said this on tiwtter too but im seriously at my limit, people go and be all like "oh my god young people have no idea of basic internet security omggggg"
and the same person will immediately make an account on t/hreads that is stealing so much data from you its basically one step away from straight up kidnapping
i get we are all desperate, i really do, but i WILL judge you if you go and sign up for the literally shittiest app on earth thats really just a flimsy disguise of a bunch of data suckers in a trench coat
use tumblr, cohost, pillowfort, (the latter two also allow nsfw) ANYTHING but that suckerberg leech i am BEGGING you
idk how accurate it is but i saw the numbers of 75 MILLION sign ups for the threads bs, what the hell are you doing, i feel like im in one of those old anti technology comics were young people just walk off a cliff en masse bc they only look at their phone and nothing else while im the old guy in a chair watching them do it
298 notes
·
View notes
I have some extremely juicy news about Twitter I’d like to share here for those unaware, because it actually has kind of huge implications for account security/data privacy in general.
TL;DR: Twitter asked users for phone numbers/e-mail under the false pretense of requiring them to secure accounts (MFA) and then used that personally-identifying data to profit from advertisers. The Federal Trade Commission ordered them to pay a $150M penalty and MORE IMPORTANTLY they are forced to allow other means (security key, MFA app) and *NOT* phone numbers to meet that security need. TWITTER IS DOING ITS BEST NOT TO ADVERTISE JUST HOW MUCH THEY LOST AND WHAT A GREAT PRECEDENT THIS IS FOR THE REST OF US.
Details follow.
This morning I logged on to Twitter and saw a huge banner about how Twitter cares about your privacy that led to an article that more or less read “oopsies, we may have accidentally asked people for their phone numbers for privacy, and wow! our fingies slipped and we made a teensie widdle boo-boo and profited off of that data.” This article pissed me the fuck off, but it vaguely mentioned a settlement with the Federal Trade Commission. I looked that up because I wanted to see what kind of slap on the wrist they got for this BS.
AND. GREAT NEWS, EVERYONE. THESE MOTHERFUCKERS HAVE FACED SOMETHING THAT MIGHT ACTUALLY BE A CONSEQUENCE.
Article here: https://www.ftc.gov/news-events/news/press-releases/2022/05/ftc-charges-twitter-deceptively-using-account-security-data-sell-targeted-ads
Now there’s a lot in there but, quoting directly, in addition to paying $150M, the settlement must:
prohibit Twitter from profiting from deceptively collected data;
allow users to use other multi-factor authentication methods such as mobile authentication apps or security keys that do not require users to provide their telephone numbers;
notify users that it misused phone numbers and email addresses collected for account security to also target ads to them and provide information about Twitter’s privacy and security controls;
implement and maintain a comprehensive privacy and information security program that requires the company, among other things, to examine and address the potential privacy and security risks of new products;
limit employee access to users’ personal data; and
notify the FTC if the company experiences a data breach.
ITEMS 2 AND 3 (bolded) ARE OF KEY INTEREST HERE.
Bullet point 2 means the app CANNOT force you to disclose your phone number under the pretense of “security.” If you, as I was a couple years ago, are forced to provide additional information to protect your account (some accounts I care deeply about protecting with MFA. Twitter isn’t one of them. Furthermore, providing this phone number DID NOT EVEN FORCE 2FA, so I already had a hunch it was fishy) you now have the option to remove your phone number completely and supply a security key or MFA app instead.
The company has proven it cannot be trusted with your personal information. This isn’t surprising but it’s now concrete. So do not give it to them.
(If you have an iOS device I recommend OTP Authenticator, has a very good track record for not tracking you like some others might - looking at Microsoft Authenticator - doing just what it needs to and doing it securely.)
Bullet point 3 is the reason I got that half-assed banner on Twitter. They were forced to notify users of the misuse and of the new non-personally-identifying security methods, so they made a banner vaguely mentioning the FTC and vaguely mentioning their security settings. They are NOT advertising the fact that you don’t have to provide your phone # anymore, which I can’t help but feel is because they are sorry they got caught, and have every intent to be shitty with your information again given the chance.
Below is a screenshot of part of Twitter’s required communication on the topic. Transcription follows.
Transcription:
“We may have asked for your phone number or email address to secure or authenticate your account (for example, for two-factor authentication). As we told you in October 2019, we may have used these phone numbers or email addresses to deliver tailored advertising to you on Twitter until September 2019. On June 6, 2022, we entered into a settlement with the Federal Trade Commission to resolve this issue.
As of September 17, 2019, we are no longer using phone numbers or email addresses collected for safety or security purposes for advertising. We never disclosed or shared your phone number or email addresses with advertisers. There is no action that you need to take regarding this issue.
You have a number of options to control your privacy and security when you use Twitter:
* Control your privacy settings. You can find out more about your privacy settings on Twitter, including how to enable or disable personalized ads, by visiting https://myprivacy.twitter.com.”
End of transcription. The rest of the article wasn’t screenshotted, this was the important part.
This was the extent of Twitter’s communication. Compare it to the actual agreement reached by the FTC. There’s a reason I read Twitter’s version of events and got pissed off... their propaganda worked, until I read more into it. They really tried to brush over the fact that they faced real and tangible consequences and now you can straight up take your phone number off of your Twitter account, use other means to secure it, and tell them to go fuck themselves.
MORE LIKE THIS PLEASE!!!
357 notes
·
View notes