The IT Nerd

It seems that Twitter is down globally as users who are trying to log on aren’t having much luck. What appears is a message saying “Something is technically wrong.” This is confirmed by Downdetector and Twitter’s status page. There’s currently no time to resolution as of yet. But when it’s resolved, I’ll post an update.

UPDATE: This issue is now resolved.

Twitter has announced some iOS users saw their location data leaked to one of their third-party partners under some very specific circumstances:

Specifically, if you used more than one account on Twitter for iOS and opted into using the precise location feature in one account, we may have accidentally collected location data when you were using any other account(s) on that same device for which you had not turned on the precise location feature.

Separately, we had intended to remove location data from the fields sent to a trusted partner during an advertising process known as real-time bidding. This removal of location did not happen as planned. However, we had implemented technical measures to “fuzz” the data shared so that it was no more precise than zip code or city (5km squared). This location data could not be used to determine an address or to map your precise movements. The partner did not receive data such as your Twitter handle or other unique account IDs that could have compromised your identity on Twitter. This means that for people using Twitter for iOS who we inadvertently collected location information from, we may also have shared that information with a trusted advertising partner.    

We have confirmed with our partner that the location data has not been retained and that it only existed in their systems for a short time, and was then deleted as part of their normal process. 

Twitter has since fixed the issue, and all is as it should be with the universe. But I think that for companies that seem to consistently make these types of mistakes, there should be consequences. As in something more than bad PR. That would force them to up their game and keep your data safe.

Twitter really has to tighten things up as they’ve fixed a five year old bug that exposed the private tweets of Android users. Twitter has let affected users know and is really sorry for this. They also say that they can’t be sure that they have pinged everyone who has been affected. So Android users should review their privacy settings to ensure that their ‘Protect your Tweets’ setting reflects their preferences. But seriously. having a bug that flew under the radar for five years is kind of bad. It’s got be embarrassing if you’re Twitter.

Happy Friday!

The fine folks over at Gizmodo have an eye opening story that goes like this. Security researchers from Insinia Security discovered a hole on the Twitter platform that could allow a miscreant to post unauthorized tweets. They disclosed this to Twitter, and the social media company claimed to have fixed the problem. But when the researchers sanity checked the fix, they discovered it wasn’t fixed:

During a private chat with Gizmodo, however, the hackers appeared to reproduce their experiment, forcing an account belonging to the head of a London-based financial technology company to retweet a tweet from the BBC. Insinia said it verified the flaw remained using “a number of accounts.”

Twitter claims it is investigating this, but this seems like one hell of a screw up. Or worse, Twitter might have been hoping that nobody checked their work. Too bad for them that someone was smart enough to.

Take home message. If you say something is fixed. You should make sure that it is fixed or someone will call you on it.

Twitter is suggesting that all Twitter users update their passwords following a “bug” that exposed some passwords in plaintext on its internal networ:

When you set a password for your Twitter account, we use technology that masks it so no one at the company can see it. We recently identified a bug that stored passwords unmasked in an internal log. We have fixed the bug, and our investigation shows no indication of breach or misuse by anyone.

Out of an abundance of caution, we ask that you consider changing your password on all services where you’ve used this password. You can change your Twitter password anytime by going to the password settings page.

That’s a bit of a #fail. The only saving grace is that these passwords were exposed internally. Thus the risk level SHOULD be low. But you should change your password just in case because these days you never know.

It seems that Twitter may be about to have its own Facebook moment now that Bloomberg has discovered that a researcher who is linked to Cambridge Analytica which is the company that slurped up the data of 88 million (or more) people from Facebook bought data from Twitter:

Twitter sold data access to the Cambridge University academic who also obtained millions of Facebook users’ information that was later passed to a political consulting firm without the users’ consent. Aleksandr Kogan, who created a personality quiz on Facebook to harvest information later used by Cambridge Analytica, established his own commercial enterprise, Global Science Research (GSR). That firm was granted access to large-scale public Twitter data, covering months of posts, for one day in 2015, according to Twitter. “In 2015, GSR did have one-time API access to a random sample of public tweets from a five-month period from December 2014 to April 2015,” Twitter said in a statement to Bloomberg. “Based on the recent reports, we conducted our own internal review and did not find any access to private data about people who use Twitter.” The company has removed Cambridge Analytica and affiliated entities as advertisers. Twitter said GSR paid for the access; it provided no further details.

I wonder if we’re now going to have a #DeleteTwitter hashtag popping up now?

This pretty much starts to paint the picture that every social media company might have been touched by these guys. So while Facebook aren’t choirboys, they are far from being the only bad actors here. Don’t be surprised if you hear about more companies getting caught up in this as the companies in question either check to see if they’ve done business with Cambridge Analytica or anyone associated with them, or the media simply outs them.

If you’re trying to access Twitter, you might be seeing this at the moment:

Seeing as this started just before 10 AM EST, I am guessing Twitter just took a header. As a result, I am sure people are heading over to Facebook to vent. More as it comes.

UPDATE: I am able to get SOME access to Twitter on my iOS device. For example, I can check trending topics as well as post a Tweet. But I cannot see new Tweets from others. I can do nothing via a browser.

UPDATE #2: Just after 10:30 AM EST Twitter came back up. I’d love to know what happened. Hopefully Twitter gives the planet a statement on this outage.