Twitter AAAPI Bug to Open Access to Users' Messages

Due to glitch in Account Activity API, a copy of a private message was sent to a random recipient 
25 September 2018   1179

On September 10, 2018, Twitter detected a bug in the Account Activity API (AAAPI) sending a copy of a private message to a random recipient. The company officially stated that the error affected less than 1% of users. The developers fixed the problem within a few hours of detection. Currently Twitter sends notification to potential victims and works to neutralize possible damage.

The Account Activity API is designed to communicate with developers on the Twitter platform. Using this interface, contractors can send private messages to each other. The detected error led to the fact that, at the confluence of certain circumstances, information and tweets of clients came to third-party destinations. A bug in the interface existed in May 2017 and could affect any interactions over the past 16 months.

Twitter states that only officially registered developers could receive random messages. Currently, there is correspondence with possible recipients. Representatives of the company promise to monitor the developers' compliance with their obligations and make sure that the information received is illegally received.

Problems of information leakage due to developer errors or hacker attacks regularly pop up in the IT field. In early September, 2018, Family Orbit, a company specializing in the hidden control of user actions, allowed a leakage of 281 gigabytes of data obtained during the surveillance process.

Node.js v12.0.0 to be Rolled Out

It has giant list of updates, improvements and changes
24 April 2019   111

The release of Node.js 12.0.0, a platform for executing network applications in JavaScript, is available. Node.js 12.0 refers to branches with a long period of support, but this status will be assigned only in October, after stabilization. Updates for LTS branches are issued for 3 years. Support for the last LTS branch of Node.js 10.0 will last until April 2021, and the year before last LTS-branch 8.0 until January 2020. Support for the intermediate branch Node.js 11.0 will be discontinued in June 2019. The lifetime of the LTS branch 6.0 will end on April 30.

These are some of the large list of updates and new staff:

  • V8 engine was updated to version 7.4 with support for asynchronous stack traces, increasing await performance, parsing JavaScript and calls when the actual and declared number of arguments does not match;
  • TLS 1.3 is now¬†supported in the tls module and TLS 1.0 / 1.1 is shutdown by default;
  • Enhancing protection and checks on the size of allocated memory in the Buffer class;

Get more info at official website.