Wednesday, October 21, 2009

Protected Tweets - Oxymoron?

Google has done it again! Somehow, the magical Googlebot has managed to worm its way into protected tweets on Twitter. To be fair, this story was first broken by the L.A. Times ... yea.

You know what I'm talking about, those strange people who choose to "protect" their tweets so only a select few can read them aren't so protected anymore.

Who knows what other design flaw [:cough: security hole :cough:] the Google-bot is exploiting but as Rob Fuller (@mubix) put it on Twitter "hmm sounds like a job for User Agent Switcher" ... indeed.

So let me get this straight ... I as a regular user with my user-agent (no, I don't use the standards personally) cannot read your protected tweets, but the Google-search-index bot can? Really ... is this a design flaw or simply a security hole that Google somehow discovered, accidentally? I'm leaning towards a accidentally-on-purpose design flaw; and now that a formal partnership (for search purposes) between Twitter and Google has been announced - who knows what else we're going to dig up?

OK, so a few questions arise...
  1. Since Microsoft's Bing already has a partnership with Twitter to search tweets is there another such hole looming there too?
  2. Is this a bug, a feature, or something else?
  3. If I change my user-agent to the Googlebot, can I read protected tweets anonymously?
... I'm not even sure I want to know. I don't bother protecting my Tweets given that this is a social platform for public dissemination of thought ... right?

1 comment:

Stephan Wehner said...

Just recently put a related blog entry up at

about blog tools and their (more or less working) privacy options


(Disclosure -- being developed by me/The Buckmaster Institute, Inc.)