DISQUS

Scobleizer: Twitter warning: your account data is being sold

  • Steven Wilson · 11 months ago
    The site launched last night,and is for sale today.That is kinda fishy.
  • Tom Biro · 11 months ago
    They already sold the site...for $1200. Now I don't know what of the data is "going with" or what the semantics are, but given the site didn't have a ton of big terms and conditions up front, and so on, it could be anything. Craziness.
  • Louis Gray · 11 months ago
    It already sold for $1,200, according to your link.
  • ceejayoz · 11 months ago
    What assholes.
  • AnthonyF. · 11 months ago
    Great point about not trusting third party twitter apps. It's unfortunate early adopters are being targeted in this identity crime spree...
  • Randy · 11 months ago
    Thanks for the info. It just figures that someone would come along and *^$* up a good thing.
  • joniesmith · 11 months ago
    Design it and sell it in one day, make a profit, rinse and repeat, and let the sucker who buys it deal with the spam lawsuits and legal charges. That's dirty marketing but it's done and will be done again. And they will do it as long as they can get people to fall for it.
  • Chris · 11 months ago
    Whew. Glad I didn't bother with this one. Site launches and is sold within 24 hours? Shady as all get out. If you signed up you better be changing your password immediately.
  • eej · 11 months ago
    did not bother with this one cause it had no value for me but many other apps have my Twitter credentials. namely: Twitpic, TweetDeck, BeTweetered, tweethrl, TinyTweeter and possibly others... shall I bother?
  • Julie · 11 months ago
    Did anyone else notice that the site apparently only consisted of the one page? There was no privacy statement. Not even a copyright notice. Too many red flags for me to even bother, but apparently a lot of other folks didn't mind.
  • Terry · 11 months ago
    Change your password, fault fixed. ;)

    I have to say, the speed and trust that some people give to these twitter add ons for a little ease is scary. It's only a day old! Geeze...
  • Craig · 11 months ago
    I'm with Julie on that one.
  • David Recordon · 11 months ago
    Twitter needs to let third-party applications authenticate you without asking for your password. OAuth solves this problem and it would be great to see Twitter add support for OAuth to their API!
  • Riane · 11 months ago
    The creator of the website is far from being a spammer; He's a startup junkie that has come up with some fantastic ideas ranging from Twitter applications, to various other ends of the spectrum.

    It's just rabid idiots that run around with their head chopped off that are quick to assume the worst of any website. Get your head out of your ass.

    It was a great idea that was flawed because it missed a few main components (eg: Privacy Policy, Terms of Service, etc.) It does NOT mean that the person who created it was a spammer.

    The individual that created is a young, talented individual. He didn't have the financial means to continue to support Twply but thought his idea was worth something, and decided to sell it to someone that had the financial capabilities to keep it active.

    Get off your goddamn high-horses.
  • TheJennTaFur · 11 months ago
    Horrible but again this is why I don't put my name and password from twitter into every application that is out there. In fact, I only use name and password for twitter. I don't use all these applications that everyone swears by. I prefer twitter on my computer and not even on my phone. I don't even use tweetdeck. Not to sure if I want that distraction despite the fact that I received a Blackberry for Christmas. And, thank you @julie for your observation. Red flag.
  • jark · 11 months ago
    The whole point of advocating and implementing OAuth on sites like Twitter is to mitigate the obvious security risks of having to give an unknown, untrusted third-party your username and password to some other web site.

    Twitter severely needs to implement some form of authentication, preferably OAuth, since the foundation of twitter is third-party usage. Whether twitter opts to implement OAuth or something as simple as what FriendFeed has done with the "user key" is not as important as them finally implementing such measures.

    Aren't you on a first name basis with everyone? Can't you just call your boy Ev and ask him if there are any plans for a third-party authentication scheme for twitter?
  • jaseit · 11 months ago
    Change your passwords regularly! - http://blog.jasemarketing.com/index.php/2008/12...
  • Twply · 11 months ago
    The site was sold due to our server ability to hand the high load. Everyone can say what they want.
  • Mizcity · 11 months ago
    Besides changing your password immeadiately, what else can be done to protect your info?
  • Scott Jarkoff · 11 months ago
    The site was sold due to our server ability to hand the high load.

    Exactly how has your service been able to clearly demonstrate that it can "hand (sic) the high load?" I find it hard to believe Twply has a really good understanding about what a true high load is. Such a claim seems purely suspect.

    Everyone can say what they want.

    Welcome to the blogosphere, where people can and will say what they want. If you are interested in turning the drama in to good will then you might consider answering some of the many lingering questions:

    1. Why does Twply have no privacy policy posted?
    2. Why does Twply have no terms of service posted?
    3. Why does Twply require Twitter passwords when you can merely convert user RSS feeds and email those. Finding @replies is as easy as using the Twitter API, which does not require a users password for most functionality.
    4. Does Twply store Twitter user passwords unencrypted, encrypted or hashed?

    Until you start answering questions with honest answers, expect the ill-will to continue. My $0.02 anyhow. :-)
  • Kata Wagner Berg · 11 months ago
    Well, can I just say Happy New Year between here`

    BUEK!

    Hei, hei, hei from Budapest :)
  • Stut · 11 months ago
    There's absolutely no need for a service such as this to require your password. And to prove it I built my own version, feel free to give it a try: http://replies.twitapps.com/

    No password required and absolutely no spamming!!
  • kosso · 11 months ago
    Can you imagine what people will say when places like ping.fm sell? (or just about any site which offers the ability to crosspost any content to another of your social networks/blogs.etc.)

    All your deets are belong to them.
  • kbcolvin · 11 months ago
    This is such a gray area. It's very interesting for me to hear everyone's comments, as I have a Twitter app in development called Twitterface that requires at least one account (of Twitter's) to be entered in order to be able to use it. Additional accounts can be added so that the id/pw is stored for ease-of-use (since my application is specifically geared toward multi-accounts.)

    It is not yet released, and I have no plans to sell it once it is, but hypothetically, were I to sell it someday, it would most definitely include users names/passwords because that is what the site DOES (lets you access Twitter in a different way.)

    For those of us that make Twitter apps to utilize it plus combination with our own creativity, there is no other way (I don't think) to do some of these things without requiring the id/pw. Apps like @mrtweet are able to look at public info and use an algorithm to give neat results. But if you are using an alternate client, such as Tweetdeck, Twitterific or my soon-to-launch Twitterface, there's no other way at this time to do it.

    Given that, rather than throw the baby out with the bathwater, I think people should follow app creators on Twitter, look up reviews, and do as much due diligence as needed to feel comfortable before giving out your Twitter account info. I was already planning on privacy policy, etc. but I think some additional things are in order as well, based on this feedback, and I am going to be thinking about everyone's concerns here a lot.

    I do not know the Twply creators, but I do have a lot of experience working with startups, and the simple fact is, many cool things can be created by people who don't have all the information they need about launching a product. Therefore you might not see privacy policies, etc. It does not indicate bad intentions necessarily for these things to be missing - it may have been out of a lack of experience in doing something like this. Not sure.
  • Richard Crowley · 11 months ago
    http://github.com/rcrowley/django-twitterauth/t...

    I've started on a very hacky way to not steal a user's Twitter credentials when making API calls. I've plans for more elegance but as it stands it will Just Work.
  • spinnakerjksc · 11 months ago
    Yikes. Good thing I don't have any super-important information on there.

    Jordan.
    www.theriverjordan.net
  • vrypan · 11 months ago
    OAuth twitter authentication could also be implemented by a trusted 3rd party. Someone we could trust with our username/password and would act as a proxy of twitter API. I guess many users would even pay for this service.

    Applications would then have to use OAuth and a different API endpoint to access the twitter API, but the rest could stay the same.
  • aLee · 11 months ago
    have been reading about twply lately..
    they must be held accountable!