my Twitterank is 9999.99 http://twitterawesomeness.com/
Just a short post to remind users to be careful with their online credentials.
Twitterank appears to have grabbed the limelight (tonight, GMT) as one such web application that relies on folks wanting to be popular…or at least find out how popular (or not) they are in comparison to some metric that ranks them over other users.
However it’s basically a user-name and password harvesting mechanism. I have a suspicion that it’s a social experiment and all those passwords that were collected will not be used for anything dodgy. Whatever the truth, in the wrong hands the possibilities are endless – here are a couple to worry you: @blowdart and @camurphy
camurphy: @blowdart @dacort – true evilness would be to post random tweets from random victims…did I just say that out loud?
blowdart: @CAMURPHY @dacort Stuff like “I’m wearing my sister’s panties”. DO IT!
If you have received a Twitterank, my advice to you is that you change your Twitter password immediately. Once you’ve done that, any other places that you use that same password for, change it there too.
A safe parody of the site can be found here, courtesy of @dacort.
There’s more here:
http://blogs.zdnet.com/collaboration/?p=163
http://mashable.com/2008/11/12/twitterrank/
http://www.louisgray.com/live/2008/11/twitterank-can-have-my-password-no.html
http://www.guardian.co.uk/technology/blog/2008/nov/13/twitter-password-security
If you must rank yourself, check out twitter.grader.com – it doesn’t need your password to give you some feel-good factor!
Oh, @t_rank, I’m still waiting for reply to this polite request!
Hey Craig,
The guy who created TwitterRank is just another Valley engineer, and the ZDNet blog post is totally baseless.
If you’re curious you can talk to the guy yourself: ryo@iloha.net or http://twitter.com/ryochiji
AFAIK, TwitterRank needs you credentials because it uses who you’ve replied to and who is replying to you to calculate the rank. twitter.grader.com is cute, but TwitterRank uses Real Math(tm) a la Google’s PageRank.
I am not too concerned about passing along my credentials to Twitterank. Many 3rd party sites ask for Twitter User ID and password, and that’s due to Twitter not using OAuth yet. Twitter Karma and others do the same thing.
More here:
http://www.louisgray.com/live/2008/11/twitterank-can-have-my-password-no.html
Why would they want to post “random tweets from random victims”? I mean what’s the point? That’s as kiddish as taking over an IRC channel and kicking everybody out :\ it makes no sense
Sure, we always have to be careful, just a lil’ bit paranoïds
@kovshenin – that is the irony of gathering passwords in this fashion – it *is* “kiddish”, however such an act would cause the most confusion and humour for the harvesting party. You are correct, it makes no sense, but such an act could easily have happened with Twitterank. In such situations, the harvesting party either makes obvious use of their information or subtle use – random tweets from random victims would be considered subtle use.
[…] of zero. The mathematics behind the site were reported via a comment in this blog as being “Real Math(tm)” and were comparable in accuracy to Google’s PageRank mechanism. I’m not a […]