The latest, greatest ID theft on Twitter appears to be Twply.
Conceptually, Twply purports to provide a welcome service: receiving your @ replies in your email inbox. I won't link to Twply in this post because of what has evolved over the last few hours. Michael Arrington's 1:00 p.m. Central post clued me in to this new service:
"Just started using http://twply.com/ to get my @replies via email. Neat stuff!"
This site presents our latest example of Twitter's failures.
In fairness, Twitter succeeds in uniting individuals and communities in a way I find superior to FaceBook. But Twitter needs to grow up quickly and start vetting contributors' APIs. As Twitter growth continues unabated, more users are exposed to faulty apps that, in the hands of less aware Twitterers, could put them, their contacts and their computers at risk.
Robert Scoble joined the chorus of naysayers later in the day. Various contributors have since cited that Twply’s owners sold out for $1,200 within 24 hours of pushing live the API. Fan-freaking-tastic.
I didn’t bite, this time. I’ve been burned a couple of times in the past, between FB and Twitter. I have too many password variations to remember and don’t need to update mine on Twitter each time I am asked to provide one to some application recommended first by a Twitter giant and then, almost immediately by like-minded friends.
Of note: If you throw a snowball at me, offer me a “cool” drink, or buy me a virtual fish tank or whatever on FB, I thank you sincerely for thinking of me the 60+ times in the two months that I’ve been active. But I politely decline to offer up a contact list and password to prove that I am smarter than you are on a lame IQ test (which I am) or on a
My readership is limited at the moment, I know. But I hope this friendly warning makes it out to the masses as it is both timely and important.
The lesson is this: Do not jump on the bandwagon. If a Twitter Lion advocates something, take a breath. Wait a week. Pay attention. And then, if all appears to be kosher, by all means go for it.
I and many others have suffered the embarrassment of jumping in too early or without enough knowledge. I was, on one FB occasion, disappointed and relieved to learn that Equifax did not want to be my friend on FB. More disappointed that ex-girlfriends and pretty much anyone I ever contacted through gmail in the last six years suddenly became aware of my existence once again. (Ouch!)
Final plea: Dear Twitter, will you PLEASE filter your APIs now!?!? Vet them before users get burned. Make benevolent Twitter apps a trusted and valuable component to your arsenal and weed out the bullshit.
Thank you for your prompt attention to this matter.
6 comments:
Thanks for reinforcing my reluctance to jump on all those goofy things my friends keep sending me on FB. Many are clearly legit, but the key, as you note, is not to be an early-adopter. They don't call it the bleeding edge for nuthin.
Bring on oAuth!
I think that there is something to being an early adopter, but you just have to be a smart one. I was on Twitter like a year before everyone else, but then it wasn't all that fun. I understand what you're saying, but Twitter can't really vet 100% of the apps that try to use their API because it would hinder innovation. It's up to the users to not be morons.
Perhaps a better plea would be:
"Dear Twitter user: Don't be a moron and give out your username and password to just anyone."
Sean ... Amen.
Shane - I agree that it is up to the user to be responsible and alert and ... paranoid. My post was partially intended to warn newer users to avoid the mistake(s) I made. Also, I know that Twitter can't really vet every app. At the same time, in the absence of OAuth, why can't Twitter offer up a "Twitter-approved" seal of sorts, a running list of those apps that truly are vetted and proven not to steal your info? It would grant the legitimate designers a good deal of authenticity and respect and ... ideally, deter the malicious nonsense.
I could be wrong, of course, but I believe something like that is within the realm of possibility for Twitter to pull off, and assure users that an app is trusted.
I am SO going to throw a yellow snowball at you right now. LOL
Yellow snow? Really? I had just shaken, finally, those horrible kindergarten memories. lol
Post a Comment