Technology, Top News

Twitter fixes five-year-old bug that exposed Android users’ private tweets

SOME BUGS ARE so unusual that they go unnoticed for years. But the latest fix from Twitter is so brazen, it’s hard to understand how it managed to go under the radar for five years. For affected users, it was potentially devastating too.

Users with protected tweets – private accounts only accessible to hand-picked followers – would inadvertently make all of their tweets public if they updated certain settings in the official Twitter Android app. Twitter hasn’t disclosed all the actions which would trigger tweets to be made public, but said it included things like updating your email address.

The web and iOS apps weren’t impacted: this was an Android-only bug, and one that was fixed on January 14 2019 – just 1,533 days after the problem began on 3 November 2014.

“We’ve informed people we know were affected by this issue and have turned ‘Protect your Tweets’ back on for them if it was disabled,” Twitter wrote on its help site.

“We are providing this broader notice through the Twitter Help Center since we can’t confirm every account that may have been impacted. We encourage you to review your privacy settings to ensure that your ‘Protect your Tweets’ setting reflects your preferences.”   

It wouldn’t be immediately obvious for most people that their tweets were suddenly unprotected, unless they had amassed a lot of followers before going private, so this is potentially quite serious. If you were tweeting sensitive information and keeping it private so it wouldn’t be spread widely, the first you’d know about it would be if it did fall into the wrong hands.

The fact that this has taken five years to spot suggests that didn’t happen often enough for Twitter to figure out something was amiss. All the same, it’s pretty embarrassing for the company – something it acknowledges at the end of the help page.

“We recognise and appreciate the trust you place in us, and are committed to earning that trust every day,” it sobbed. “We’re very sorry this happened and we’re conducting a full review to help prevent this from happening again.” µ

Source : Inquirer

Previous ArticleNext Article
Founder and Editor-in-Chief of 'Professional Hackers India'. Technology Evangelist, Security Analyst, Cyber Security Expert, PHP Developer and Part time hacker.

Send this to a friend