Published Date: 2010-09-21
| Postmortem Analysis | |
|---|---|
| Timeline | 1. The software failure incident happened in September 2010 [2904, 2872, 2952]. |
| System | 1. Twitter's website security system failed to prevent a cross-site scripting (XSS) vulnerability, allowing malicious users to exploit the flaw and redirect users to unauthorized websites [Article 2904, Article 2872, Article 2952, Article 2845]. 2. Twitter's website failed to properly sanitize user input, specifically failing to escape characters like " which led to the execution of JavaScript code [Article 2872, Article 2952]. 3. Twitter's security measures were insufficient to detect and prevent the XSS attack, leading to the exploitation of the vulnerability by malicious users [Article 2904, Article 2952, Article 2845]. 4. Twitter's website failed to disable the execution of JavaScript code posted by users within tweets, allowing the XSS attack to spread rapidly [Article 2952]. 5. Twitter's security team failed to address the reported XSS vulnerability promptly, as the flaw was known about a month before the attack occurred [Article 2845]. |
| Responsible Organization | 1. The software failure incident on Twitter was caused by hackers who exploited a security flaw, leading to users being redirected to Japanese porn websites and other malicious activities [2904, 2872, 2952, 2845]. |
| Impacted Organization | 1. Twitter users, including Sarah Brown and White House press secretary Robert Gibbs, who were redirected to Japanese porn websites or had their accounts affected by the security flaw [2904, 2952, 2845] 2. Twitter itself, as the security flaw allowed for the exploitation of its website and affected its users [2904, 2952, 2845] |
| Software Causes | 1. Cross-site scripting (XSS) vulnerability allowed malicious code to be executed on Twitter's website, leading to users being redirected to Japanese porn websites and other unwanted actions [2904, 2872, 2952]. 2. Failure to properly sanitize input data, specifically not escaping characters like " in tweets, which allowed for Javascript injection and execution [2872, 2952]. 3. Lack of proper security measures on Twitter's website, making it vulnerable to exploitation and attacks [2904, 2952]. 4. Discovery of a security flaw by a 17-year-old Australian schoolboy, leading to the creation of a 'mouseover worm' that caused chaos on Twitter [2845]. |
| Non-software Causes | 1. Lack of proper security measures on the Twitter website, leading to the exploitation of a security flaw by users [2904, 2952]. 2. Delay in addressing reported vulnerabilities, as Twitter was aware of the flaw a month before the incident but failed to properly fix it [2845]. |
| Impacts | 1. Users were redirected to Japanese porn websites when moving their mouse over certain content on Twitter, causing concerns about the safety of popular social media sites like Twitter [2904, 2872, 2952]. 2. Thousands of Twitter accounts were affected by the security flaw, with messages exploiting the flaw spreading rapidly [2952]. 3. The flaw allowed malicious code to be posted inside tweets, leading to potential redirection to third-party websites containing malicious code or spam advertising pop-ups [2952]. 4. The incident led to chaos on the microblogging site for about five hours, affecting users globally, including high-profile individuals like the wife of the former British Prime Minister and the White House press secretary [2845]. 5. The incident raised questions about Twitter's security measures, as the website had known about the flaw for a month prior to the incident, and updates failed to properly fix it [2845]. 6. The vulnerability was exploited by various individuals, including a 17-year-old Australian schoolboy who admitted to starting the worm that affected thousands of users [2845]. |
| Preventions | 1. Properly sanitizing user input to prevent JavaScript injection attacks could have prevented the software failure incident [Article 2872]. 2. Implementing stricter security measures on the website, such as disabling the ability for users to post chunks of JavaScript program code inside tweets, could have prevented the exploit [Article 2952]. 3. Taking precautions to disable code by "escaping" relevant characters, like the onMouseOver function, could have prevented the exploit from being activated [Article 2952]. 4. Conducting thorough security testing and audits to identify and address vulnerabilities before they can be exploited by malicious actors could have prevented the incident [Article 2845]. |
| Fixes | 1. Properly sanitizing input to prevent JavaScript injection attacks like the XSS vulnerability exploited in the incident could fix the software failure incident [Article 2872]. 2. Disabling the ability for users to post chunks of JavaScript program code inside tweets or escaping relevant characters to prevent the activation of malicious code could help prevent similar incidents in the future [Article 2952]. 3. Implementing higher security measures on the website, such as better handling of potential security flaws and vulnerabilities, could prevent similar attacks from occurring [Article 2904]. | References | 1. Twitter's safety chief tweet [2904] 2. Security technology company Sophos [2904] 3. Japanese developer Masato Kinugawa [2872] 4. Scandinavian developer Magnus Holm [2872] 5. Sarah Brown, wife of former Prime Minister Gordon Brown [2952] 6. Graham Cluley, security expert at Sophos [2952] 7. Richard Gaywood, British developer and blogger [2872] 8. Australian schoolboy Pearce Delphin [2845] 9. White House press secretary Robert Gibbs [2845] 10. Russian Aleks Bo [2845] 11. Japanese software developer Masato Kinugawa [2845] 12. Swedish software developer [2845] 13. Stan Schroeder of Mashable.com [2845] |
| Category | Option | Rationale |
|---|---|---|
| Recurring | one_organization, multiple_organization | (a) The software failure incident related to the XSS vulnerability on Twitter's website had happened before within the same organization. Twitter had reported a security flaw in April 2009, which it fixed at the time after several attacks [Article 2904]. (b) The software failure incident related to the XSS vulnerability on Twitter's website had also happened at other organizations or with their products and services. The incident was not limited to Twitter as similar vulnerabilities were exploited by hackers affecting thousands of users and causing havoc on the microblogging site [Article 2845]. |
| Phase (Design/Operation) | design, operation | (a) The software failure incident related to the design phase: - The incident was caused by a security flaw in Twitter's website that allowed users to exploit a vulnerability by inserting chunks of JavaScript code inside tweets, which Twitter did not properly disable by "escaping" the relevant characters, making the JavaScript active [Article 2952]. - The exploit used a method known as "cross-site scripting" (XSS) and was discovered by a Japanese developer who reported it to Twitter but found that the new Twitter design still had the same problem [Article 2872]. (b) The software failure incident related to the operation phase: - Users were affected by the security flaw when viewing links on the Twitter website itself, as the malicious code would redirect users to a Japanese hard-core pornography site without clicking the link [Article 2952]. - The flaw allowed messages to pop up and third-party websites to open in the browser just by moving the mouse over a link, affecting thousands of Twitter accounts [Article 2952]. |
| Boundary (Internal/External) | within_system, outside_system | (a) The software failure incident involving Twitter's security flaw was primarily within_system. The incident was caused by a vulnerability in Twitter's website that allowed users to post chunks of JavaScript code inside tweets, which became active due to Twitter not properly disabling the code by "escaping" the relevant characters [Article 2952]. The exploit was a classic piece of JavaScript injection that took advantage of a flaw in Twitter's link-making function, allowing malicious code to be executed when users moved their mouse over a link [Article 2872]. Twitter acknowledged the issue and stated that the vast majority of exploits related to the incident were categorized as pranks or promotions [Article 2845]. (b) Additionally, the incident involved outside_system factors as hackers exploited the security flaw to redirect users to Japanese porn websites and other third-party sites [Article 2904]. The incident was triggered by a 17-year-old Australian schoolboy who discovered the vulnerability and initiated the worm that affected thousands of Twitter accounts, including high-profile users like the White House press secretary and the wife of the former British Prime Minister [Article 2845]. The exploit spread rapidly across the platform, affecting users worldwide and causing chaos on Twitter [Article 2845]. |
| Nature (Human/Non-human) | non-human_actions, human_actions | (a) The software failure incident occurring due to non-human actions: - The software failure incident on Twitter was due to a security flaw that allowed messages to pop up and third-party websites to open when a user moved their mouse over a link. This flaw was exploited by users, leading to redirects to Japanese porn sites and other unwanted behavior [2904, 2872, 2952]. - The exploit involved a classic piece of JavaScript injection that took advantage of a vulnerability in Twitter's link-making function, allowing executable content to end up in the page source code and run in users' browsers [2872]. - The specific code used in the exploit was onMouseOver, which executed a function when users moved their mouse over the link, without requiring them to click on it [2952]. - The exploit was a second-order injection attack where the attack string was inserted into the database and executed when read back out, highlighting a vulnerability in Twitter's handling of input [2872]. (b) The software failure incident occurring due to human actions: - The incident was initiated by a 17-year-old Australian schoolboy named Pearce Delphin, who admitted to discovering and starting the worm that affected Twitter accounts, including redirecting users to porn sites and causing chaos on the platform [2845]. - Delphin's discovery led to the worm spreading rapidly, affecting users globally and even reaching high-profile accounts like the White House press secretary and Sarah Brown [2845]. - Other users, such as Russian Aleks Bo, also created their versions of the worm, contributing to the widespread impact of the exploit [2845]. - Questions were raised about Twitter's security measures as the website had been aware of the flaw for a month before the incident occurred, indicating a delay in properly addressing the vulnerability [2845]. |
| Dimension (Hardware/Software) | software | (a) The software failure incident occurring due to hardware: - There is no mention of the software failure incident in the provided articles being caused by hardware issues. The incident primarily stemmed from a security flaw in the software itself, specifically related to a cross-site scripting vulnerability [Article 2872]. (b) The software failure incident occurring due to software: - The software failure incident was primarily caused by a software vulnerability related to cross-site scripting (XSS) in Twitter's website, allowing malicious code to be executed when users interacted with certain links on the platform [Article 2872]. - The incident involved the exploitation of a security flaw in the redesigned Twitter site, enabling users to post chunks of JavaScript code inside tweets, which became active due to the lack of proper precautions by Twitter to disable the code [Article 2952]. - The incident involved a 17-year-old Australian schoolboy discovering and exploiting a security flaw that led to the Twitter worm affecting thousands of users, redirecting them to inappropriate websites and causing chaos on the platform [Article 2845]. |
| Objective (Malicious/Non-malicious) | malicious | (a) The software failure incident was malicious in nature. The incident involved a security flaw on Twitter's website that was exploited by users to redirect others to Japanese porn websites and spread malicious code through tweets [2904, 2872, 2952, 2845]. The incident was initiated by individuals, including a 17-year-old Australian schoolboy, with the intent to cause chaos and harm on the microblogging site. The exploit involved injecting Javascript code into tweets to trigger actions like automatic retweeting and redirection to inappropriate websites. The incident led to thousands of Twitter accounts being affected, including high-profile users like the wife of a former British Prime Minister and the White House press secretary. The exploit was described as a 'mouseover worm' that spread rapidly and caused significant disruptions on Twitter. |
| Intent (Poor/Accidental Decisions) | poor_decisions, accidental_decisions | (a) The intent of the software failure incident: - The incident involving the Twitter security flaw was primarily due to poor decisions made by Twitter in terms of handling the XSS vulnerability. The flaw was known to Twitter prior to the incident, but updates failed to properly fix it, leading to the exploitation by users and subsequent chaos on the platform [Article 2845]. - Twitter had been informed about the XSS vulnerability by a Japanese developer in August, but the new version of Twitter launched in September still had the same problem, indicating a lack of proactive measures to address known security issues [Article 2872]. - The incident highlighted poor decisions in terms of security measures on Twitter's website, with experts pointing out that the vulnerability was too easy to exploit and spread rapidly, raising concerns about the platform's security practices [Article 2845]. (b) The intent of the software failure incident: - The incident involving the Twitter security flaw was accidental in nature, as it was initially discovered by a 17-year-old Australian schoolboy who did not realize the extent to which his discovery would be exploited by hackers, leading to the chaos on Twitter for about five hours [Article 2845]. - The schoolboy who initiated the worm causing havoc on Twitter apologized and admitted that he did not anticipate the consequences of his actions, indicating that the incident was not driven by malicious intent but rather by curiosity and experimentation [Article 2845]. - The exploit using the XSS vulnerability was initially used for fun and games by many users, but there was potential for cybercriminals to redirect users to malicious websites or display spam advertising pop-ups, highlighting the unintended consequences of the security flaw [Article 2952]. |
| Capability (Incompetence/Accidental) | development_incompetence | (a) The software failure incident occurring due to development incompetence: - The incident involving the Twitter security flaw was due to a "cross-site scripting" (XSS) hack, which was discovered by a Japanese developer and later exploited by others [Article 2872]. - Questions were raised about Twitter's security as it was revealed that the website knew about the flaw a month before the incident, and updates failed to properly fix it [Article 2845]. (b) The software failure incident occurring accidentally: - The 17-year-old Australian schoolboy, Pearce Delphin, admitted to starting the worm that affected Twitter, causing chaos and redirecting users to porn sites or showing pop-ups accidentally [Article 2845]. |
| Duration | temporary | (a) The software failure incident related to the Twitter hack was temporary. The incident lasted for about five hours, causing havoc on the microblogging site [Article 2845]. Twitter was able to fix the flaw and issued statements confirming that the attack had been fully patched, and hackers could no longer exploit the vulnerability [Article 2904]. Additionally, Twitter mentioned that the vast majority of exploits related to the incident fell under the prank or promotional categories [Article 2845]. (b) The software failure incident was not permanent as it was resolved within a relatively short period, and the system was restored to normal functioning after the security flaw was fixed. |
| Behaviour | other | (a) crash: The incident did not involve a crash where the system loses state and does not perform any of its intended functions. The software flaw in Twitter allowed malicious code to execute when users moved their mouse over a link, causing unwanted pop-ups and redirects, but the system did not completely stop functioning as a result of this flaw [Article 2904]. (b) omission: The incident did not involve omission where the system omitted to perform its intended functions at an instance(s). The flaw in Twitter allowed unintended actions to occur when users interacted with certain links, but it was not a case of the system failing to perform its intended functions [Article 2904]. (c) timing: The incident did not involve timing issues where the system performed its intended functions too late or too early. The flaw in Twitter allowed immediate execution of malicious code upon interaction with specific links, indicating that the system responded promptly to user actions, albeit in an unintended manner [Article 2904]. (d) value: The incident did not involve a failure due to the system performing its intended functions incorrectly. The flaw in Twitter allowed unauthorized code execution upon user interaction with links, but it was not a case of the system executing its functions incorrectly as designed [Article 2904]. (e) byzantine: The incident did not exhibit a byzantine behavior where the system behaved erroneously with inconsistent responses and interactions. The flaw in Twitter allowed consistent execution of malicious code upon specific user actions, leading to predictable outcomes in terms of pop-ups and redirects [Article 2904]. (f) other: The behavior of the software failure incident in the Twitter security flaw incident can be categorized as a security vulnerability that allowed the execution of unauthorized code through user interactions with links. This behavior falls under the category of a security exploit rather than a traditional software failure like a crash or omission [Article 2904]. |
| Layer | Option | Rationale |
|---|---|---|
| Perception | None | None |
| Communication | None | None |
| Application | None | None |
| Category | Option | Rationale |
|---|---|---|
| Consequence | property, theoretical_consequence | (d) property: People's material goods, money, or data was impacted due to the software failure - The software failure incident involving Twitter resulted in users being redirected to Japanese porn websites, causing potential harm to their devices and potentially exposing them to malicious content [2904]. - The security flaw allowed malicious code to be executed, leading to users unknowingly sending links containing malicious code that redirected users to inappropriate websites [2952]. - The incident caused chaos on the microblogging site, affecting thousands of users, including high-profile individuals like the wife of the former British Prime Minister Gordon Brown and the White House press secretary Robert Gibbs [2845]. |
| Domain | information, utilities, other | (a) The software failure incident reported in the articles is related to the information industry, specifically social media platforms like Twitter that facilitate the production and distribution of information. The incident involved a security flaw that allowed malicious users to exploit the system and redirect users to inappropriate websites [Article 2904, Article 2872, Article 2952, Article 2845]. (g) The incident also has implications for the utilities industry, as it highlights the vulnerabilities in online platforms that provide services like power, gas, steam, water, and sewage services. The security flaw in Twitter's system exposed users to potential risks and raised concerns about the safety of online services [Article 2904, Article 2872, Article 2952, Article 2845]. (m) The software failure incident can be categorized under the "other" industry as it pertains to the technology and social media sector. The incident involved a security vulnerability in a popular social media platform, Twitter, which is not directly covered by the traditional industry categories but falls under the broader technology and information sector [Article 2904, Article 2872, Article 2952, Article 2845]. |
Article ID: 2904
Article ID: 2872
Article ID: 2952
Article ID: 2845