The now so famous attack on celebrities Twitter accounts, among which figure Barack Obama and Britney Spears is being discussed all over the Internet, and as always everybody knows better. One idea is to ask twitter to implement the OAuth stack.

While I’m a huge fan of OAuth, and think it’s a good idea to (finally) add it to OAuth, because giving my twitter password to everybody feels very unsafe, we have to see that the lack of OAuth has nothing to do with this last, most publicized attack on them.

Well first of all, what is it the OAuth does? As oauth.net puts it:

Everyday new website offer services which tie together functionality from other sites. A photo lab printing your online photos, a social network using your address book to look for friends, and APIs to build your own desktop application version of a popular site. These are all great services – what is not so great about some of the implementations available today is their request for your username and password to the other site. When you agree to share your secret credentials, not only you expose your password to someone else (yes, that same password you also use for online banking), you also give them full access to do as they wish. They can do anything they wanted – even change your password and lock you out.

The issue with these 33 accounts is different from the Phishing scam aimed at Twitter users this weekend. These accounts were compromised by an individual who hacked into some of the tools our support team uses to help people do things like edit the email address associated with their Twitter account when they can’t remember or get stuck. We considered this a very serious breach of security and immediately took the support tools offline. We’ll put them back only when they’re safe and secure.

I’ve been looking for a good way to manage the comments on my blog, and encourage new users to comment, for a long time, but haven’t found anything. IntenseDebate promises to revive commenting, so I decided to give it a try. Especially features like identity management, OpenID integration and Threaded commenting are nice. On the downside however all comments are loaded dynamically via JavaScript which means that they are not indexed by search engines and commenters will not be credited with backlinks from their comments, which is bad for pagerank. Many blogs however use the no-follow tag to tell search engines not to consider the links in comments for ranking, therefore this point is not so important.

Another point that certainly made it easy to try IntenseDebate out is that comments can be imported and exported from and to the blog, and if I’ve had enough, I can just pull my comments out of ID again. If only more companies would allow me to

The trojan in question (Troj/Qhost-AC) identified by anti-virus company Sophos, is a rather unusual one. It doesn’t seem to install spyware or traditional malware, but instead blocks access to the two most popular BitTorrent sites.

The question remains, who is behind this? While some might argue that the MPAA, RIAA or other anti-piracy advocates might be the source, we think it more likely that the attack originates from a relatively innocent prankster targeting pirates.

Via TorrentFreak

As if keeping tabs on my tasks wasn’t hard enough, Google just added a Task list to it’s Mail application. It seems to me that Google is using its popular mail client to start off quite some tools lately. First we get the contacts manager, then the iGoogle Gadgets get added to Gmail and now the Task List.

Not everybody is happy about it though. As Marshall Kirkpatrick points out:

Gmail has been limping along for days, with scores of people reporting down time, super slow responsiveness and other troubles. With no communication from Google about the problem - what are users to think? Perhaps that we should put more of our lives in the hands of the Gmail team!