updated 05:45 pm EDT, Fri March 30, 2012
TweetDeck taken down over big bug
Twitter said it had temporarily disabled TweetDeck clients Friday after user Geoff Evanson discovered a major bug in user access. Reportedly without doing anything on his own, Evanson could get access to "hundreds" of Twitter and Facebook accounts. As proof, he posted from someone else's account.
No estimated time was given to restore access.
If not an exploit, the discovery is the first bug of its kind on Twitter to give that level of control. It also implies that the login system is sufficiently vulnerable in at least TweetDeck that it can be bypassed entirely under the right conditions.
Twitter hasn't said if the same bug could repeat itself with other Twitter clients, although the lack of similar problems either on the web or in more frequently used desktop and mobile clients makes this less likely. It followed just after the release of TweetDeck 1.3 and may have revealed a flaw not caught in testing the update. [via TechCrunch]