> Twitter believes that I should delete the Tweet (which I didn’t make in the first place)
But... It's on your account. If Twitter's condition for re-instating the account is that you delete this tweet, and you have enough access to your account to be able to delete the tweet, why aren't you deleting the tweet?
And:
> Twitter is behaving wholly irresponsible here: there is absolutely no way that if my account was compromised that they could not have noticed this prior to issuing the block, and as far as I can see my account is still there, which means that either someone social engineered Twitter into changing the password, then immediately turned around to compromise then get my account blocked or that Twitter has much larger problems in not being able to detect attempts at account compromise.
What if someone got hold of your password somehow? I'm sure Twitter has suspicious login detection, but those things can never be perfect. Maybe OP has really good reasons to think that there's no possible explanation other than a Twitter vulnerability or social engineering a Twitter employee, but none of that reasoning is in this post?
Because deleting it would remove the one bit of evidence that this happened and may well wipe out the data that would allow establishing how this was done.
> What if someone got hold of your password somehow?
Theoretically possible, practically not very likely for all kinds of reasons which I won't go into here but which you are going to have to take my word for. Let's just say that I'm a bit paranoid when it comes to stuff like this.
> I'm sure Twitter has suspicious login detection, but those things can never be perfect.
Apparently...
> Maybe OP has really good reasons to think that there's no possible explanation other than a Twitter vulnerability or social engineering a Twitter employee, but none of that reasoning is in this post?
Well, let's just say that I've been around for a while and to date have not yet had any of my accounts compromised, ever. That this should happen on Twitter where there has been a long history of such things happening is not all that surprising and when it comes to evaluating Twitter account security versus me being able to keep my passwords to myself I'm going to be arrogant enough to claim that I think that I can do that.
There is plenty of evidence for Twitter accounts being compromised, in fact, one comment here links to a SIM swap attack against Twitter's CEO...
I do trust that you have better opsec than 99%+ of users and that you didn't write this tweet. But it seems incredible that an adversary would burn a Twitter vulnerability to post a near incoherent message from your account (which isn't particularly influential, as far as these things go). Even social engineering Twitter support seems like a really crappy effort/reward ratio.
What you're doing here makes sense, and if I were at Twitter I'd be trying to help you figure out exactly what happened, on the chance that there was a deeper compromise.
> Because deleting it would remove the one bit of evidence that this happened and may well wipe out the data that would allow establishing how this was done.
It’s not clear from the post that you have the option to delete the tweet but are choosing not to. I think perhaps some of the confusion in this thread comes from that omission.
> Because deleting it would remove the one bit of evidence that this happened and may well wipe out the data that would allow establishing how this was done.
You say you've been around awhile but you don't seem to understand that there is not such thing as permanent deletion when it comes to social media. "Deleting" the post in this case would only mark it as deleted and remove it from people's feeds. There is no destruction of evidence that would prevent Twitter from investigating the tweet in the future.
> Because deleting it would remove the one bit of evidence that this happened and may well wipe out the data that would allow establishing how this was done.
This has big "When the authorities get here I'll be vindicated!" energy, by which I mean: there's no forensics team heading out to the data warehouse to get to the bottom of what happened. Your tweet isn't that important and it makes sense that Twitter wants you to delete the tweet as a show of good faith.
It is possible that the same temporary (read-only?) access that would allow you to delete the tweet would also allow you to capture much of the relevant evidence:
• fetching the offending tweet via a raw/API method could, in the JSON, reveal more metadata – such as involvement of some compromised 3rd-party app with posting rights to your account
• requesting your entire Twitter archive might similarly still be available (as they offer it largely due to the EU's legal requirement), and include the offending tweet with full metadata
Requesting the latter – your full archive – without supplying any more new info (your phone number) might be a tactic with leverage given the EU-compliance dimension. (Though, it's also possible the regulators have already approved phone-number-verification as a reasonable prerequisite for such a giant personal data dump.)
> Because deleting it would remove the one bit of evidence that this happened and may well wipe out the data that would allow establishing how this was done.
That's not how computers work. You'll mark it as deleted and then the "deleted" column (or field or whatever) will turn from false to true. No forensic evidence will be lost.
Thing is, Google, Twitter and many other platforms reinstate accounts after some public crying like this one.
> Now, I have been pretty vocal in my support for Ukraine
This pretty much answers it all, OP wrote the tweet, remember that there are no evidences of account being hacked? Account got blocked. OP makes a fuss about it hoping that visibility from other platforms will help him.
I'm confused - was OP's account compromised, or not? It sounds like it was, but he doesn't seem very fussed about how it happened or keeping it from happening again, just annoyed that Twitter's response to it isn't faster. Is it this commonplace for twitter accounts to be taken over?
Also, is saying things like "Go die" an insta-ban on twitter? I don't use it but I thought it took more than that.
I'm also confused. How is Twitter supposed to know that the Tweet was made by the OP or was a compromised Tweet? When something is egregious what should Twitter do if it doesn't have resources to investigate whether the tweet was "intentional" or not, if action must happen quickly to avoid problems? And isn't a claim of "wasn't me" an easy claim whether or not it's true? I'm likewise confused. He says "What really pisses me off is that this is fairly obviously not my fault " But I can't find out where it is so obvious. Am I missing something? To an outsider it looks like a threat, without any indication that it wasn't made intentionally.
> How is Twitter supposed to know that the Tweet was made by the OP or was a compromised Tweet?
For starters: it would be interesting to see what IP address the tweet was made from, whether or not it was preceded by a password change or contact with Twitter support to turn the account over to someone else.
> When something is egregious what should Twitter do if it doesn't have resources to investigate whether the tweet was "intentional" or not, if action must happen quickly to avoid problems?
Good question. That makes me wonder if they are able to operate safely at scale at all.
> And isn't a claim of "wasn't me" an easy claim whether or not it's true?
Yes. And yet: it wasn't me.
> He says "What really pisses me off is that this is fairly obviously not my fault " But I can't find out where it is so obvious. Obvious to whom?
To me, and presumably, to those who know me and presumably to Twitter employees who have access to a whole lot more data than I do.
There are several things they could check and factor into the score before banning someone. Client source (if the use the website 100% of the time and suddenly this was from the Android client for example), IP address (do they tweet from the U.S. exclusively and then suddenly they're tweeting from Moscow?), VPN affiliation (did this tweet originate from a known VPN egress?), and so on. These things _should_ be factored into the "omg ban this account" score IMO, but I have no idea if they are.
> I'm confused - was OP's account compromised, or not?
I do not know. The tweet certainly looks like it was made by my account, but definitely not from this computer and definitely not using my password. I'm pretty precise about stuff like that and Twitter would be the least of my problems if my passwords were hacked. For now I am assuming either someone social engineered Twitter to change my password or a compromise of Twitter of some sort.
> but he doesn't seem very fussed about how it happened or keeping it from happening again
Lack of information... of course I'm 'fussed' but I just don't know. All I know is that as far as I can see my setup here is still secure and was not a factor in this.
> just annoyed that Twitter's response to it isn't faster.
No, mostly annoyed that Twitter would not detect a fairly obvious Joe-Job.
> Is it this commonplace for twitter accounts to be taken over?
Good question, I don't know.
> Also, is saying things like "Go die" an insta-ban on twitter?
For now I am assuming either someone social engineered Twitter to change my password or a compromise of Twitter of some sort.
Try to log in with a clear cache or in a private window. If you get redirected back to the page saying to delete the tweet, then you know your password wasn't changed.
> For now I am assuming either someone social engineered Twitter to change my password or a compromise of Twitter of some sort.
How could you not notice your password being changed? I would think twitter would invalidate existing logins after a password change forcing you to log back in using the "new" password an your devices. Then again, I never used twitter.
This is so confusing that at this point it feels like you're intentionally withholding information. Answer the simple question, has your password changed? Because if not then we can concretely rule out social engineering attacks - if they didn't know your password to begin with then they couldn't change it back, and if they did there would be no need for a social engineering attack.
Also confused. Seems like the actual story here is that OP or Twitter was compromised, not that a Tweet was blocked. At least that's what I'm more curious about.
For many years most accounts have been locked shortly after they're created. I had deep OTM puts on Twitter before Musk bought it since it's pretty obviously a dying platform without some substantial change.
Seems most likely you replied to this tweet and forgot. Your tweet makes sense in this context.
"They arent bothering to train current conscripts. Some Russian soldiers say they are given a weapon and sent straight in. Learn on the job."
11:29 AM · May 2, 2022
In that context it doesn't really look like a reply a hacker would make to get an account banned (unless they know exactly what triggers the auto-ban algorithm and are covering their tracks).
When taken in context it looks like an innocuous tweet but to a twitter censorship algorithm that isn't aware of the context it looks like a command for someone to die.
If the question here is just about why it would be flagged, that's pretty straightforwardly explicable by Twitter's detection (and/or manually-flagging passers-by, perhaps) simply not taking context into account.
I had a tweet flagged and my account locked for explaining an aspect of the QAnon conspiracy theory to another user. This was in a critical, skeptical context, but the individual tweet could be read as advocating the position I was describing. I wasn't successful in appealing it and ended up deleting. Twitter's policies tend to err heavily on the side of false positives.
It seems someone is replying to your tweet by triggering the appeal process and telling you it's not "learn on the job", you said it wrong, it's "die on the job...".
I got my account suspended, in real time, this weekend for following people who liked my tweet. I can log into my account but am presented with a splash page about how my account might be compromised and how I need to reset my password to unsuspend it.
It seems like I am shadow banned and the "contact our appeals team" is a CYA measure since they will not do a single thing to help or even verify my identity. They might not even be handled by an actual support team.
I cannot reset my password to unlock my account due to it claiming my email does not match the account after inputting my phone number. I removed my email previously, so I only have my phone number associated with my account, no previous email addresses are accepted. The workflow redirects me to an appeals form if I say I don't have it associated with my twitter account.
There is a secondary password reset workflow but it requires your account to be unsuspended to use. Great.
Now, I am stuck in a catch-22. Their appeals team sends boilerplate about how they can not do anything to help me. I can log in, I literally have past emails from Twitter and previous Twitter codes sent by SMS, yet that is seemingly meaningless due to some oversight or dark pattern in this workflow.
maybe it would be a good idea to check your environment for carbon monoxide, or ask someone you trust in real life if you've been displaying erratic behavior. People arguing on a forum about Twitter might be overlooking a health issue you might be experiencing.
You very well might not be. Carbon monoxide, stress, medication, sleepwalking, etc. If it's CO, at least try going outside and getting fresh air and see if things clear up. And at least ask someone for their opinion and get a CO detector. It's well worth a try for your own well-being.
So, could you clarify what you were doing at the supposed time of the tweet? Is there any evidence for that in e.g. your browsing history (not to prove it to us, but to yourself)? If it's "I was on Twitter, viewing Ukraine-related tweets" then "you tweeted this yourself (most likely in some altered state of mind)" is an almost unavoidable conclusion. With zero malicious intent, I would recommend one or all of carbon monoxide detector, discussing this situation with a close friend, and/or medical checkup. The similarities to this famous thread are uncanny: https://old.reddit.com/r/legaladvice/comments/34l7vo/ma_post...
One more far-fetched theory would be that Twitter has a race condition or caching problem, which caused someone else's tweet to be posted under your account. But the odds of this happening to only you in particular (and in an on-topic manner!) are essentially zero at Twitter's scale.
I am sort of baffled by all the ink being spilt about Twitter. I still find it jarring that anyone reports on “tweets,” and that there is even a process to ‘appeal’ a decision made ‘about a tweet.’
Anyway, meta-commentary aside, this blog post is something of a mystery. I don’t know whether the author of the post actually wrote the tweet in question and is somehow trying to get back onto Twitter, or if his account was compromised despite him saying it wasn’t… I just don’t know what to make of all of this. Can anyone clarify? Any insights?
FWIW, the author is very prolific and sane on hackernews(at least as far as I've noticed), so the post could be considered more trustworthy than a random post by somebody who has never participated here before.
As someone with a 15-year-old account here, I can verify that Jacques is in a special, small group of members of this community with recognized user names -- based on a long and impeccable record of substantial knowledge and respected expertise.
>I still find it jarring that anyone reports on “tweets,”
Reporters love Twitter, so they spend a lot of time on it. If reporters spent a lot of time in D&D sessions, they would report about every typo in "Dragon" magazine.
Reporters love spending a lot of time on Twitter. It looks like work; it smells like work; but it is definitely not work.
Perhaps because there are sources posting on Twitter?
Reporters often rely on tips. It's like going fishing. If the oceans were full of fish and you wanted fish - surely spending time fishing would make sense?
Reporting on tweets is the modern version "man on the street" interviews from television news. That is to say, essentially worthless. They never tell you how many interviews they did or how many tweets they read before they found the one or two they chose to support their predetermined narrative.
> It's no different than reporting on anything else that someone says in a public forum.
Public forums, like in-person public forums, have much more context and many more barriers to being heard. In a supply-and-demand, signal-v.-noise sense, I find Twitter to be extremely low value, on the order of whatever the homeless fellow on my street shouts about (it’s usually extremely racist, homophobic, and disconnected from reality —- three traits his content shares with Twitter).
> Since there are real consequences for what you say in a public forum, it is understandable that there is an appeals process.
I don’t share the view that getting banned from Twitter is a ‘real consequence’ because I have never been on Twitter and yet, here I am, no worse for wear.
The previous US president used Twitter as his primary form of public address. These are now part of the presidential archive. Like it or not, in 2022, Twitter is a first class medium for communication.
If somebody had that kind of an exploit of Twitter, is it really plausible they'd use it for such an inconsequential tweet and on your account? Seems like there would be far juicier targets.
I’m not sure by what evidence you came to this conclusion. The tweet exists. It exists with this person’s handle on it. This person claims that their account is not compromised.
From an Occam’s Razor standpoint, it doesn’t add up. I was looking for more evidence here, like “At that time I couldn’t possibly have tweeted, because it was the middle of the night and I have never tweeted at night,” or “The people who were the subject of the “@“ are not people I have ever interacted with, and the tweet itself doesn’t make sense in the context of the conversation.”
The general lack of detail and a lack of putting forth a theory of what did happen, besides “I support Ukraine so I might be getting silenced” (which seems unlikely — who doesn’t support Ukraine the West? It’s not an unpopular opinion. Is this guy Russian? And silenced by whom?) — it just plays like the song “It Wasn’t Me” by Rik Rok and Shaggy.
Readit News
But... It's on your account. If Twitter's condition for re-instating the account is that you delete this tweet, and you have enough access to your account to be able to delete the tweet, why aren't you deleting the tweet?
And:
> Twitter is behaving wholly irresponsible here: there is absolutely no way that if my account was compromised that they could not have noticed this prior to issuing the block, and as far as I can see my account is still there, which means that either someone social engineered Twitter into changing the password, then immediately turned around to compromise then get my account blocked or that Twitter has much larger problems in not being able to detect attempts at account compromise.
What if someone got hold of your password somehow? I'm sure Twitter has suspicious login detection, but those things can never be perfect. Maybe OP has really good reasons to think that there's no possible explanation other than a Twitter vulnerability or social engineering a Twitter employee, but none of that reasoning is in this post?
What a weird blog post.
Because deleting it would remove the one bit of evidence that this happened and may well wipe out the data that would allow establishing how this was done.
> What if someone got hold of your password somehow?
Theoretically possible, practically not very likely for all kinds of reasons which I won't go into here but which you are going to have to take my word for. Let's just say that I'm a bit paranoid when it comes to stuff like this.
> I'm sure Twitter has suspicious login detection, but those things can never be perfect.
Apparently...
> Maybe OP has really good reasons to think that there's no possible explanation other than a Twitter vulnerability or social engineering a Twitter employee, but none of that reasoning is in this post?
Well, let's just say that I've been around for a while and to date have not yet had any of my accounts compromised, ever. That this should happen on Twitter where there has been a long history of such things happening is not all that surprising and when it comes to evaluating Twitter account security versus me being able to keep my passwords to myself I'm going to be arrogant enough to claim that I think that I can do that.
There is plenty of evidence for Twitter accounts being compromised, in fact, one comment here links to a SIM swap attack against Twitter's CEO...
What you're doing here makes sense, and if I were at Twitter I'd be trying to help you figure out exactly what happened, on the chance that there was a deeper compromise.
It’s not clear from the post that you have the option to delete the tweet but are choosing not to. I think perhaps some of the confusion in this thread comes from that omission.
You say you've been around awhile but you don't seem to understand that there is not such thing as permanent deletion when it comes to social media. "Deleting" the post in this case would only mark it as deleted and remove it from people's feeds. There is no destruction of evidence that would prevent Twitter from investigating the tweet in the future.
This has big "When the authorities get here I'll be vindicated!" energy, by which I mean: there's no forensics team heading out to the data warehouse to get to the bottom of what happened. Your tweet isn't that important and it makes sense that Twitter wants you to delete the tweet as a show of good faith.
• fetching the offending tweet via a raw/API method could, in the JSON, reveal more metadata – such as involvement of some compromised 3rd-party app with posting rights to your account
• requesting your entire Twitter archive might similarly still be available (as they offer it largely due to the EU's legal requirement), and include the offending tweet with full metadata
Requesting the latter – your full archive – without supplying any more new info (your phone number) might be a tactic with leverage given the EU-compliance dimension. (Though, it's also possible the regulators have already approved phone-number-verification as a reasonable prerequisite for such a giant personal data dump.)
Dead Comment
That's not how computers work. You'll mark it as deleted and then the "deleted" column (or field or whatever) will turn from false to true. No forensic evidence will be lost.
> What a weird blog post.
Thing is, Google, Twitter and many other platforms reinstate accounts after some public crying like this one.
> Now, I have been pretty vocal in my support for Ukraine
This pretty much answers it all, OP wrote the tweet, remember that there are no evidences of account being hacked? Account got blocked. OP makes a fuss about it hoping that visibility from other platforms will help him.
Just delete the tweet and get over it...
Also, is saying things like "Go die" an insta-ban on twitter? I don't use it but I thought it took more than that.
For starters: it would be interesting to see what IP address the tweet was made from, whether or not it was preceded by a password change or contact with Twitter support to turn the account over to someone else.
> When something is egregious what should Twitter do if it doesn't have resources to investigate whether the tweet was "intentional" or not, if action must happen quickly to avoid problems?
Good question. That makes me wonder if they are able to operate safely at scale at all.
> And isn't a claim of "wasn't me" an easy claim whether or not it's true?
Yes. And yet: it wasn't me.
> He says "What really pisses me off is that this is fairly obviously not my fault " But I can't find out where it is so obvious. Obvious to whom?
To me, and presumably, to those who know me and presumably to Twitter employees who have access to a whole lot more data than I do.
I do not know. The tweet certainly looks like it was made by my account, but definitely not from this computer and definitely not using my password. I'm pretty precise about stuff like that and Twitter would be the least of my problems if my passwords were hacked. For now I am assuming either someone social engineered Twitter to change my password or a compromise of Twitter of some sort.
> but he doesn't seem very fussed about how it happened or keeping it from happening again
Lack of information... of course I'm 'fussed' but I just don't know. All I know is that as far as I can see my setup here is still secure and was not a factor in this.
> just annoyed that Twitter's response to it isn't faster.
No, mostly annoyed that Twitter would not detect a fairly obvious Joe-Job.
> Is it this commonplace for twitter accounts to be taken over?
Good question, I don't know.
> Also, is saying things like "Go die" an insta-ban on twitter?
Apparently, but even then: I didn't say that...
Try to log in with a clear cache or in a private window. If you get redirected back to the page saying to delete the tweet, then you know your password wasn't changed.
I'm assuming you are using unique passwords per application.
How could you not notice your password being changed? I would think twitter would invalidate existing logins after a password change forcing you to log back in using the "new" password an your devices. Then again, I never used twitter.
Do you suspect inner job or flagging bot farm?
"They arent bothering to train current conscripts. Some Russian soldiers say they are given a weapon and sent straight in. Learn on the job." 11:29 AM · May 2, 2022
https://twitter.com/Johnrigsby128/status/1521195277033648129
When taken in context it looks like an innocuous tweet but to a twitter censorship algorithm that isn't aware of the context it looks like a command for someone to die.
It seems like I am shadow banned and the "contact our appeals team" is a CYA measure since they will not do a single thing to help or even verify my identity. They might not even be handled by an actual support team.
I cannot reset my password to unlock my account due to it claiming my email does not match the account after inputting my phone number. I removed my email previously, so I only have my phone number associated with my account, no previous email addresses are accepted. The workflow redirects me to an appeals form if I say I don't have it associated with my twitter account.
There is a secondary password reset workflow but it requires your account to be unsuspended to use. Great.
Now, I am stuck in a catch-22. Their appeals team sends boilerplate about how they can not do anything to help me. I can log in, I literally have past emails from Twitter and previous Twitter codes sent by SMS, yet that is seemingly meaningless due to some oversight or dark pattern in this workflow.
maybe it would be a good idea to check your environment for carbon monoxide, or ask someone you trust in real life if you've been displaying erratic behavior. People arguing on a forum about Twitter might be overlooking a health issue you might be experiencing.
https://twitter.com/Johnrigsby128/status/1521195277033648129
> @Johnrigsby128
> Replying to @AUtsogn and @KyivIndependent
> They arent bothering to train current conscripts. Some Russian soldiers say they are given a weapon and sent straight in. Learn on the job.
> 2:29 PM · May 2, 2022
(Local time where I am is UTC -5)
One more far-fetched theory would be that Twitter has a race condition or caching problem, which caused someone else's tweet to be posted under your account. But the odds of this happening to only you in particular (and in an on-topic manner!) are essentially zero at Twitter's scale.
Anyway, meta-commentary aside, this blog post is something of a mystery. I don’t know whether the author of the post actually wrote the tweet in question and is somehow trying to get back onto Twitter, or if his account was compromised despite him saying it wasn’t… I just don’t know what to make of all of this. Can anyone clarify? Any insights?
Reporters love Twitter, so they spend a lot of time on it. If reporters spent a lot of time in D&D sessions, they would report about every typo in "Dragon" magazine.
Reporters love spending a lot of time on Twitter. It looks like work; it smells like work; but it is definitely not work.
Reporters often rely on tips. It's like going fishing. If the oceans were full of fish and you wanted fish - surely spending time fishing would make sense?
It's no different than reporting on anything else that someone says in a public forum.
Since there are real consequences for what you say in a public forum, it is understandable that there is an appeals process.
Public forums, like in-person public forums, have much more context and many more barriers to being heard. In a supply-and-demand, signal-v.-noise sense, I find Twitter to be extremely low value, on the order of whatever the homeless fellow on my street shouts about (it’s usually extremely racist, homophobic, and disconnected from reality —- three traits his content shares with Twitter).
> Since there are real consequences for what you say in a public forum, it is understandable that there is an appeals process.
I don’t share the view that getting banned from Twitter is a ‘real consequence’ because I have never been on Twitter and yet, here I am, no worse for wear.
It's in the title.
> or if his account was compromised despite him saying it wasn’t…
I'm not sure, it could be, it could be a hack of Twitter as well.
At this point I don't want to rule anything out because the only thing I know for sure is that I did not write that tweet.
> It's in the title.
Your claim that you didn't is in the title, sure. It doesn't sound like GP is convinced one way or another though.
From an Occam’s Razor standpoint, it doesn’t add up. I was looking for more evidence here, like “At that time I couldn’t possibly have tweeted, because it was the middle of the night and I have never tweeted at night,” or “The people who were the subject of the “@“ are not people I have ever interacted with, and the tweet itself doesn’t make sense in the context of the conversation.”
The general lack of detail and a lack of putting forth a theory of what did happen, besides “I support Ukraine so I might be getting silenced” (which seems unlikely — who doesn’t support Ukraine the West? It’s not an unpopular opinion. Is this guy Russian? And silenced by whom?) — it just plays like the song “It Wasn’t Me” by Rik Rok and Shaggy.
Dead Comment