Copyright © What The Hell? Security
Few security happenings leave me speechless. The FTC’s insanely aggressive settlement over Twitter’s 2009 privacy gaffes practically yanked my tongue clear out of my mouth.
First off, let’s be honest with ourselves for a minute. This is Twitter we’re talking about. Twitter isn’t a bank. It isn’t a medical institution. It isn’t a merchant. It isn’t a financial advisor. (Ok, people use it as a financial advisor, but they really shouldn’t.) Twitter is…well, you know…a DIY fan club kit. Fans not included.
This is the company that the FTC is imposing security audits on until 2030. Twenty-freaking-thirty. Twitter’s three co-founders will average 55.6 years of age in 2030. Hell, the company won’t even have had a revenue model for what, five or six years max. But that’ll teach them.
Furthermore — now pay attention here because this is really important — by promoting the “security” of Twitter, the FTC is paving the way for an abundance of unforeseen use cases to be built atop it. Ones with security ramifications that will give us a hangover that lasts beyond 2030.
Here’s the one I’m waiting for. To fully appreciate it, you have to place your head in a vise and squeeze for a minute. Now look at me. No, over here. Twitter does make for a helluva pubsub messaging backbone, doesn’t it? With some clever XORing I bet somebody could build a secure transaction processing system on top of it. Hell, a secure cloud transaction processing system.
Don’t forget to release the vise.
Filed under: security, security sense
