Menshn, an alternative to Twitter created by Conservative MP Louise Mensch, has experienced a tidal wave of vulnerability reports after its co-founder Luke Bozier tweeted that the website is “safe, clean & secure”.
Menshn launched in the UK on Sunday, after being tested in the US for about a month. The website was opened to the British public ahead of schedule to take advantage of the trending Euro 2012 tournament topic.
Menshn is jointly-owned by Mensch and the former Labour digital adviser Luke Bozier. It was designed to focus on political debate in real-time, condensed in 180 characters or less.
Nick S, the principal software engineer for mobile apps at Velti, found an XSS issue that allowed an attacker to compromise the website, by simply pasting JavaScript code into the e-mail address submission field during registration.
The same vulnerability was confirmed by other Twitter users. Some have claimed that the website allows easy access to personal details and is the perfect platform to start a viral outbreak.
Other users raised questions about the site’s use of cookies, as there was no obvious warning – as required under European law – about the implementation of user tracking.
In addition, Twitter integration on the site crashed within two hours of UK launch.
We should also mention that today, TechWeekEurope has experienced serious stability issues while trying to access Mensh.
https://twitter.com/pixeltrix/status/217008451849695233″ data-datetime=”2012-06-24T21:37:01+00:00
Bozier has defended the site, saying that people were simply ‘claiming’ that they had found flaws, and the service was secure.
After ignoring security advice for a while, the Menshn team decided to heed the warnings and at the time of this story being published, it was claimed that the XSS vulnerability has been fixed. The website has also switched to HTTPS encryption by default.
However, it seems that Menshn controversy is far from over:
https://twitter.com/twitinsin/status/217261220070297600″ data-datetime=”2012-06-25T14:21:26+00:00
https://twitter.com/froots101/status/217162299868315649″ data-datetime=”2012-06-25T07:48:21+00:00
How well do you know Internet security? Try our quiz and find out!
Digital transformation is an ongoing journey, requiring continuous adaptation, strong leadership, and skilled talent to…
Australian computer scientist faces contempt-of-court claim after suing Jack Dorsey's Block and Bitcoin Core developers…
OpenAI's ChatGPT gets search features, putting it in direct competition with Microsoft and Google, amidst…
New Google Maps allows users to ask for detailed information on local spots, adds AI-summarised…
US-sanctioned Huawei sees sales surge in first three quarters of 2024 on domestic smartphone popularity,…
Apple posts slight decline in China sales for fourth quarter, as Tim Cook negotiates to…