Twitter Fails to Uphold the Social Media Contract

In 1651, Thomas Hobbes published his definition of the the Social Contract Theory in Leviathan. In short, Hobbes wrote that men in the State of Nature possess all freedoms, but that will lead to men fighting with each other and killing each other over land and food. Men give up a degree of their freedom to enter into a Social Contract with a government and in return get protection. Jean Jacques Rousseau and John Locke went a bit further and said that a government exists to support the popular sovereignty of the people, there was a couple Revolutions in late 1700s, and not longer the Declaration of Independence was signed. But that’s history, so let’s focus on the present…

If you apply this theory to Social Media, you get the Social Media Contract Theory, which is pretty much the same concept. If people were out on a free-for-all internet they would end up destroying their personal images on websites like MySpace. Therefore, they give up a degree of their freedom to join private social networking sites such as Facebook and Twitter and in return their account and personal information gets protected.

In Twitter’s case, I disagree. Twitter is downright failing to protect their users. In the past two evenings, I have received a Direct-Message from two separate people that I am following that contains a curiosity-inducing message followed by a shortened link through bit.ly:

This link takes you to a Phising site:

How the 2012 Twitter Direct Message Virus (phishing scam) Works

From what I have been able to gather about the 2012 Twitter Direct Message Virus, it is a Phishing scam that collects your username and password when you login to the fake-login page. From there, it stores your username and password. Within a short period of time, another script, either on a server run by the Virus owner, or more likely by a server hijacked by a different Virus, the Direct Message Virus automatically logs into your Twitter account. It sends all of your followers a Direct Message (see above) with a curiosity-inducing message body and then a link to the fake Twitter Page (also see above). If one of your followers falls for the phishing scam and enters their Twitter username and password on the fake site, the virus will start the whole process over with their account. What’s even more concerning is that many people use the same Username and Password combination on other websites, meaning those are now vulnerable to attacks as well.

In my opinion, Twitter has created an environment which has increased their users base’s likeliness for falling for Phishing attacks. Additionally, their Direct Message security is apparently non-existant. Here’s my opinion on the matter:


Chrome Extension to Block News Feed Posts on Facebook

Today, North Carolina is voting on a Constitutional Ban of same-sex marriage and civil unions. While I am opposed to the amendment, my Facebook news feed has become quite cluttered lately full of other people’s opinions on the matter. I have created a chrome extension to make it easy to block these News Feed stories and easily unfriend the pesky poster…

changes to:

The Extension

Here is the Chrome extension that will block every post with the word “amendment” in it and allow you to easily unfriend the poster:

amendment_none.crx


Naming Conventions Matter – Case Sensitivity in MYSQL and File Systems

I have been in the process of transferring a PHP + MYSQL site built on CodeIgniter from a Windows server to a Linux server and have been dealing case sensitivity problems due to the CamelCase naming convention that was used in parts of the website. This post discusses different options that you should be aware of when deciding on naming conventions if you plan on making your application compatible with both Linux and Windows.

Naming Conventions Matter


Recursively Downloading the NCSU Campus Directory

NCSU provides a Campus Directory that allows you to search for a student or faculty member, and will return certain information as long as they have not opted to be removed from the directory. The directory is very useful for finding a fellow student’s information, but can be publicly viewed by anyone without limitation.

I have written a small recursive script in PHP to go through the entire directory and save each student’s year in school, major, and email. This demonstrates how easy it would be for a business to create a list and send students targeted advertising spam emails. Or even worse- how easy it would be for a hacker to create a list and send students personalized targeted phising emails…


About

My name is Caleb Lloyd. I studied Computer Engineering at North Carolina State University. I enjoy all aspects of Computer Engineering from Microprocessor Architecture to Embedded Systems Development to pure Software Development. This site is meant primarily as a place where I can post coding solutions that I have created for everyday problems. I welcome any comments on my posts, or comments through email if you would like to contact me- caleblloyd on gmail.