Even years later, Twitter doesn’t delete your direct messages

TechCrunch | 2/15/2019 | Staff
echolea (Posted by) Level 3
Click For Photo: https://techcrunch.com/wp-content/uploads/2019/02/GettyImages-509341080.jpg?w=600

When does “delete” really mean delete? Not always or even at all if you’re Twitter .

Twitter retains direct messages for years, including messages you and others have deleted, but also data sent to and from accounts that have been deactivated and suspended, according to security researcher Karan Saini.

Saini - Messages - File - Archive - Data

Saini found years-old messages found in a file from an archive of his data obtained through the website from accounts that were no longer on Twitter. He also filed a similar bug, found a year earlier but not disclosed until now, that allowed him to use a since-deprecated API to retrieve direct messages even after a message was deleted from both the sender and the recipient — though, the bug wasn’t able to retrieve messages from suspended accounts.

Saini told TechCrunch that he had “concerns” that the data was retained by Twitter for so long.

Messages - Users - Messages - Someone - Inbox

Direct messages once let users to “unsend” messages from someone else’s inbox, simply by deleting it from their own. Twitter changed this years ago, and now only allows a user to delete messages from their account. “Others in the conversation will still be able to see direct messages or conversations that you have deleted,” Twitter says in a help page. Twitter also says in its privacy policy that anyone wanting to leave the service can have their account “deactivated and then deleted.” After a 30-day grace period, the account disappears and along with its data.

But, in our tests, we could recover direct messages from years ago — including old messages that had since been lost to suspended or deleted accounts. By downloading your account’s data, it’s possible to download all of the data Twitter stores on you.

Saini - Bug - Security - Flaw

Saini says this is a “functional bug” rather than a security flaw, but argued that...
(Excerpt) Read more at: TechCrunch
Wake Up To Breaking News!
Appeasement - when you're what's for dinner!
Sign In or Register to comment.

Welcome to Long Room!

Where The World Finds Its News!