Twitter’s New Security Strategy: Rewriting Some Users’ Links
Beset by phishing attacks and other scammy behavior, Twitter is taking a step I don’t think I’ve seen anywhere else before: The social messaging service says it may change the text of its users’ messages in order to protect them.
Specifically, Twitter is going to rename links that users send to one another via direct messages, which allows the company to track them and shut them down if they turn out to be malicious. You’ll be able to identify the renamed links, because they’ll be shortened using a “twt.tl” prefix.
In typical Twitter fashion, the company has a blog post that explains the change, but in somewhat vague and hazy terms. As best I can tell, what Twitter is really doing is rewrapping some links that users send with its own code.
This doesn’t appear to change the core characteristics of the link–publishers and marketers who use the bit.ly link shortening service, for instance, will still be able to track the data generated by their links. But it does give Twitter the ability to track bad behavior.
If you want to view the move in a positive light, you can think of it as the tag an airline slaps on your luggage when you check it–the only changes to your message are superficial. Or, if you’re so inclined, you could shiver just a bit at the thought of a messaging service changing any part of your message, no matter how trivial.
Twitter only announced the change this evening, but the company appears to have been testing it for some time: Searching Twitter for “twt.tl” turns up shortened links going back several days. As best I can tell, this one–what appears to be the retweet of a direct message from a marketer–is the first one to show up in public:
There’s a good chance many or most Twitter users won’t see the shortened links–if you’re not sending or receiving direct messages, you may never see one, period. But Twitter seems to leave the door open to expanding the program to regular tweets as well: Its blog post says the company has “focused [its] initial efforts” on direct messages and email.
Just to be clear, I checked with Twitter spokesman Sean Garrett via email. Here’s our exchange:
Q: But to be clear: Do you reserve the right to change links in regular tweets?
A: This is our focus right now.