Louise Mensch website can reveal your password to hackers

  • Security flaw could allow hackers to obtain your password
  • Twitter integration crashed within two hours of UK launch
  • Several other security vulnerabilities on the site

Louise Mensch’s “rival to Twitter” has security flaws which can expose users’ passwords to hackers, it has been revealed. Those clicking on a malicious link to the Menshn website could have sensitive information passed to wrongdoers.

The news comes less than two hours before England play Italy in Euro 2012 — an event which Mensch and her business partner Luke Bozier had hoped to capitalise on by launching in the UK earlier than anticipated.

The vulnerability was exposed by professional web developer Jonathan Buchanan (@twitinsin), who has sent a series of messages to Luke Bozier explaining problems with his code.

Within just two hours of the “US only” block being removed at midnight, Menshn’s poorly-coded Twitter integration fell over, forcing one of the site’s founders to beg for help — using rival website Twitter:

Worryingly, these are by no means the only problems with the site. When scammers aren’t trying to steal your password, edit your profile information or post messages using your account, they can display random abuse and extreme pornography:

Just days ago, Mensch was describing Bozier as an “awesome coder”.

UPDATE (09:18) »The world's tech and security websites have piled in ...

  • Gizmodo — “Don’t Menshn the Crippling Security Holes”
  • SC Magazine — “Menshn dismiss claims of major security flaws”
  • The Register – “Mensch pal Bozier defends Menshn security”
  • TechWeekEurope — “Menshn Security Vulnerabilities Exposed”
  • CNET — “New social network Menshn launches in UK with security holes”
  • Guardian — “Menshn opens up to UK users and runs into security storm”

↑↑ Return to top of story ↑↑

22 Comments

  1. Posted June 24, 2012 at 7:20 pm | Permalink

    Dear, dear… typical T0ry. Rush like a bull at a gate and don’t spend enough money to get it right.

    And all in the pursuit of making even more money.

    Sickening

  2. Posted June 24, 2012 at 7:30 pm | Permalink

    Joyful. Schadenfreude in fact.

  3. Anon
    Posted June 24, 2012 at 7:31 pm | Permalink

    Passwords are transmitted in clear text, probably stored in clear text too. They were notified of problems by at least two parties. Site should be closed until it’s fixed

  4. rrrroger
    Posted June 24, 2012 at 7:37 pm | Permalink

    Is that a pixellated Goatse?

  5. Posted June 24, 2012 at 7:46 pm | Permalink

    It’s DEFINITELY Goatse. I hate myself for recognising it instantly, but you have to grudgingly admire it for being a ridiculously iconic, recognisable image.

  6. jules
    Posted June 24, 2012 at 10:07 pm | Permalink

    Has Bobby Tables signed up for an account yet?

  7. Peter
    Posted June 24, 2012 at 11:44 pm | Permalink

    I don’t know why but Political Scrapbook has had it against Luke Bozier for a long time! I don’t particularly like menshn.com (Facebook is good enough for me, thank you very much) but don’t understand the personall vendetta that you guys have against Bozier. Did he sleep with your wives or something? Jeesh

  8. Josh
    Posted June 25, 2012 at 12:52 am | Permalink

    Seriously dudes. You need to chill out. It’s a new site, it’ll have bugs and faults. Plus, who even cares if your password is exposed? It’s not like anyone will have important info flowing through the system.

    All this critique is political nonsense and none of this would even be made an issue of if the site was made my a geek non-political techy.

  9. Josh
    Posted June 25, 2012 at 12:57 am | Permalink

    Peter – you made lol hard. totally agree dude

  10. hahaha
    Posted June 25, 2012 at 1:10 am | Permalink

    Bozier is a fucking fraud and now he’s being exposed for what he is. Firstly pretending to be a Labour supporter (but really being a Cameroonian Blairite nutjob). And now pretending he can wing it as a tech start-up.

    Pathetic!

    Did he even study coding?

  11. Posted June 25, 2012 at 9:45 am | Permalink

    “Did he sleep with your wives or something? Jeesh” No, but he did claim his 4 years old were better at coding than us… Surely that’s just like saying “Go on, I dare you to”… Well we did.

  12. Errrrm
    Posted June 25, 2012 at 9:51 am | Permalink

    “Plus, who even cares if your password is exposed?”

    Errrrr, this is a bit silly. Remember last year when Lulzsec exposed the passwords of thousands of users? Most people use the same password for every account they have – the result is when you breach one account, you probably get access to their e-mail, through which you can reset their passwords for everything else – Amazon accounts, PayPal, the list goes on. It is a very serious security breach.

  13. Pete
    Posted June 25, 2012 at 10:52 am | Permalink

    The scariest thing of it all isn’t how crap it is – which it is – but the fact it seems to spell out Mensch’s vision of the Internet, where social networking should be people talking on topics set by the moderators and pounced on if they transgress. This is a woman who is scarily likely to end up in Ministerial post one day, and who sees free, unmoderated social networking as a problem that needs solving.

  14. Ben
    Posted June 25, 2012 at 1:24 pm | Permalink

    Please stop all this Luke Bozier drivel now. There is obviously something personal between this site and him, but I’d suggest that the majority of readers dont visit for this sort of irrelevant guff.

    If he is a nobody, treat him like one.

  15. Bob Jones
    Posted June 25, 2012 at 1:30 pm | Permalink

    Menshn is safe & secure.

  16. peter turner
    Posted June 25, 2012 at 2:00 pm | Permalink

    She blocked me from TWITTER because I told her to behave as a politician not some silly attention seeker.

  17. Corby Resident
    Posted June 25, 2012 at 2:12 pm | Permalink

    Wonder how many of the commenters like “Ben” and “Bob Jones” are actually Bozier?

    You are absolutely right to warn people that menshn.com has so many security holes. Exposing passwords is a major issue and sending them to the server unencrypted is amateurish and risky. Given that Bozier still appears to be trying to flog his souped-down google maps product to the UK public sector, one has to worry if it too has such a lax approach to security.

    Just like Guido bangs on about Johann Hari and others, Scrapbook is doing its job keeping an eye on La Bozier and his comedy adventures.

  18. Billy Bremner
    Posted June 25, 2012 at 3:05 pm | Permalink

    Mind you, all credit to Bozier. It takes a special kind of ability to be in a partnership with Mensch and still be the odious, dislikeable one.

  19. Posted June 25, 2012 at 4:49 pm | Permalink

    Maybe Luke could get a job at RBS helping out with their IT.

  20. therealguyfaux
    Posted June 25, 2012 at 5:45 pm | Permalink

    All startups will have a few glitches at the beginning, but Menshn’s got a “LouLou” of one, you should pardon the expression…

  21. Posted June 26, 2012 at 12:49 am | Permalink

    The twat is having to spend so long frenziedly denying obvious issues with his pitiful website that he fails to register his own domain name.

    And the article on Gizmodo couldn’t be clearer when it talks about “Crippling Security Holes”: http://www.gizmodo.co.uk/2012/06/dont-menshn-the-crippling-security-holes-in-this-mps-twitter-rival/

    The story seems to be that people who know what they’re doing find security holes and offer to tell Bozier details in private. He ignores so they tell them on twitter. He denies and “goes to bed” but mysteriously they are fixed in the morning. Then he denies again and uses some dissembling (he says that menshn uses an encrypted link “just like your bank”, but fails to mention that that wasn’t the case the day before). He says “supporters” helped identify issues. They don’t look like supporters when you read what they have to say. Then the “supporters” find more holes.

    The web experts clearly accuse Bozier of “lying about (or not being transparent about) security issues” (see tweets at http://www.gizmodo.co.uk/2012/06/dont-menshn-the-crippling-security-holes-in-this-mps-twitter-rival/)

  22. Anubeon
    Posted July 4, 2012 at 9:47 pm | Permalink

    It takes a special kind of narcissist to launch a social networking service names after yourself doesn’t it. No matter how whimsical and fitting it may seem. Mark Faceburg, Tom MySpacé, Robert ‘Bobby’ Bebo and Andrew ‘Twitty’ Twit not withstanding, of course. ;-)

    Still, at least Luke’s keeping like company these days. Never did trust that fellow when he professed loyalty to Labour. Not to get all political, but he was more ‘Blair’ than Blair! :-\

Post a Comment

Your email is never published nor shared.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

  • Follow us on Twitter