Learning is an Art

As stated by mashable on their post

A new Twitter security flaw has been widely exploited on thousands of Twitter accounts, redirecting users to third-party websites without their consent.

The bug is particularly nasty because it works on mouseover only, meaning pop-ups and third-party websites can open even if you just move your mouse over the offending link.

The flaw uses a JavaScript function called onMouseOver which creates an event when the mouse is passed over a chunk of text. We’ve seen the flaw being abused to launch simple pop-up windows, redirect users elsewhere (including porn sites), and we’ve also seen it used in combination with blocks of color, covering the true “intention” of the tweet.

Twitter was trying to do away with basic authentication from quite a long time and Twitter’s Douglas Bowman confirms this with a tweet today: “Basic Auth for Twitter is almost history. Rate limits are down to 15 requests/hour, and will be 0 by tomorrow.“

As per the twitter documentation the plan to shutdown basic auth was as follows

• beginning on August 17th, 2010, basic auth rate limits will decrease by 15 requests/hour on each week day;
• on August 19th, 2010 at 5pm PDT, basic auth will be shut off temporarily for 10 minutes;
• on August 23rd, 2010 at 8am PDT, basic auth will be shut off temporarily for 10 minutes;
• on August 26rd, 2010 at 5pm PDT, basic auth will be shut off temporarily for 10 minutes; and
• on August 31st, 2010 at 8am PDT, all basic auth requests will be served with a HTTP 401 error code.

Some time back I had written simple python script to do some nifty little stuff using basic authentication of twitter and as I write this article we are moving closer to end of basic authentication. I will update my status using that script for the last time today.