, it's more than just coincidence. It's a sign something's seriously wrong.

Beautifully worded.

(Image used under: Creative Commons 2.0 [SRC])

The Library of Congress is planning to create a lasting record of all Tweets. In case you hadn't figured this out already, you have to be extra careful about what you post BEFORE it gets to the 'net.

This is a great idea!

(Image source is unknown)

With tweetMyMoney, you can monitor your account balance, deposits, withdrawals, holds and cleared checks with simple commands. And, you can even transfer funds within your account. It’s all available on Twitter, 24/7! And, the best part is, our tweetMyMoney service is free!

(Emphasis mine)

Hello Twitter banking, goodbye money.

Why anyone thought this was a good idea, I don't know. Granted, you can't transfer money to OTHER accounts, only "within you account", but someone who breaks into your twitter account can still get a lot of information about you and move your money around causing you serious overdraft fees.

The issue at heart here is that getting information about your account and moving money around only requires the security of your Twitter account (which isn't to say much). How many people put strong passwords on their Twitter like they do the bank? How much effort does Twitter put into their security?

I think the idea of alerts to your phone is kind of cool, but maybe the bank should have set up its own Twitter-like messaging service instead of using a public one that's a big fat target of bad guys already.