Twitter is, as you probably know, a very popular microblogging service that asks one question that you can answer in under 140 characters: What are you doing right now?
There are various tools that help make Twitter much more useful, and then can turn it into a powerful platform for sharing content, PR work, keeping in touch with friends, and more. Creative programmers have come up with a variety of applications, both web-based as well as desktop software, to utilize the Twitter platform for some cool tricks.
The Twitter API is the interface used to connect to the Twitter “firehose”, the raw XML that contains everything in Twitterdom. In order for a programmer to do something useful with the Twitter API, the program needs your Twitter username and password to authenticate.
This has been understood since the first Twitter apps appeared on the scene, and until today, nobody seems to have had any problems with this simple system.
The Twitterverse was atitter and aflutter today about something called Twitterank. We started seeing tweets this afternoon that said “My Twitterank is 89.24!” with a URL to the Twitterank site, which then invites you to get your OWN TwitterRank.
Seems like many Twitter apps – harmless fun. People like to brag about numbers and influence – and other sites like Twitter Grader provide ample opportunity to show your friends up.
Everything seemed fine until a bit later on this afternoon – Suddenly the Twitterverse was lighting up like a christmas tree; “Scam!” they shouted. “Beware!” they cried. “Alert!” came the call.
ZDNet blogger Oliver Marks wrote a blog post calling Twitter users gullible. “WHAT?” I gasped… “SAY IT AIN’T SO!” I exclaimed.
Okay, okay I’m getting ahead of myself.
Let’s go back a bit – there’s this kid. His name is Ryo Chijiiwa. He works for a little web company called Google, based out on the west coast somewhere. You may have heard of it (they also require passwords for all kinds of things – watch your back.) Anyways, Chijiiwa-san seems like a cheeky kinda guy. He looks like he’d be fun to hang out with. He wears his long black hair in braided pigtails and has nerdy glasses. I’d definitely have a beer with the guy.
Anyways, he wrote Twitterrank. And he got cheeky on his site. His FAQ uses the big bad F-word, and he says his algorithm is vewy vewy secwet…. File this information for a second – it’ll be relevant.
Now, Mr ZDNet blogger guy gets a Tweet from some guy named Brian Oberkirch. Brian says:
“Twitterank is a vast conspiracy I created to steal all of ur passwords + shame Twitter into OAuthing. + make u look vain.”
Marks JUMPS INTO ACTION. “My gawsh!” he says “I think I broke a national security conspiracy here!” and writes his doomsday blog post. The big fat ZDNET logo on top adds 800 million tons of legitimacy, and the thing takes off like a rocket. Does he bother to do the most basic fact checking? Does he bother to find out that the author of Twitterank is Chijiiwa-san? No. He believes the random Tweet from Oberkirch and REPORTS IT.
People on Twitter see Marks’ blog post and go crazy. Now they are tweeting and retweeting to all their friends “TWITTERANK SCAM! #CHANGEPASSWORD YOU FOOLS! YOU FOOLS!” etc.
Here’s what I truly, from the bottom of my heart, fail to understand: People have been putting their Twitter username and password into all kinds of websites and desktop applications for months. TwitPic, for example, is a HUGELY popular service, sort of the defacto way to post pics in your Twitter stream. Nobody has ever once said “TwitPic is stealing your passwords.” Nobody suspects Tweetdeck (my personal favorite Twitter desktop app) of stealing information. Nobody gives a hoot about getting their Twitter Grade.
And why? Because no jokester took the time to say “Twitpic is an elaborate scame i rote to stel all ur passwords + shame twitter for using http auth lolz” and have that get reported by a major legitimate media outlet.
So let’s summarize, in true Twitter fashion. I’ll tweet the whole story:
- Hay guys, Twitterank gives u a twit score. Mine is 110.23! Check it!
- Looks like @brianoberkirch made a funneh. oops
- Now Oliver Marks sez @brianoberkirch hacked twitter omgz
- A MILLIONTY PEOPLE READ OLIVER MARKS AND RETWEETED IT
- Everybody skurred nao
Listen people. Relax. Ryo is not going to steal your passwords. You should be using unique passwords for every site you sign in to anyway. That’s just common sense for good security practice. Mr. Marks should do some fact checking before he irresponsibly claims the sky is falling and unwittingly making Mr. Chijiiwa the most evilest villain on Twitter for an evening.
As an unintentional social networking experiment, I find this whole episode fascinating. FUD (Fear, uncertainty, doubt) spreads SO QUICKLY on social media services, and made Twitter light up in a matter of four hours. Poor Ryo is probably unaware that any of this high drama even took place yet – I’ll probably wrap this up before he gets home from work.
Now, back to Twitter for more entertainment……