That whole #TweetCloud thing: A reply
Posted under: Two days ago I send out a tweet warning against something called #TweetCloud. I had all reasons to believe it could be a threat and tried, to the best of my ability, to contact the owner of the website before I sent it. He didn’t reply back to me. I sent a Tweet and it got RT more than I expected and all of the sudden I start being attacked by some users because I had sent the tweet and had explained my reasons. In the meanwhile the owner of the website in a exchange with someone that had RT me stated that we was going to remove the auto-tweeting feature (one of my complaints) and write a Terms of Service (another of my complaints). To me this was over. Today I got a tweet from Jen asking me if I had read this.
Why do I post it here if I already answered on the original post? This is my “home”. And I think that my reasons to launch such a tweet should be a part of this home. Those that know me a bit, know that I am not after numbers of any kind and that I try, to the best of my ability, to make things right. Some people told me “Just leave it, don’t even bother with it. The guy only has 100+ followers”. If I had ignored it I would be breaking one my own beliefs that Twitter is not about how many followers one has but about people. And everyone should be treated with the same respect either we agree with them or not.
Here is my full reply:
1. I am was the user that called to the attention of my followers to be careful regarding #TweetCloud. If you would had made some simple search on twitter it would be easy to find me. I think that is important when speaking of and/or accusing someone of something, to give that person the right to explain him/herself. I thank Jen to call my attention to this post.
2. I took the decision to make the original tweet after reading lots of complaints from people on my timeline (including Scobeleizer *) and trying to contact the author with no success at all.
My original Tweet read:
“BEWARE of #TweetCloud: If you used it go to your settings and revoke access now! (pls RT)“
I then made a second Tweet explaining the reasons why I thought Tweetcloud could present a security danger:
#Tweetcloud 1)No terms or conditions 2)App Tweets for you automatically 3)Don’t need login details to generate the cloud. Revoke access.
3. You accuse me of “Unfortunately the twitterer who originally cried wolf didn’t seem to have much understanding of how services can interact with twitter.”
Maybe I don’t have the understanding that you have. You see I am just a user, I am not an expert but I take security very seriously. I also know what is happening in what comes to spam and phishing on twitter and, at this stage, where constant spam attacks are taking place (via DM and via @mentions) my stance is “better safe than sorry“.
I had legitimate reasons to see #Tweetcloud as a threath (No terms of service), abusive (auto tweeting) and had/have my opinion that there was/is** no need to have OAUTH involved to generate the cloud.
Furthermore, I doubt that the cloud can generate results from one year ago. Furthermore I had users on my timeline complaining that there were words coming up that they had never used.
4. DM Spam/Phishing occurs via OAUTH: That is why when these attacks occur all users are advised to go to their Settings -> Connections and Revoke access to all applications that they don’t know and then change their password. Don’t take my word for it: Check @Twitter_Tips (even if they often mention my posts regarding Twitter security).
5. With my Tweet (the “cry wolf” as you name it) I achieved my objective: @icodeforlove removed the auto-tweet and stated on a tweet to @tomdavenport that he would be writing a Terms of Service so that, before people use the website and grant permissions they know exactly what they are doing.
It is not my fault that people started to RT my original Tweet without asking why. I surely don’t RT any content without checking it first unless it comes from trustworthy sources.
6. At the end of the day it took you I don’t know how many words to get the conclusion that you had to revoke access to #tweetcloud. It only took me 140 characters to do the same.
I would really appreciate that in the future you take your time to correctly link your posts when referring to someone’s actions.
You can find me at:
http://thezargon.org and at http://bitrebels.com
Warmest Regards,
Fernando Fonseca
—–
Original Image from by benefit of hindsight
* Original Typo
** not in the original post
Since nobody has commented yet I thought I’d be first, may as well since you didn’t tell me this post was here. But I don’t really mind, I’ve got skin like a rhino and I’m not a follower-whore so I don’t mind having only 100+ followers. I focus on quality and things that interest me rather than quantity.
So since we’re talking about respect for fellow users did it ever occur to you that I omitted mentioning you as the originator of the scare out of respect? That I might have deliberately made it generic?
Also, how could I so offend you when I didn’t mention you?
This is really rather a storm in a teacup and I’m sorry your ego is so fragile that I offended you in that way. I’ve replied to your comment on my blog here – http://isemann.posterous.com/that-whole-tweet-cloud-thing
You’re proud you started the scare, I’m proud I stopped it and tried to help people spooked by it. Let’s move on.
R!
I don’t know where you read I was “proud”. I also remember leaving the URL for this website at the end of my comment. I think you know very well what you did: You rant about someone crying wolf, being totally inept with the “security” that the target of those critics will never read about it. So yes, it is a lack of respect not to be honest enough to say “Such person said that and here it is why I don’t agree”. Why? I can always write “That guy that wrote about Tweetcloud is a Twat” totally directed to you but not saying your name and then play the “I didn’t mention your name” card when confronted. I am sorry but I am not here to play games: you directed it to me and you and I both know it. My ego is not fragile but is not boosting on hot air like some. You seem to be proud about something you didn’t do: the developer, thanks to my tweet (as you want to obviously ignore since it doesn’t serve your purposes) the developer made immediate changes.
I think the main difference here is that it takes you 3 days to spot a security threat and it takes me 3 hours to do the same, contact the developer, wait 24h for him to reply to me (This is not the 90s when people checked their e-mail every 4 days) and having no feedback at all from him act upon it to warn my followers.
I am not proud of it as you say. To me is just the way I do things and don’t need to write an abstract or apply for public funds to make a in depth study of something that is clear to me: #Tweetcloud was abusive and my followers, in my opinion, should be warned. The fact that the dev changed it only confirms it.
@Anjeebaby ta, he even blogged about it on one of his blogs. Didn't let me know. But I have rhino skin.
http://bit.ly/5quACB