Click For Photo: https://techcrunch.com/wp-content/uploads/2019/02/GettyImages-509341080.jpg?w=600
When does “delete” really mean delete? Not always or even at all if you’re Twitter .
Twitter retains direct messages for years, including messages you and others have deleted, but also data sent to and from accounts that have been deactivated and suspended, according to security researcher Karan Saini.
Saini - Messages - File - Archive - Data
Saini found years-old messages found in a file from an archive of his data obtained through the website from accounts that were no longer on Twitter. He also filed a similar bug, found a year earlier but not disclosed until now, that allowed him to use a since-deprecated API to retrieve direct messages even after a message was deleted from both the sender and the recipient — though, the bug wasn’t able to retrieve messages from suspended accounts.
Saini told TechCrunch that he had “concerns” that the data was retained by Twitter for so long.
Messages - Users - Messages - Someone - Inbox
But, in our tests, we could recover direct messages from years ago — including old messages that had since been lost to suspended or deleted accounts. By downloading your account’s data, it’s possible to download all of the data Twitter stores on you.
Saini - Bug - Security - Flaw
Saini says this is a “functional bug” rather than a security flaw, but argued that...
Wake Up To Breaking News!
Appeasement - when you're what's for dinner!