Twitter is the latest social media site to allow users to experiment with posting disappearing content. Fleets, as Twitter calls them, allows its mobile users post short stories, like photos or videos with overlaying text, that are set to vanish after 24 hours.

But a bug meant that fleets weren’t deleting properly and could still be accessed long after 24 hours had expired. Details of the bug were posted in a series of tweets on Saturday, less than a week after the feature launched.

full disclosure: scraping fleets from public accounts without triggering the read notification

the endpoint is: https://t.co/332FH7TEmN

— cathode gay tube (@donk_enby) November 20, 2020

The bug effectively allowed anyone to access and download a user’s fleets without triggering a notification that the user’s fleet had been read and by whom. The implication is that this bug could be abused to archive a user’s fleets after they expire.

Using an app that’s designed to interact with Twitter’s back-end systems via its developer API. What returned was a list of fleets from the server. Each fleet had its own direct URL, which when opened in a browser would load the fleet as an …read more

Source:: TechCrunch

      

(Visited 4 times, 1 visits today)

Leave a Reply

Your email address will not be published. Required fields are marked *