How the Twitter StalkDaily Worm spread so fast


If you use Twitter a lot (unlike me) you’ll likely have been alerted and worried about the presence of a worm that’s been making the rounds at the popular micro-blogging website. The so-called “StalkDaily” worm was first noticed on Saturday, and it appeared to be able to “infect” a user’s Twitter profile, causing random tweets about the StalkDaily website (don’t go there) to show up on their profile. Furthermore, other user’s Twitter profiles could also become infected, seemingly by only viewing the profile of another infected user.

Eventually the source code of the worm was uncovered, (safe to view) and a quick analysis of the worm shows why it was able to quickly spread through Twitter so fast. Here’s an overview of how the worm worked.


Using the Basic Constraints extension in X.509 v3 certificates for intermediate CAs

It’s not often that you’ll be creating your own X.509 certificates for a web server, since any certificates that you create (self-signed or signed by your own CA) will not be trusted by most browsers (IE, Firefox, etc.) since they were not signed by one of the many Certificate Authorities (CAs) that have been automatically trusted by the browser. If you do decide to use one of these certificates on your web server, you’ll have to navigate through a Byzantine series of screens to “confirm” that you trust the server’s certificate. (Though this is annoying, it may be ultimately beneficial in today’s era of phishing and other malicious behaviour.)


Protecting SVN metadata folders on a web server

I recently changed my WordPress install over to an SVN checkout in order to get rid of the tedious steps required to upgrade every time a new version is released.

Thankfully, following the well-written guide on the Codex was easy and straightforward – both for changing this existing installation over to SVN and for setting up a new blog for RunTrackr. I now look forward to updates, just so I can relish in the ease of upgrading. 🙂 Continued