[Slow news day here at BendTech...]
Exhibit A – Tweet from Lindsay Lohan on 06/17:
Stop trying to get onto my twitter page whoever you are! Its become extremely creepy!!!
Exhibit B – Mlle Lohan, 12 hours later:
THANK YOU Harper’s Bazaar for naming Sevin Nyne Tanning Mist a must have product. You can buy online!! http://tinyurl.com/m49y8u
Exhibit C – The URL you end up at when you click that tinyurl.com link:
http://www.sephora.com/…jsessionid=3B0SCOUKJADHECV0KRRRHOQ…
Uhm, Lindsay. Dahling. If you want “creeps” to stop messing with you, stop tweeting URLs that have session cookies in them!
Much as I’d love to blame Lindsay for this little faux pas, it’s really Sephora who is at fault. There’s no good reason for them to be tacking the cookie they use to identify users (“jsessionid”) onto a URL like that, and doing so has dramatically increased the chance that somebody will be able to hack into Lindsey’s Sephora account (or the account of whichever assistant she has pretending to be her.) So let this be a lesson to you Twitter-heads out there: Not all websites do a good job of protecting the privacy and identity of their users. Do you really know who’s following you… and what kind of information you’re giving them?
BTW, if one of you does end up hacking into Ms. Lohan’s Sephora account, can you use it to send me a bottle of Acne Spot and Area Treatment? My bike seat has been chaffing more than usual lately.