Security researcher Anil Kurmus recently demonstrated an attack against Twitter that leveraged a newly released vulnerability in the common data security protocol Secure Sockets Layer (SSL). Kurmus showed that an attacker could exploit the SSL vulnerability to steal the Twitter credentials of a user that was authenticated through HTTPS. The SSL renegotiation bug, as it is termed, was unveiled earlier this month by security researchers at mobile phone authentication vendor PhoneFactor. — AM