Forgot your password?
typodupeerror
Security Social Networks IT

Hacker Sends Out Fake Tsunami Warning On Twitter 100

Posted by samzenpus
from the false-wave dept.
An anonymous reader writes "A Twitter account belonging to an official adviser of the Indonesian president has been broken into by a hacker who posted a warning that a tsunami was heading for Jakarta. Andi Arief is Indonesian president Susilo Bambang Yudhoyono's disaster management adviser and a frequent user of Twitter. But when he lost control of his account, a tsunami warning was sent out to Twitter users."
This discussion has been archived. No new comments can be posted.

Hacker Sends Out Fake Tsunami Warning On Twitter

Comments Filter:
  • by mirix (1649853) on Friday November 26, 2010 @01:43AM (#34347730)

    Trusting twitter? Turn on the TV or radio. Perhaps check the meteorological service's website.

    • Re: (Score:3, Insightful)

      by rastilin (752802)
      That would be a good idea if it weren't a life or death thing. If you get a message saying "Death is coming, run for your life", going indoors to check the weather channel might not be the ideal course. Do you know the joke where during a firefight, the commander screams "heads up" and the dude in the back stands up and says "Why?"?
      • by antifoidulus (807088) on Friday November 26, 2010 @01:58AM (#34347778) Homepage Journal
        But if you have access to the internet then they still should include a link in the tweet to an official government site with more info. Plus such a link would help verify that the tweet is real.
        • by rastilin (752802) on Friday November 26, 2010 @02:14AM (#34347822)
          You're right, it's a matter of convenience. If it takes any longer than a few seconds, I vote for running.
          • by Rakshasa Taisab (244699) on Friday November 26, 2010 @02:18AM (#34347834) Homepage

            Better a live fool 100 times than a dead fool once.

            You never know how long you got after a tsunami warning unless they actually state it originated far enough away, as there's a few minutes delay before the warning reaches you.

            • Re: (Score:1, Insightful)

              by Anonymous Coward

              You could just, you know, look at the water. A tsunami is a very long wave, so if it is coming, the water will recede before it comes back. It doesn't happen instantly, but when you see the water receding, you better hoof it!!

              If the water does not recede, then there is no tsunami or a very small one.

              • by TheLink (130905)
                You might not be close enough to the shore to see the water.

                I suppose if you see people running past you away from the shore, it's not a good idea to run to the shore to see if the water is receding ;).
              • Re: (Score:3, Insightful)

                by interkin3tic (1469267)

                For those people who are within sight of the beach when they are checking twitter, yes, a glance would have been an indication.

                For anyone who is more than seconds away from verifying themselves, which I would assume is most people who would be affected, no, that's idiotic. The minutes it takes you to observe the water level could be the minutes you'd need to get yourself and your family out of the danger zone. -Toward- the water is not where you want to go in the event that the tsunami was about to hit.

                • Re: (Score:1, Insightful)

                  by Anonymous Coward

                  Twitter == Internet access

                  Check the weather online. Relying on Twitter is stupid.

              • by tehcyder (746570)

                You could just, you know, look at the water. A tsunami is a very long wave, so if it is coming, the water will recede before it comes back. It doesn't happen instantly, but when you see the water receding, you better hoof it!!

                If the water does not recede, then there is no tsunami or a very small one.

                Yes, because that is exactly how you would behave if you thought your life was in imminent peril.

              • by khallow (566160)

                so if it is coming, the water will recede before it comes back.

                Unless it doesn't do that. I understand what sort of warning, if any, you receive can depend on local conditions. For example, if your beach is in a lagoon with a very restricted outlet, you might not see any drop in water level before the tsunami hits. Also, from glancing on the web, there's at least one iceberg triggered tsunami (Greenland 1995) which didn't generate that sort of warning (though the ice calving was visible from the beach, there was a few seconds of warning).

              • by Angostura (703910)

                Just to be clear. You believe that, on receiving an substantiated Tsunami warning, I should drive half a mile to the beach, just to check whether the water has disappeared?

            • by denzacar (181829)

              Better a live fool 100 times than a dead fool once.

              There IS though, such a thing as being too cautious. [darwinawards.com]

        • by delinear (991444)
          What's to stop a fake link in the tweet? Besides, people already thought this was officially coming from the government. This isn't a failure of the people in relying on an insecure communication system, it's a failure of the government for jumping on the "trendy" bandwagon without thinking through all the implications. If they'd confined such reports to radio and television, for instance, it would have been a lot harder to spoof.
        • Yes but most of the people in Indonesia don't have smart phones, and would probably get it via SMS

      • by Beelzebud (1361137) on Friday November 26, 2010 @02:28AM (#34347864)
        Which is probably why you shouldn't be relying on Twitter for issues of life and death...
        • by tehcyder (746570)

          Which is probably why you shouldn't be relying on Twitter for issues of life and death...

          Or the internet, newspapers, radio or TV.

          In the UK, the BBC weather forecasters famously got it wrong the evening of the great storm of 1987. If I couldn't trust the BBC to give a sensible forecast, where else was I going to get better information?

          • by delinear (991444)

            Well you'd be wrong to throw out all available data just because of one poor result. Generally the Met Office do a reasonably accurate job (as accurate as possible where weather is concerned), so to ignore everything they say just because of one error is not the best approach, especially since that error enabled them to further improve their systems [wikipedia.org] to ensure better accuracy in the future:

            The Met Office conducted an internal inquiry, scrutinised by two independent assessors, and a number of recommendations were made. Chiefly, observational coverage of the atmosphere over the ocean to the south and west of the UK was improved by increasing the quality and quantity of observations from ships, aircraft, buoys and satellites. Continued refinements were made to the computer models used in forecasting, and changes were made in the training of forecasters. In addition, reforms in the way the Met Office reports warnings of severe weather were implemented, leading to substantially more warnings being issued in the future. Further deployment of improved tracking devices and improvements in the computer model simulations were supported by the purchase of an additional Cray supercomputer. Warnings for the Burns' Day storm three years later were accurate and on time.

            The point is, with newspapers, radio and the TV it's much harder to "hack" that distribution channel, so while the infor

    • USGS FTW
       

      Sent from my PDP-11

      Using the PIP command I assume.

    • by md65536 (670240) on Friday November 26, 2010 @02:31AM (#34347882)

      Trusting twitter? Turn on the TV or radio. Perhaps check the meteorological service's website.

      True. The only twit that I'd trust on this subject are along the lines of "LOL @tsunami".

      I would wait for an official blog post from Susilo to find out if there is indeed a tsunami, and how does he feel about it.

      For safety through redundancy, Susilo could also send out a message such as "Please 'Like' my 'Oh noes tsunami coming' facebook page and check out my youtube video of me on a webcam saying that a tsunami is coming!"

      • Re: (Score:2, Funny)

        by md65536 (670240)

        check out my youtube video of me on a webcam saying that a tsunami is coming!"

        I just had to add a transcript for the youtube video...

        "Hey everyone, it's me, Susilo here. I just made this video to talk about a tsunami, but first I just want to say hi to all my peeps, and thanks for your supportive comments. All you haters out there tryin to step to me and hacking my Twitter can just step off my grill. But what I really wanted was to just come on this video and say that there's a tsunami coming. So yeah, that's basically it, really. That's all I really wanted to say. So I guess you kno

      • by tehcyder (746570)

        I would wait for an official blog post from Susilo to find out if there is indeed a tsunami

        But why would a blog post be more official or convincing than a twitter post?

    • Trusting twitter? Turn on the TV or radio. Perhaps check the meteorological service's website.

      Because it's so hard to broadcast a lie on public frequencies? I'd say it's easier: I myself with cheap consumer equipment have broadcast on FM, but I've never hacked a password.

      No matter if the delivery medium is Twitter or radio, the communication originated from the office of Disaster Management. That is believable enough for me, thanks.

  • by Anonymous Coward

    Really, I don't. I barely trust any of my e-mails, too many I get are offers for things that are obviously not real, or they are simply "phishing" to try to see if they can convince me to visit their website.

    Somebody once said we could get rid of the postal service by putting government services on the Internet, and I just cringed. It's bad enough worrying about fraud in the mail, but on the Internet? It's so much worse I don't even want to bother with anything truly important. You can lie to me all

  • Asshat (Score:3, Insightful)

    by gavron (1300111) on Friday November 26, 2010 @01:56AM (#34347772)
    He didn't "lose control of his account", and a hacker didn't "take over his account."

    People in responsible positions shouldn't be asshats about their passwords.

    Sorry, asshat, next time don't have an easily guessable dictionary password and blame the rest of the world for your folly.

    E

    • by Mashiki (184564)

      Hey now. That's an insult to asshats everywhere. I think you're looking for technologically inept nutbag.

    • So...was the password "asshat"?
    • Re:Asshat (Score:5, Insightful)

      by tsj5j (1159013) on Friday November 26, 2010 @06:00AM (#34348580)

      It's sad that such an uninformative troll post is modded insightful.

      Nowhere in the source did they confirm that his account was compromised due to a weak password.
      The source speculates it to be so, but given Twitter's security record it may not be so.
      Perhaps his password was recovered with forgot password, or a vulnerability found.

      Furthermore, weak passwords aren't the only way passwords get compromised.
      More often than not, social engineering or a brute force of his publically available information is used.
      He may have fallen for a phishing attempt in which a layman is unable to differentiate, or used an infected PC.

      Most importantly, either technical inexperience or weak passwords doesn't justify impersonation or calling anyone an asshat.
      Slashdot must accept that people are skilled in different fields, and IT is just but one of them.
      There's this foolish mentality around here that everyone must be experienced and knowledgeable in IT, when slashdotters are themselves clueless in many other fields - for example, fashion or (.

    • by tehcyder (746570)

      He didn't "lose control of his account", and a hacker didn't "take over his account."

      People in responsible positions shouldn't be asshats about their passwords.

      Sorry, asshat, next time don't have an easily guessable dictionary password and blame the rest of the world for your folly.

      E

      And how do you know that it was an easily guesable dictionary password?

      PS the asshat is the one who used the account to send out ogus emergency messages.

    • by davev2.0 (1873518)
      Really? So, if someone breaks into your house and steals from you, the cops should say "Sorry, asshat, next time don't use a crappy lock with short screws in the plate, don't use glass in your windows, buy a monitored alarm and use it, and blame the rest of the world for your folly.
  • by ignavus (213578) on Friday November 26, 2010 @02:01AM (#34347786)

    It is all a matter of operator precedence:

    fake (tsunami warning) versus (fake tsunami) warning

  • by gweihir (88907)

    I think this qualifies as terrorism. That the account may not have been secured well does not matter. Most terrorist targets are not secured well. This has the potential to cause panic and significant loss of life.

    I hope they get this person and that the sentence will fit the potential damage.

    To all those that think this is only a prank: It is about as much a prank as setting a building on fire. Occasionally stupid teenagers do this and then become murderers. This is similar. I do not see any reason for len

    • by zmollusc (763634)

      Maybe the person concerned just didn't think it through enough to make it funny? A warning of a tsunami that was six months away, or that would hit only a tiny and highly specific area, would have been funny.Well, funnier. Maybe.

      • by Pharmboy (216950)

        Maybe the person concerned just didn't think it through enough to make it funny?

        That is what prisons are for. Not to rehabilitate or punish, but to isolate people who are stupid and their action have previously, and are likely in the future, to cause injury to other people. You protect society by isolating those that are not capable of functioning within it.

    • Doesn't terrorism require political or religious motives? I don't really see any in this case. This looks like some attempt at humor.
    • by Combatso (1793216)
      Quiet you! I dont want to have to submit to a full body scan before using twitter.
    • by davev2.0 (1873518)
      But, there was no coercion, no attempt to force one's ideology, political, or religious beliefs upon others through the use of fear inspired by violence or threat of violence. This was just "a prank", a very dangerous, malicious, vicious prank on the level of shouting fire in a crowded theater after baring most of the doors.
  • by Anonymous Coward

    This just in, who gives a fuck it's twitter.

  • "a warning that a tsunami was heading for Jakarta." ??? I must be missing something very obvious because I feel like this should not be the case! I appreciate the help so much...
  • Twitter being used for anything more than "ahah I saw this hot chick who had 'pink' across the back of her shorts" is laughable.
    Only a third world country would rely upon twitter as they're emergency broadcast system...
    Next thing you know, their entire telco infrastructure will be based on Skype.

"Text processing has made it possible to right-justify any idea, even one which cannot be justified on any other grounds." -- J. Finnegan, USC.

Working...