102608 0815 twitterbugc1 Twitter bug: Complete Privacy is so incomplete!

I have always had doubts about privacy on the web. Always had an opinion that the internet was just a medium of transmitting information in a swarm of some codes, stars/hashes and asterisks but that had been shadowed with time. How can the web be attack proof? And we have seen it isn’t over the years, yet services guarantee complete privacy. Yeah right.

102608 0815 twitterbugc2 Twitter bug: Complete Privacy is so incomplete!The current report is of a bug in Twitter that reveals all the private messages that you have sent/received from a selected few. Although Twitter initially has all tweets made public but users can customize this and put protection as to who can actually see those messages. For the time being this too has been compromised.

The issue came up when private messages shared between Dave Morin, Product Manager, Facebook and Jessica Vascellaro, reporter WSJ were brought to open using the following:

http://twitter.com/statuses/friends/[USERNAME].xml

Just replace the [USERNAME] with the username of a friend and voila! The private messages are no more private.

I tried the feature immediately upon learning, but it didn’t work out. I guess Twitter has taken up the matter and resolved it almost immediately. What ever the case be, one must be sure that the privacy that is offered using ultra complexity can be manipulated by an even smarter brain, so services claiming to offer complete privacy are merely not faced by challenges of some clever exploiter on the look out for some loopholes. The moment one sees such a bug, tear in the system, the entire privacy is jeopardized.

I wouldn’t say that there is no privacy at all over the web, but it’s not complete either. And friends at Twitter don’t worry; I didn’t experiment with your usernames using the URL:p.