Twitter Spam and

Who is running Twitter and where are the engineers?

The spam thing is frustrating for two reasons:

  1. It means Twitter usernames and password were stolen from somewhere. That’s what Twitter needs to focus on rather than suspending the accounts of those that got their IDs stolen.
  2. Second, this was a simple enough attack that it would not have been hard for Twitter to put in a fix right away.

When this spam ramped up, it was obvious it was spam. It was also obvious a bot somewhere was using the Twitter API to send the spam tweets. These tweets were easy to recognize and all pointed to the same URL. It would have been easy for Twitter to catch them at the API level and traceback to the IP of the offending site and perhaps see who was really sending the spam (not the owners of the Twitter accounts).

But no, the spam continues and Twitter’s response is to suspend accounts of legitimate users. Lame!

I really want to know the offending site that stole the passwords and gave them to – that’s the important thing. They need to be tracked down and punished.

It sounds like Twitter needs to re-think it’s technical leadership.