• Security flaw could allow hackers to obtain your password
  • Twitter integration crashed within two hours of UK launch
  • Several other security vulnerabilities on the site

Louise Mensch’s “rival to Twitter” has security flaws which can expose users’ passwords to hackers, it has been revealed. Those clicking on a malicious link to the Menshn website could have sensitive information passed to wrongdoers.

The news comes less than two hours before England play Italy in Euro 2012 — an event which Mensch and her business partner Luke Bozier had hoped to capitalise on by launching in the UK earlier than anticipated.

The vulnerability was exposed by professional web developer Jonathan Buchanan (@twitinsin), who has sent a series of messages to Luke Bozier explaining problems with his code.

Within just two hours of the “US only” block being removed at midnight, Menshn’s poorly-coded Twitter integration fell over, forcing one of the site’s founders to beg for help — using rival website Twitter:

Worryingly, these are by no means the only problems with the site. When scammers aren’t trying to steal your password, edit your profile information or post messages using your account, they can display random abuse and extreme pornography:

Just days ago, Mensch was describing Bozier as an “awesome coder”.

[update id=”update” time=”09:18″ text=”The world’s tech and security websites have piled in …”]

  • Gizmodo — “Don’t Menshn the Crippling Security Holes”
  • SC Magazine — “Menshn dismiss claims of major security flaws”
  • The Register — “Mensch pal Bozier defends Menshn security”
  • TechWeekEurope — “Menshn Security Vulnerabilities Exposed”
  • CNET — “New social network Menshn launches in UK with security holes”
  • Guardian — “Menshn opens up to UK users and runs into security storm”

[/update]

  1. Dear, dear… typical T0ry. Rush like a bull at a gate and don’t spend enough money to get it right.

    And all in the pursuit of making even more money.

    Sickening

  2. Passwords are transmitted in clear text, probably stored in clear text too. They were notified of problems by at least two parties. Site should be closed until it’s fixed

  3. It’s DEFINITELY Goatse. I hate myself for recognising it instantly, but you have to grudgingly admire it for being a ridiculously iconic, recognisable image.

  4. I don’t know why but Political Scrapbook has had it against Luke Bozier for a long time! I don’t particularly like menshn.com (Facebook is good enough for me, thank you very much) but don’t understand the personall vendetta that you guys have against Bozier. Did he sleep with your wives or something? Jeesh

  5. Seriously dudes. You need to chill out. It’s a new site, it’ll have bugs and faults. Plus, who even cares if your password is exposed? It’s not like anyone will have important info flowing through the system.

    All this critique is political nonsense and none of this would even be made an issue of if the site was made my a geek non-political techy.

  6. Bozier is a fucking fraud and now he’s being exposed for what he is. Firstly pretending to be a Labour supporter (but really being a Cameroonian Blairite nutjob). And now pretending he can wing it as a tech start-up.

    Pathetic!

    Did he even study coding?

  7. “Did he sleep with your wives or something? Jeesh” No, but he did claim his 4 years old were better at coding than us… Surely that’s just like saying “Go on, I dare you to”… Well we did.

  8. “Plus, who even cares if your password is exposed?”

    Errrrr, this is a bit silly. Remember last year when Lulzsec exposed the passwords of thousands of users? Most people use the same password for every account they have – the result is when you breach one account, you probably get access to their e-mail, through which you can reset their passwords for everything else – Amazon accounts, PayPal, the list goes on. It is a very serious security breach.

  9. The scariest thing of it all isn’t how crap it is – which it is – but the fact it seems to spell out Mensch’s vision of the Internet, where social networking should be people talking on topics set by the moderators and pounced on if they transgress. This is a woman who is scarily likely to end up in Ministerial post one day, and who sees free, unmoderated social networking as a problem that needs solving.

  10. Please stop all this Luke Bozier drivel now. There is obviously something personal between this site and him, but I’d suggest that the majority of readers dont visit for this sort of irrelevant guff.

    If he is a nobody, treat him like one.

  11. peter turner says:

    She blocked me from TWITTER because I told her to behave as a politician not some silly attention seeker.

  12. Corby Resident says:

    Wonder how many of the commenters like “Ben” and “Bob Jones” are actually Bozier?

    You are absolutely right to warn people that menshn.com has so many security holes. Exposing passwords is a major issue and sending them to the server unencrypted is amateurish and risky. Given that Bozier still appears to be trying to flog his souped-down google maps product to the UK public sector, one has to worry if it too has such a lax approach to security.

    Just like Guido bangs on about Johann Hari and others, Scrapbook is doing its job keeping an eye on La Bozier and his comedy adventures.

  13. Billy Bremner says:

    Mind you, all credit to Bozier. It takes a special kind of ability to be in a partnership with Mensch and still be the odious, dislikeable one.

  14. therealguyfaux says:

    All startups will have a few glitches at the beginning, but Menshn’s got a “LouLou” of one, you should pardon the expression…

  15. The twat is having to spend so long frenziedly denying obvious issues with his pitiful website that he fails to register his own domain name.

    And the article on Gizmodo couldn’t be clearer when it talks about “Crippling Security Holes”: http://www.gizmodo.co.uk/2012/06/dont-menshn-the-crippling-security-holes-in-this-mps-twitter-rival/

    The story seems to be that people who know what they’re doing find security holes and offer to tell Bozier details in private. He ignores so they tell them on twitter. He denies and “goes to bed” but mysteriously they are fixed in the morning. Then he denies again and uses some dissembling (he says that menshn uses an encrypted link “just like your bank”, but fails to mention that that wasn’t the case the day before). He says “supporters” helped identify issues. They don’t look like supporters when you read what they have to say. Then the “supporters” find more holes.

    The web experts clearly accuse Bozier of “lying about (or not being transparent about) security issues” (see tweets at http://www.gizmodo.co.uk/2012/06/dont-menshn-the-crippling-security-holes-in-this-mps-twitter-rival/)

  16. It takes a special kind of narcissist to launch a social networking service names after yourself doesn’t it. No matter how whimsical and fitting it may seem. Mark Faceburg, Tom MySpacé, Robert ‘Bobby’ Bebo and Andrew ‘Twitty’ Twit not withstanding, of course. ;-)

    Still, at least Luke’s keeping like company these days. Never did trust that fellow when he professed loyalty to Labour. Not to get all political, but he was more ‘Blair’ than Blair! :-\

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>