Web brands, get your house in order

Web brands, get your house in order

Summary: Every time there's a Twitter hack, every time there's a Google privacy snafu, it hurts the credibility of cloud providers that are trying to build the confidence of the business world and the public at large.


The time for playing around is over. It's not 1999 any more. Web brands have to get serious about the services they're delivering and the support they put behind them. Every time there's a Twitter hack, every time there's a Google privacy snafu, it hurts the credibility of cloud providers that are trying to build the confidence of the business world and the cloud-surfing public at large.

I cannot believe what I have just read in The Guardian's technology blog about the hacking of Twitter's home page today:

"Timing was key: on the west coast of the US, where Twitter is sited, it was the middle of the night, so nobody would have been watching for security flaws."

I'm sorry, what was that again? Does management at Twitter believe that running a global Web brand is a 9-5 job? The official account just released says that Twitter "was notified" at 2:54 am PDT and "immediately went to work on fixing it" so Charles Arthur at The Guardian was extrapolating somewhat creatively from the facts known when he wrote his blog post. But it was another four hours before Twitter posted any public acknowledgement of the problem, so the rest of his account still seems like a fair assessment:

"While all this was going on, Twitter was only just waking up. At 2.35pm BST — or 6.35am at Twitter HQ — it put out its first warnings. 25 minutes later, it had solved the problem."

In this day and age, I wonder how difficult is it to have an escalation process in place that can properly deal with security flaws through the night? — especially knowing how often exploits often surface first in the Far East or in Russia. I am flabbergasted to learn that an organization of the size and stature of Twitter has not got better nighttime cover.

I was equally aghast at Google's handling of the episode that surfaced last week over an engineer who had abused his position by accessing Google accounts belonging to people he knew, including four minors. According to the original Gawker story, this behavior went on "for months" without any action being taken, and he was "quietly fired by the company" only after complaints had been lodged on behalf of some of those affected. This was in July, and it was not until September that the story became public. In the meantime, emails from Google reproduced in the Gawker report made it clear that management tried to cover up the incident. It also came to light that this is the second time Google has fired an engineer for abusing his position in this way.

What horrified me about the Google case was the message its 'quietly-quietly' approach (since reiterated to Danny Sullivan) sends to the rest of its engineers. It's setting up a 'don't get caught' culture in which engineers and their managers are effectively encouraged to sweep such incidents under the carpet. That's not going to clear it up. Michael Arrington says they should automatically be prosecuted, and it might have to come to that, but first of all Google needs to make clear that any abuse of privacy by its staff will not be tolerated and will always result in instant, automatic and public dismissal.

If brand leaders won't set the highest standards, then the whole industry risks being brought into disrepute.

Topics: Google, Browser, Security, Social Enterprise

Phil Wainewright

About Phil Wainewright

Since 1998, Phil Wainewright has been a thought leader in cloud computing as a blogger, analyst and consultant.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • RE: Web brands, get your house in order

    Too late; 99% of the industry si already down the tubes that way. You keep your house in order and let me worry about mine.
    • RE: Web brands, get your house in order

      yea ! You keep your house in order and let me worry about mine. Thanks!
      <a href="http://www.fbfauto.com.br/ar-condicionado">Ar Condicionado Automotivo</a> | <a href="http://loja.fbfauto.com.br/">Pecas</a>
    • RE: Web brands, get your house in order

      With the crisis now the trend is only getting worse, unfortunately. The era of easy credit is over and now investors are leaving the country. Let's hope for a recovery and that neoliberalism is reconsidered.
      <a href="http://www.etil.com.br">Etil Loja lampadas iluminacao</a> <a href="http://www.brindesmonarch.com.br">Grafica Brindes Monarch</a> <a href="http://www.asacompanhantessp.com.br">gatas acompanhantes</a>
  • 4 hours to fix a xss attack

    Come on Phil, get real. 4 hours to identify, code, test, release a fix for this vulnerability to a website that is used by millions is incredible. I can't think of any other organisation that has responded this quickly to this kind of attack. Sure with hindsight the vulnerability shouldn't have existed, but I think 4 hours is amazingly responsive for a fix to production. Hell, if a bricks and mortar organisation had a similar real world incident (eg shop windows smashed in middle of the night), I doubt that the windows would be patched and fixed 4 hours later.
    Nick Maxwell
  • no systems are perfect

    cars get recalled
    washing machines break down

    that's life

    on or off line

  • RE: Web brands, get your house in order

    Yea, i agree in it is very informative and useful for the internet users like me. I will come back to read more blog posts on your website and I have bookmarked your website as well Thanks!
    <p><a href="http://www.e-arcondicionado.com/">Ar Condicionado</a> <a href="http://www.imoveisexpress.com.br/">Imoveis</a> <a href="http://www.acompanhantes.org/">Acompanhantes</a> <a href="http://www.webdocorpo.com.br/massagistas">Massagistas</a></p>
    douglas higieniza
  • RE: Web brands, get your house in order

    very informative
    <a href="http://www.acompanhantessaopaulo.com.br/garotas-de-programa-sp">garotas de programa sp</a>
    <a href="http://www.rioclass.com.br/">acompanhantes rj</a>
  • RE: Web brands, get your house in order

    Very a Good! Esse artigo serviu para o meu trabalho aqui no Brasil. Muito Obrigado!
    <a href="http://www.lojatensordin.com.br/lojatensordin/home.asp">tensordin</a>
    <a href="http://www.boaputaria.com/2011/08/17/casada-de-curitiba-com-2-caiu-na-net">caiu na net curitiba</a>
  • RE: Web brands, get your house in order

    We will apply it here in our work: www.d2bagenciadigital.com.br. Thanks!
    D2B Comunica&Atilde;&sect;&Atilde;&pound;o