Categories
twitter

Verified Chaos

How social media verification was destroyed by hubris.

By destroying any meaning the Verified badge on Twitter may have had, Elon Musk has taught us all a lesson: Verified status with self-ID must be free, optional, and universally available across all social media platforms. Better yet, the web should have a free, optional, and universal self-ID verification system social media platforms and other tools can use to verify users. If we don’t know who we’re talking to, bad things will happen.

Who is this?

On November 10, 2022, a fake Tweet cut an estimated $15 billion out of US drug company Eli Lilly’s market cap.

The tweet, posted by a newly verified account bearing the name of the drug manufacturer, said insulin would now be provided for free.

The problem: The account was fake. It was impersonating the drug company and had bought the Verified badge for $8.

In the early days of November 2022, Twitter Owner and CEO Elon Musk murdered social media verification for the lols. Lashing out at what he described as the “Lords and Peasants” system of verification, he changed the meaning of the blue tick next to a user’s name from “has provided us a copy of their ID to verify their identity” to “is paying $8/month for a blue check next to their name.”

The result: an immediate flood of impersonation accounts on the platform, and a subsequent erosion of any trust the Verified label might have created on the platform.

Turns out in spite of right-wing conspiracies claiming the opposite, the Blue Tick was not in fact a status badge given to liberals – it was a badge informing users the account was verified as representing who it claimed to represent. You know, verification. Shocking.

In the immediate aftermath of all this, Twitter rolled out a new “Official” badge. Which Elon personally pulled minutes later. Then reinstated because, again, it turns out the Verified badge actually served a purpose and was not in fact a “Lords and Peasants” system.

As I said at the start of all this, Elon appears to be doing 1st year design student back-of-the-napkin iterative design in public, and he’s receiving a failing grade at it. But what do I know, I’m just a university teacher specializing in this exact subject.

Here’s how I imagine it all went down:

Twitter employee, cowering behind a chair: Lord Musk, it appears the blue check you thought was a vanity badge actually serves a vital function!
Elon the Ignoble: Thou darest speak?!? What say you, serf?
Twitter employee, now using the lid of a garbage can as a shield: We need to keep the verified system to prevent impersonations on the platform.
Elon the Ingoble: Heresy! We the King make no mistakes! That’s Official!
Now Former Twitter employee, being led out of the building by HR: Someone is going to impersonate a pharma company and tank their stock!
Elon the Ignoble: ???

The Meaning of Verified

Make no mistake: The Verified system introduced by Twitter and then duplicated by Instagram and TikTok was always a verifiable disaster.

From the initial 2009 rollout as a band-aid to prevent celebrities and brands from suing the platform over allowing impersonation accounts, to the 2016 release of a public application process where applicant accounts “determined to be of public interest” would get the badge, what was on the back-end a Verified ID system was given the public image of a “Verified Awesome by Us” badge.

Due to the inscrutable black box process of Verified, people built myths around the system and started believing the Verified badge gave users powers and prestige. And when people believe something gives others power and prestige, those others get power and prestige, even if no actual power or prestige is bestowed them in reality.

Which is how the right-wing conspiracy theory that the Verified status was only granted to liberal accounts (utter nonsense, easily disproven by who is verified on the platform) wormed its way into the brain of the new Twitter CEO and led him to think of it as a Lords and Peasants system rather than what it actually always was: a verification system.

Not that it matters now. Verified is dead. It cannot be resurrected. It has lost all meaning. Which may or may not have been Elon’s intent all along. Who knows.

The Need for Verification Online

Watching Musk iterating his way to the irrevocable delimitation of the Bird App in real time is a heady, bordering on an out-of-body experience. Gavin Belson masquerading as Tony Stark is either so blinded by hubris he is unable to recognize he has no idea what he’s doing and has systematically fired everyone who does, or hell bent on burning down the global digital public square he spent $44 billion on just to see what it looks like. Either way, the consequences of his folly will impact us all.

The impersonation of a pharmaceutical company making billions off predatory pricing on life-saving products that should be provided at-cost may be a fitting critique of the late-stage capitalist hellscape we’re all living through, but it is also the eviscerated body of the canary in our social media coal mines.

In the near future in the wake of war, famine, or a natural disaster, someone will create a Twitter account impersonating a government or critical aid organization and provide harmful or even deadly misinformation to the victims. Until November 2022, people knew with some certainty if the account telling them to seek shelter, move their family, or send money somewhere had a blue check, they could trust it. That trust is now gone for those in the know. But for the millions of casual users of Twitter who are not aware of Musk’s amateur-dentist-with-a-jackhammer approach to service design, a blue check still means trust, and they will be led straight into the maw of whatever evil paid Elon his $8 monthly identity tax.

The Oligarch of Folly

If we can learn anything from these last chaotic weeks, let it be this: Wealth does not imply wisdom. More likely it implies a propensity towards destroying everything to get what you want.

When Musk started talking about his desire to buy Twitter (only to moments later try to back out of the whole thing), Muskovites (the people who believe their idol can Do No Wrong) celebrated the move claiming it would bring “true free speech” to the platform. In the few weeks he’s been at the helm, he has imposed authoritarian and dictatorial rule on the platform by firing the majority of the staff, banning people and behaviours for personal reasons, and destroying much of the social infrastructure the platform was built on because he didn’t like the way it looked. He seems hell bent on proving himself uniquely unqualified for the job he has bought, and chronically unwilling to accept his own limitations.

Elon Musk destroyed Verified because he didn’t bother to understand it. I shudder to think what he’ll set his eyes on next.

Cross-posted to LinkedIn.

Categories
My Opinion twitter

The Swan Song of the Bluebird

“The reason I acquired Twitter is because it is important to the future of civilization to have a common digital town square,” Elon Musk, the new owner of Twitter said in his post titled “Dear Twitter Advertisers”, followed in the next breath by the ultra-capitalist claim “Low relevance ads are spam, but highly relevant ads are actual content!”

Emblematic of the fractured nature of social media, the first semi-official statement from the new self-described “Chief Twit” was three photos of dense text, without the necessary alt text to provide accessibility.

Pretty Hate Machine

Twitter has served an outsized role in my personal and professional lives. On the app I’ve made great new friendships and ruined old ones; created professional networks and burned bridges; helped people through difficult personal and professional times and offended others; been misunderstood and misquoted while myself misunderstanding and misquoting; blocked people and had people block me; found new limits for the highest heights of elation and the deepest depths of despair.

On Twitter I watched one friend livetweet their first child’s birth and another livetweet the bombing of his home. I watched people find their tribes and people falling into the gravity wells of hateful conspiracy theories. I watched new technologies emerge that will make the world a better place and technologies emerge that are destroying the very fabric of our society.

To say I’ve had a fraught relationship with the bird app is an understatement. When asked to describe Twitter, the first phrase that comes to mind for me is “Pretty Hate Machine,” but “Petty Hate Machine” might be equally apt. Open Twitter on any day and you’re two clicks away from whatever rage bait the “Explore” algorithm is currently selling. Political conspiracy theories, medical conspiracy theories, climate conspiracy theories, celebrity conspiracy theories, social media conspiracy theories, whatever flavor of rage you want to fill up on, the blue bird is fully stocked and eager to deliver.

A Bluebird in the Coal Mine

As Musk stepped through the glass doors of Twitter HQ carrying a giant porcelain sink (a reference to the lamest of lame dad jokes “Let that sink in” finding a new audience as a TikTok trend, or a reference to a so-called Q drop depending on who you ask and what online radicalization bubble you live in) he caused a tectonic shift in the social media landscape. As expertly chronicled in Nilay Patel’s spicy The Verge piece “Welcome to Hell, Elon,” the Bird App is a centrepiece in the ongoing public discourse around the role of free speech laws and moderation on global digital content platforms.

On the news of Musk’s intent to buy Twitter back in the spring of 2022, right-wing pundits and their loyal followers celebrated the “end of censorship” and “return of free speech,” and in the two days since the Sinking In, the platform has become a testing ground for online extremists, trolls, and bots wanting to see how far they can take things before whatever moderation tools and staff are still in place step in:

The man who less than a year ago promised to spend $6 billion on ending world hunger instead spent a reported $44 billion to buy an app right-wing extremists want to weaponize for their own power grabs and entertainment. Let that sink in.

Allow me to quote my thred from last night on Twitter:

Remember: when free speech absolutist and Silicon Valley techno libertarians talk about “the extreme left” they are talking about anyone who thinks you should be able to be online without being subjected to constant harassment and death threats because of who you are.

The vast majority of content moderation is there to prevent platforms from overflowing with spam. The rest is there to prevent platforms from being used to share criminal harassment, assault, terrorism, and CSAM content.

The right-wingers who claim they are being “#shaddowbanned” or “censored” have no reality to back them up. Studies show political bans fall evenly on the left and the right. The main diff is people on the right build their enormous platforms on the story of being censored.

People should be free to speak their minds on social media. People should also be protected from having those freedoms removed by hateful mobs. Organized online extremists have made sport of driving women, LGBTQIA2+, PoCs, and other historically harmed people off platforms.

If Twitter has any serious aspirations of becoming a “common digital town square” like Elon said, it has to be managed like a town square. If you show up at a town square screaming rape and death threats at the other people there, you will be removed, and likely arrested.

There is no civil discourse without moderation. That’s why debates have moderators. The people who claim they want to end “censorship” on social media are really saying they don’t want to be held accountable for what they say and do on social media.

In spite of what Musk and the techno-utopians of Silicon Valley want to believe, Twitter and its ilk are not “common digital town squares.” Twitter is a firehose, a deluge, an all-encompassing flood of every aspect of the human condition, pouring into your eyes the moment you open them. And like Alex DeLarge strapped to a chair with our eyes pried open, we stare down the torrent of hope and misery and joy and pain and love and hate and everything in between hoping to be cured of our own boredom, or disconnection, or unmet promises, or hope, or whatever the algorithm tells us ails us.

To Kill a Bluebird

When Musk says “highly relevant ads are actual content!” he simultaneously reduces the term “content” to its most basic meaning (under which spam must also be defined as “content”) and says the quiet part out loud: The only content that matters it the content that makes Elon money.

Musk is out $44 billion. He needs to make that back. Cutting 75% of staff won’t make a dent (though deep cuts are inevitable). The only meaningful revenue stream Twitter has at the moment is advertising. For advertisers to want to be on the platform, content moderation is necessary. Thus his other promise in the aforementioned inaccessible-text-in-pictures tweet directed at advertisers: “Twitter obviously cannot become a free-for-all hellscape, where anything can be said with no consequences!”

The free speech absolutists on the far right are unlikely to see their unmoderated dream app; not because Musk doesn’t want it, but because the only thing that matters to Elon is Elon making his money back. Instead I predict we’ll see a Twitter leaning harder than ever into Surveillance Capitalism, a doomed subscription model (leaks from internal meetings claim Musk “wants subs to be 50% of revenue at some point”), and creator-based advertising spec work, aka “the Creator Economy.”

Considering Twitter was already struggling to catch up with the new social media giant TikTok before he had an itch to scratch and randomly said he’d buy the platform, Musk and Twitter now have to weigh the need for an active user base agains the need for quick and large revenues.

In the short term, a cynic like me points squarely at the upcoming US elections and predicts we’re about to see the floodgates of political advertising open to the max. In the long term, Twitter will succumb to the full-bore ultra-capitalist model of its ilk where creators are encouraged to become marketing machines while the platform garnishes most of their profits.

Bye, Bye, Bluebird?

As I write this, my Explore page shows terms including “CEO of Twitter,” “free speech,” “mastodon,” and “delete” trending. On the app as in the real world the app presides, the takeover of one of the biggest global communication platforms by an ultra-rich oligarch whose modus operandi seems to be playing troll to the masses to make a profit is the rage inducing trend du jour. Journalists, scientists, and creators are setting up new accounts on other apps including TikTok, figuring out how to migrate their followers to the federalized Twitter alternative Mastodon, and screaming their Medium and Substack and WordPress links into the void hoping the world will continue to hear them should they be kicked out of the bluebird’s nest.

So is this the end for Twitter? Should we all delete our accounts and move our oversharing elsewhere? As I’ve explained before in relation to the ever resurgent #DeleteFacebook trend, until we’ve built suitable alternatives, being able to step away from these commercial apps turned critical infrastructure is a sign of extreme privilege.

For better or worse, Twitter is the place people turn to for news and information in a crisis. TikTok is too video-heavy for quick communication. Facebook is too … Facebook. When protesters flood the streets in Iran or Berlin or Hong Kong or Minneapolis, Twitter is their platform of choice for rapid dissemination of information. When a hurricane, or earthquake, or war, or insurrection or coup strikes, Twitter is the first place for immediate breaking news from citizen and professional journalists. When researchers want to know how disinformation spreads and transforms the populace from people who are in it together to people who will rather let you die than have to wear a mask, they turn to Twitter’s robust APIs and data discovery tools.

Take it from journalist and author Sarah Kendzior: “Twitter is a hellsite that also houses a vital time-stamped chronology of state corruption. It shows who know what and when, and gives some insight into why. Chronology is an enemy of autocracy. Altering Twitter is altering history, and that’s the appeal to autocratic minds.

I am not leaving Twitter (yet), but I am preparing for a future where Twitter no longer plays a meaningful (if destructive) role in my life, making sure all my eggs are not in the bluebird’s nest if you will (and yes, I’ve taken this whole bluebird metaphor thing way too far at this point. I’m tired, ok?)

I joined Twitter in May of 2008 to explore its APIs as a possible example for a web development book I was writing. The tweets from those early days are as mundane as they are prescient of what my relationship to the Bird App would become. I’ll leave my first Tweet as my last word for now:

Cross-posted to LinkedIn.

Categories
twitter WordPress

Twitter oEmbeds are not responsive – The little things that bug me

If you have a website using WordPress you should be excited about the new 3.4 release which introduces a whole bunch of new features. For a brief look check out the announcement or you can get an in-depth look at all the newness in the Codex article for the release.

Twitter oEmbeds are here!

One of the many new features is the ability to use oEmbed to add Tweets to your posts. All you have to do is grab the URL to a tweet, for example https://twitter.com/mor10/status/212999553023090688, and paste it into the editor. WordPress finds the URL, figures out it’s from Twitter, and embeds a nice active Tweet window in the post, just like the one you see above. Very cool. Almost.

New technology hampered by old thinking

I have a serious issue with the Twitter oEmbed: Inspecting the code you’ll see the widget comes with a small inline style call:

style="width:500px!important"

This small and unnecessary piece of code makes the Twitter oEmbed awful to work with. As you see from the grab at the very top of the post, the oEmbedded tweet is not responsive. That’s because the width is hardcoded – something that should never happen, especially not inline. What’s worse is that infernal “!important” at the end of the offending piece of inline style code. That !important makes it impossible to use a stylesheet to override the width and make the box responsive.

The Solution (that you can’t apply)

The solution to this problem – one that must be implemented by either Twitter or WordPress (at present I’m not sure where that piece of code is originating) is to change the style code to say:

style="max-width:500px!important"

Oh, and don’t even get me started on the clear:both!important; call. WTF.

Categories
social media twitter

Twitter force-follow exploit makes us all friendless

Last night our dear friends at Gizmodo released a simple exploit that allowed you to force Twitter users to follow you, an exploit already nicknamed “twape” (a combination of the words “twitter” and “rape”… classy). The exploit was ridiculously simple: Just write the word “accept” in front of a username (so for example “accept mor10”) and that user would automatically follow you. So what happens? Everyone and their mother starts force following famous people.

Sticking my head out the window I can hear the entire North American continent shouting “Hey look everybody: Oprah / Ashton / Barack / Jesus is following me on Twitter! I’m special!”

And the result? Right now your Twitter profile reads “Following: 0 Followers: 0”

Not to be a total grump here, but serisously people, what did you think would happen? Operah would become your instant friend? Ashton would start retweeting your tips on cat hair removal? More than anything this exploit shows how willing we are to just jump at anything that pops up on the internet without thinking about the consequences.

Let’s just hope this exploit doesn’t mean we’re friendless forever. Twitter is saying they are going to restore status quo once they’ve sorted out all the bogus follows. So relax, you’ll be able to show everyone how many friends you have soon enough.

Categories
News twitter

This you??? Anatomy of a Twitter Phishing Attack

Over the last couple of days I’ve gotten at least 10 Direct Messages from Twitter friends – most of which are pretty well versed in modern web technologies and even one that calls herself a “social media expert”. The messages are all the same, the text “This you???” followed by a shortened link. The link takes you to a web page that looks a lot like the Twitter.com login page but when you log in your password is stored and passed on to evil people with eviler intentions yet to be unveiled.

Targeting (and hooking in) the pros

Twitter phishing attacks are nothing new but this one is a bit different – and all the more disturbing for it: It targets and manages to hook in Twitter power users more than any other exploit before it. This is done by taking advantage of the fact that most heavy Twitter users don’t actually use the regular Twitter.com page but rather a Twitter manager like TweetDeck or HootSuite. And whereas a person just using Twitter.com would immediately know something was up when they were redirected to the login page even though they were already logged in, a TweetDeck or HootSuite user would probably not be logged in and could potentially enter their information in a momentary lapse of reason.

Unknown agenda

Another thing that is disturbing about this particular attack is that unlike most other attacks which immediately start spamming people with badly disguised ads for teeth whitening, weight loss or other affilliate marketing junk, this one – at least for no – is only out to perpetuate itself sending out the same message over and over. This means there is probably some larger plan in progress, and so far we don’t know what that plan is.

Even more disturbing a lot of people use the same password for many things including their social media networks like Twitter, Facebook, YouTube, MySpace and whatever other timewaster fits their fancy. That means if someone gets a hold of their Twitter password they are likely to also have access to their other accounts, not to mention Gmail or Hotmail accounts!

How to aviod being phished (and what to do if you are a victim)

Twitter.com’s help has a comprehensive breakdown of how to reset your password, sever connections and get your account back if you are the victim of a phishing attack or your account has been hacked. If you think your account has been compromised it is paramount that you follow these steps immediately to protect your online identity. That link again is here.

Here are a few simple steps to avoid becoming a victim of a Twitter hijacking:

  • Have a complicated password. If you can’t think of one, here are a few ideas: Do like Mulder from The X-Files and swap out words with numbers. His password was “trustno1” where the word “one” was exchanged for the number 1. Do like my friend Craig and show your support for a sports team. He’s a big fan of the Vancouver Canucks and hates the Toronto Maple Leafs. His password is “canucks>leafs” i.e. Canucks bigger than Leafs.
  • Change your password regularly. By “regularly” I mean every 6 months or so.
  • If anything unusual happens, change your password immediately.
  • Don’t use the same password for everything. That may sound like a lot of work but I use an algorithm based on the site name that changes the first and last character of my password so it’s not that hard.
  • Don’t give your password away.
  • Check the URL in the address bar before you enter your password. If it doesn’t say Twitter.com but something else, it’s not Twitter.com.