Twitter to Release a Real-time Analytics Solution This Year [REPORT]

Twitter plans to launch a free analytics dashboard that will help its users – especially businesses – understand how others are interacting with their tweets.
Member of Twitter’s () business development team Ross Hoffman has revealed at the Sports Marketing Summit that Twitter plans to launch the dashboard in the last quarter of 2010. He was speaking in the context of sports, but there’s no reason to believe the tool won’t be available to other users, too.
The team that works on this tool is the one behind Trendly, which Twitter had acquired in June. Trendly was all about highlighting important changes in the traffic that reaches your website, and, according to Hoffman, Twitter’s analytics solution will show you which tweets are spreading and which users are influential in your network.
There are two interesting things about this announcement. First of all, if the product will be free, then Twitter won’t be making any money out of it, and one possible business model for Twitter was charging for this type of tool. Of course, this doesn’t mean that Twitter won’t later release a more advanced version of the dashboard, aimed at businesses, which will not be free.
Secondly, this is bad news for companies that are building their versions of Twitter analytics tools – some that come to mind are Klout, Omniture and Twitalyzer. It is possible to compete with Twitter at their own turf – just check out third-party apps such as TweetDeck () — but these companies will now have to try twice as hard to reach customers.

Mark Zuckerberg Donates $100 Million to Newark Public Schools

Mark Zuckerberg is donating $100 million to the Newark public school system. The donation will be the first part of a foundation intended improve U.S. education.

Zuckerberg will announce the contribution Friday on The Oprah Winfrey Show, where he will be joined by Newark Mayor Cory A. Booker and New Jersey Gov. Chris Christie.

The New York Times broke news of Zuckerberg’s educational fund shortly before Forbes revealed that the Facebook founder and CEO had climbed to the thirty-fifth position on its annual list of wealthy Americans. Forbes estimates that Zuckerberg is now worth $6.9 billion, putting him seven spots above Apple CEO Steve Jobs, who is estimated to be worth $6.1 billion, ranking 42 on Forbes’ list.

Some will call the donation calculated. The timing of the announcement is in sync with the October 1 release of The Social Network, based on Ben Mezrich’s book The Accidental Billionaires, neither of which protrays Zuckerberg in the most favorable manner. The donation could also be aimed at counteracting any negative stigma that could arise from his new rank on the Forbes 400.

The fact of the matter is that Mark Zuckerberg just donated $100 million of his own personal wealth to one of the country’s worst school systems. This is the sort of philanthropy that we see from the likes of Warren Buffett and Bill Gates; frankly, it’s amazing to have someone else with the ability to contribute at that level to that field. Ideally, we should be able to take the gesture at face value and not taint it with speculation.

17-year-old Australian Boy, Japanese Developer Take Blame for Twitter Meltdown

A 17-year-old boy from Australia claims he inadvertently triggered a chain of events that led to  thousands of people being affected by a Twitter security flaw yesterday. But it all may have been started by a Japanese developer a couple of hours earlier.

Pearce Delphin, or @zzap on Twitter, says he exposed the security flaw by tweeting a piece of code with an onMouseOver JavaScript function, which caused a pop-up to appear when a user merely moves his mouse cursor over the message.

Very soon, the code was modified to do other sorts of things – perform auto retweets, open pornographic websites and generally create havoc on Twitter, which lasted a couple of hours until Twitter admins patched the vulnerability.

“I did it merely to see if it could be done … that JavaScript really could be executed within a tweet. At the time of posting the tweet, I had no idea it was going to take off how it did. I just hadn’t even considered it,” Delphin told AFP via email.

“I discovered a vulnerability, I didn’t create a self-replicating worm. As far as I know, that isn’t technically illegal,” Delphin said. He hopes he won’t get into trouble, but he very well could – the proper course of action in situations like these is reporting such a vulnerability to Twitter. Exposing a security flaw like he did, even inadvertently, is at the very least an error in judgment.

However, in this case, the flaw was so elementary and spread so fast that it’s hard to point at Delphin and consider him solely responsible for the damage it caused (which, according to Twitter, was not very big, despite the fact that the flaw was potentially extremely dangerous). Delphin (together with several others, for example Scandinavian developer Magnus Holm) claims he merely modified the idea from another user who had used the code to make his tweets colored, meaning he was not the first to expose the flaw.

The “other user” was probably a Japanese developer called Masato Kinugawa said he reported the XSS vulnerability to Twitter on August 14, which was subsequently patched, but he later discovered that the vulnerability was exploitable again. He then created a Twitter account called RainbowTwtr, which he used to prove that the flaw could be used to create colored tweets.

This is in line with Twitter’s account of the incident. From Twitter’s official blog: “We discovered and patched this issue last month. However, a recent site update (unrelated to new Twitter) unknowingly resurfaced it.”

One thing about the entire incident causes concern: the vulnerability was too easy to exploit, and it spread amazingly fast. Twitter should take a good look at its security before an attack similar to this one causes a lot more damage.

Twitter Mouseover Security Flaw Affecting Thousands of Users [WARNING]

A new Twitter security flaw has been widely exploited on thousands of Twitter accounts, redirecting users to third-party websites without their consent.

The bug is particularly nasty because it works on mouseover only, meaning pop-ups and third-party websites can open even if you just move your mouse over the offending link.

The flaw uses a JavaScript function called onMouseOver which creates an event when the mouse is passed over a chunk of text. We’ve seen the flaw being abused to launch simple pop-up windows, redirect users elsewhere (including porn sites), and we’ve also seen it used in combination with blocks of color, covering the true “intention” of the tweet.

For now, the best course of action is using only third-party apps such as TweetDeck to access Twitter, as the bug only seems to affect Twitter’s web interface. Also, if your Twitter account contains a message abusing the flaw, you can delete it using a third-party app.

Twitter hasn’t yet commented on the incident on any of its official accounts or its official blog. We’ve contacted Twitter about the security flaw but haven’t yet heard from them.

You can see an example of a tweet that launches a pop-up if you move the mouse over it below.