Tagged: twitter

Tweedledum Meet Tweedledee

This is from Iain Dale’s blog:

The thing is, people actually elected this woman to represent them, yet she seems incapable of rational argument or debate. If you disagree with her she cries foul and accuses you of being nasty. And yet she doesn’t understand it’s her own brand of nastiness which causes people to react badly to her. From subsequent Twitters and emails I have received it seems I far from alone in being blocked by her.

Can you guess who he’s describing? To my mind, it sounds exactly like Nadine Dorries, the MP for Mid-Narnia. What Iain describes here is exactly how Nadine acts on the internet. But Iain and Mad Nad are best buddies, so Iain would never criticise what Nadine does.

No, it’s not Nadine who Iain is describing, but Labour MP Kerry McCarthy. Kerry and Iain had a bit of a spat on Twitter yesterday. Kerry said some nasty things about Total Politics, the magazine that Iain publishes and sends free to every politician in the UK. Iain argued with her and Kerry blocked him.

I’m not really interested in the rights and wrongs of this debate. I don’t care whether Kerry was right or wrong to do what she did (I have my opinions, but they’re not germane to this point). What I do want to point out is the sheer audacity of Iain Dale in complaining about someone acting in a way that is identical to the way that one of his best political friends acts all of the time. And then in the comments, his readers compound his error by claiming that this kind of behaviour is somehow indicative of how left-wingers act on the internet.

Let’s get this straight. There are people who understand the internet and people who don’t understand the internet in all political parties. Being of one political persuasion or another doesn’t make you more or less likely to know how to use the internet effectively. All parties have people who use Twitter effectively and people who still think it’s a complete waste of time. The same is true of blogs (there are still only about fifty MPs who blog) and, astonishingly, email (there are still MPs who you can’t contact by email).

Trying to score political points like this is doomed to failure. It’s particularly stupid when, as in this case, a counterexample is so ridiculously obvious. I know that Iain isn’t the “blogging expert” that other people often mistake him for (he never corrects that mistake) but surely even he could see the huge flaw in this blog post.

I’m not, for a second, defending Kerry’s decision to block Iain. I’m just pointing out that he should have thought a little before publishing this blog post.

And only Mad Nad could do worse than Iain. Here’s her response to the situation.

I block people who are rude and offensive. kerry blocks people who are right.

No Nadine. You block people who are right. You block people who are trying to debate with you. You are scared of interacting with people who might disagree with you and who might have facts to back them up.

I Can’t Hear You La La La La

When the internet first really started to take off ten or fifteen years ago, it was seen as a personal publishing platform. Suddenly, you didn’t need to have support from a TV network or a book publisher in order to get your views in front of a huge potential audience. All you needed was some cheap web space and a basic knowledge of HTML.

Of course, you still had to find your audience. But that was a separate problem. At least you had a platform.

One of the important principles behind “Web 2.0″ was that it changed the web from a platform for personal publishing to a platform for participation. It was no longer enough to have a static web page where you published your views. You now needed to have a blog where you were happy for readers to publish comments on whatever you wrote. The web changed from being about publication to being about conversations.

This was a change that was completely lost on some people. In particular, there is a certain type of politician who like nothing less than being questioned on their views. In many cases this is because they know that their arguments don’t stand up to the slightest amount of scrutiny and they’d rather not be forced to admit that.

Step forward Nadine Dorries, Tory MP for Mid Narnia. For some time now, Mad Nad has portrayed herself as some kind of Conservative Cyber-Queen as she has a blog, More recently (despite initially disparaging the service) she has become active on Twitter.

But it’s all terribly “Web 1.0″. She isn’t really interested in interaction. Her blog usually has comments turned off because whenever she turns them on people start to use them to tell her how stupid she is being. And that’s something that Nadine can’t bear to hear.

She has the same approach to Twitter. Whenever she makes one of her eagerly-awaited tweets you’ll find dozens of people replying to her pointing out the flaws in her logic. She rarely engages with any of her critics, preferring to ignore or, when individuals get too persistent, block them from reading her stream. Of course, blocking people on Twitter doesn’t really achieve anything. Your tweets are still all available for everyone on your public Twitter page. The blocked people just won’t see your wisdom in the stream of people that they follow.

I’ve heard about Mad Nad blocking people for weeks, But despite chipping away at her several times I hadn’t joined that crowd myself until a couple of days ago. I think it was all part of the response to the drugs madness that she posted over the weekend. Mark Reckons has a good summary of what happened. She posted some over-simplistic nonsense about drugs and crime and many people (including me) tried to enlighten her. Soon after that incident I discovered that I was no longer seeing her tweets. After some further investigation this evening it really looks like she has blocked me.

There was another example yesterday. Last night, Kerry McCarthy retweeted a link to a rather good blog post which deconstructed one of Mad Nad’s homilies on the downfall of family life. Dorries failed to realise it was a retweet. First she accused McCarthy of mounting a personal attack on her and then a short while later (when presumably she couldn’t find the blog post on McCarthy’s web site – where it had never been) she accused her of “hastily” removing it. This idiocy lead, of course, to more people attempting to point out where she was going wrong. All of which was ignored by Dorries.

It’s a shame when people don’t use the tools that they have been given. Dorries could get a great deal out of the internet if only she used it to interact with people. Instead she just sees it as another conduit for her ill-thought-out bullshit. And when people try to engage with her, she just does the cyber-equivalent of putting her hands over her ears and chanting “I can’t hear you. La la la la!”

People of Mid Beds. You deserve better than this from you MP. Please don’t re-elect her.

The Power of Social Media

In the future, we may well look back on the past week and describe it as the week that the power of social media became apparent to pretty much everyone in the UK. This week social networks have allowed the powers of light to win three victories over the powers of darkness.

It started on Monday with this tweet from Guardian editor Alan Rusbridger.

Now Guardian prevented from reporting parliament for unreportable reasons. Did John Wilkes live in vain? http://tinyurl.com/yhjxo38

The story that he linked to explained that the Guardian had been prevented from reporting on a written question that had been published in the list of the upcoming week’s business in House of Commons. The paper was prevented from publishing the question or any information that might identify the question. They couldn’t even tell us why this draconian measure had been put in place. As the article put it:

Legal obstacles, which cannot be identified, involve proceedings, which
cannot be mentioned, on behalf of a client who must remain secret.

All they could tell us was that the legal firm Carter-Ruck were involved in the case.

By Tuesday morning both Twitter and the blogosphere were awash with discussion of this issue. People soon identified a likely candidate for the question that was causing the problems and by lunchtime it was common knowledge that the question was about the company Trafigura and their part in the 2006 dumping of toxic waste off the coast of the Ivory Coast. The court hearing about the injunction was set for 2pm but before the parties got into court, Trafigura and Carter-Ruck evidently saw the futility of the situation and Rusbridger tweeted:

Victory! #CarterRuck caves-in. No #Guardian court hearing. Media can now report Paul Farrelly’s PQ about #Trafigura. More soon on Guardian..

Fifteen minutes later,  the full story was on the Guardian web site. It seems likely to me that Carter-Ruck would not have seen their position as so completely untenable had it not been for the way that the information they were trying to censor had spread around social networks.

On Friday, the Daily Mail published an article by Jan Moir entitled “Why There Was Nothing ‘Natural’ About Stephen Gately’s Death”. Moir used the article to spout all sorts of homophobic bile and to somehow reach the conclusion that Gately’s death proved that same-sex civil unions should be banned. It was gratifying to see how quickly the comments on the article turned against Moir and once again one topic dominated Twitter all day. A Facebook group appeared containing the eminently sensible advice to contact the companies whose adverts had appeared beside the article and ask them to complain to the Mail.

During the afternoon, the online article was renamed to “A Strange, Lonely and Troubling Death” (although the original, more strident, title remained in teasers elsewhere on the site). At about the same time all of the adverts disappeared from the page containing the article. Moir issued a statement trying to defuse the situation, but she was so far from understanding what was going on that she only made matters worse. She accused her tormentors of being an “orchestrated internet campaign”. The Facebook group was the closest that anyone came to orchestration. Everything else was just the genuine anger of people who couldn’t believe what they were reading and passed the link on to their friends.

The article is still on the Mail site and there’s no sign of an apology from Moir or a statement from the Mail. But the Mail took the unusual step of removing the adverts from the article, so the amount of discussion on Twitter and other social networks certainly had an effect. And the article currently has over a thousand comments from readers – the vast majority of which are uncomplimentary. It will be interesting to see if this effects the Mail’s attitude to Twitter in the future. To date their articles on Twitter have been largely disparaging – and they often show total confusion over how Twitter actually works. Perhaps now they’ll have to get to grips with it a little more.

The third story I wanted to share also broke on Friday, which means that it rather suffered from being eclipsed by the Moir story. On Thursday blogger Jonathan Macdonald filmed a London Underground guard being incredibly rude to a passenger. The link to his blog entry on this incident followed Moir’s story around Twitter. It reached Boris Johnson who tweeted:

Appalled by the video. Have asked TfL to investigate urgently. Abuse by passengers or staff is never acceptable.

This story made many of mainstream media outlets that evening – running the story that the guard in question had been suspended pending an investigation. I was going to write something about how social media helped to spread this story, but I see that Jonathan Macdonald has beaten me to it.

So there you have it. Three stories in the same week all of which were taken in unexpected directions by the power of Twitter and other social networks. Hopefully Carter-Ruck, the Daily Mail and the tube guard will all think twice before they’re next tempted by such anti-social behaviour (although, there’s already evidence that Carter-Ruck haven’t learned their lesson).

Where does it go from here?

p.s. If you want to follow me on Twitter, I’m davorg.

Not A Broadcast Medium

How do you use Twitter? Do you see it as a tool for interacting with people, or do you simply use it as a broadcast medium? Is it a place for dialogue or monologue?

I started thinking about this over the weekend whilst thinking about Nadine Dorries, the MP for Middle England. Back in May, Dorries had a very strong opinion on Twitter. She wrote:

In discussion over lunch today the conclusion was reached that twitters use twittering, by and large, to moan and complain. It’s a virtual gnashing of the teeth, or beating of the chest. A cyberspace ‘well I never’.

And:

Twittering has to be a symptom of a dysfunctional society.

Before reaching the conclusion:

Anyway, safe to say, I shan’t be joining the legions of twitters any day soon.

It was therefore surprising, to say the least, to see @NadineDorriesMP appear on Twitter late last week. She did, however, acknowledge her change of heart:

I did attack Twitter initially and for that I do eat humble pie, however, you will never know when the milk in my fridge is out of date or I’ve run out of tea bags, of that you can be sure.:)

Whether she’ll be true to her word this time, only time will tell. But it’s interesting to watch how she uses Twitter. Out of almost thirty tweets, only two of them have been replies to people. A few more mention other Twitter users. But the vast majority of her tweets are just a broadcast message and there’s no evidence of her actually engaging in discussion with anyone over her opinions. Twitter search shows that there are plenty of people trying to engage with her, but she has so far chosen to ignore them.

You can also look at the number of people who she follows on Twitter. As I write, that’s eleven. There are close three hundred people following her, but she’s only interested in reading what eleven twitterers have to say. That’s not a ratio which makes me think she’s interested in hearing other points of view or getting involved in conversations.

That’s when I realised that there are two different ways that people use Twitter. Most people (or, at least, most people I follow) see it as a powerful way to interact with people. Even people who have huge numbers of followers engage with at least some of their followers. Take, for example, three people who I follow who have huge followings – Tim O’Reilly, Stephen Fry and Neil Gaiman. If you look at their tweets, you’ll see that they’re full of replies and retweets. These are people who are using Twitter to build and deepen the relationships they have with their followers. You’ll also notice that they all follow large numbers of people. They all know that the more people tweets that you read, the more interesting stuff you’ll find and the more useful Twitter will become to you.

On the other hand, there are the people who see Twitter as just a broadcast medium. People who just speak and don’t listen. People who only like the sound of their own voice – or, at least, don’t mind giving that impression. These people (and Dorries is only the most recent example I’ve found – I won’t embarrass any others by naming them) seem to only be using Twitter because it’s the newest platform for getting their message out there. They seem to have no interest in talking about their ideas. They aren’t interested in what we have to say in reply. That may not be a true representation of how they feel, but by not talking to people on Twitter that’s the impression they are giving.

It’s something that can be measured. I think there are three ways that you can measure someone’s “socialability” on Twitter.

  • The ratio of the number of people they follow to the number of people who follow them
  • The percentage of their tweets that contain references to other twitterers
  • The percentage of their tweets that are retweets

Twitter makes it easy to get this data for all accounts. I think it would be an interesting project to rank Twitter users by how socialable they are. But like all good ideas, I’m sure that someone else has beaten me to it. I’ve done a quick bit of Googling, but I can’t find anything obvious, so if anyone knows of a site that produces these stats, please let me know in the comments.

And to Nadine Dorries (if she ever reads this), please interact more.

Support From The Internet

I’m currently in Lisbon for YAPC Europe. I very nearly didn’t make it. I flew out on Friday and on Friday morning, about three hours before I was supposed to leave the house, I discovered that my passport was missing.

I realise, of course, that looking for your passport on the day that you are planning to travel is a rather stupid way to organise your life. But that’s not what I did. I made sure that I knew where my passport was two weeks before that. Except it turns out that wasn’t my current passport. That was an old expired passport which, for reasons too boring to go into, hasn’t had the corner cut off in the way that expired passports are supposed to.

Just before 9am, I twittered my predicament.

Hmmm… I appear to be having some slight difficulty tracking down my passport *FX: Mild panic*

An hour and a half later, I still sound calm (almost joking), but internally the panic was rising.


If I was a passport, where would I be hiding?

At that point I think that some of my Twitter followers realised that I was serious and started to send helpful suggestions.


@davorg in the cupboard where the cereals are [@davecampbell]

@davorg Old suit or jacket pockets? Maybe in a suitcase? [@OvidPerl]


@davorg Even reading that has me moving to check that mine is where I think it is. Hope it doesn’t stay hidden for long! [@keiosu]

@davorg I found mine hiding under a stack of dirty dishes. [@__Abigail__]

@davorg sock drawer at ours usually [@gellyfish]

Every time I went back to Twitter, there were three or four new encouraging messages.

@davorg odds are you’ve packed it already [@SeanClarke]

@davorg My passport is in my dressing-gown pocket, but I suppose that’s unlikely to help you. [@robinhouston]

@davorg sock drawer? bedside table? [@davehodg]

@davorg I remember a Perlmonks user finding his passport in a slipper [@larsen]

@davorg When did you last use your passport? Is it tucked in the carry-on bag you were using? Filing cabinet? Safe? [@rozallin]

@davorg buried in the middle of a pile of filing/paperwork .. or is that just my wifey that does that? [@chiselwright]

@davorg The trousers you were wearing when you last entered the country? [@theorbtwo]

A lot of the suggestions weren’t particularly helpful, but by about 11am the support I was getting from Twitter was about the only thing that was keeping me sane. My stress is starting to show in typos.


Thanks for all
the advice. The passport remains elusive, but I’m sure I@m getting
closer. And I don’t need to leave for an hour or so :-/

The advice kept on coming.


@davorg Drawer. Bedside table? [@antoniojl]

@davorg If I was a passport I would hide in a suitcase, ready to go. [@anniemaggiemay]

And then it started to take a different tack.


@davorg if we had id cards, you wouldn’t need a passport :> [@pfig]

@davorg You’re an EU citizen. Showing your ID isn’t enough? My girlfriend says she can travel to Portugal on her French ID. [@OvidPerl]

@davorg you don’t need passport to come to Portugal! I believe you are EU citizen :) [@braceta]

Unfortunately, I’d already eliminated that option.


Phoned Passport Agency and BA to see if there is any chance of travelling without it. Of course not.

Then, at 12:33:


Found it. It was in the scanner!!!

One day perhaps I’ll find time to explain exactly why it was in the scanner. But for now I’ll just say that I only found it because I was looking in random places that I knew it couldn’t possibly be.

My Twitter followers were as happy as I was.


@davorg Hooray! [@mrvaidya]


@davorg heh and yay! [@chiselwright]


@davorg Of course! Bloody identity thieves! [@antoniojl]

Of course, the drama wasn’t completely over. I still had to get to the airport in time for my plane. At 12:59, I wrote:


Inna taxi to LHR. Hurrah! Excitment not over yet. Might not get there in time.

Still more encouragement from Twitter.


@davorg i fel the sonic boom as you whizzed past :) [@rjw1]

I was too busy to tweet for a while, but finally at 14:35 I found time to write:


Made it. Sitting in departure lounge waiting to board. Thanks for all your help. Hope you all enjoyed the drama.

And I think everyone was as relieved as I was.


@davorg – just happy you’re on the way safely. [@unixdaemon]

@davorg woo hoo – well done :) [@davecampbell]

@davorg Awesome! See you in Portugal on Sunday :) [@OvidPerl]

@davorg The HP techies here in the Bracknell office have been enthralled by yr mini soap opera. Glad you made it :-) [@edwenn]

@davorg Yay! Well done! [@antoniojl]

glad that @davorg found his passport in time. [@maokt]

@davorg Well done, and thanks for the entertainment! [@robinhouston]

@davorg w00t! U made it. Should have started a sweepstake in the office :) [@cyberdees]

My Twitter statuses are also fed through to my Facebook page. So friends were commenting there too. And I’m really grateful for all of the comments that I got from both places. It would have been really easy to have given up and cancelled the trip, but knowing that there were all these people out there rooting for me gave me the incentive to keep going.

I can categorically state that in this instance both Twitter and Facebook were wonderful systems.

Thanks to everyone who commented.

Who Is To Blame?

Last night I dreamt that the BNP had won seats in the European Parliament. This morning I woke up and it was true. Across the country, 6% of the electorate (well, ok, 6% of the 35% who could be bothered to vote) had decided that they were best represented by racists. In two regions the percentage was high enough for them to win a seat.

It’s difficult to know who to blame for this. Certainly the Labour government have a lot to answer for. If they hadn’t done all they could to alienate the electorate over the last few years then there wouldn’t have been the need for people to vote against them. And it’s not just the Labour Party, of course, every MP who has been abusing the expenses system and destroying the public’s trust in politics has to take a share of the blame. Then there’s the right wing press. They don’t explicitly support the BNP, of course, but papers like the Sun, the Mail and the Standard (“sorry”, my arse) have been slowly but surely creating an environment where the BNP’s poisonous attitudes have moved from being completely unacceptable to something that “middle England” discusses over the dinner table. People who didn’t vote were also to blame. Low turnouts favour minor and extreme parties. Every vote that isn’t cast increases the power of votes that are cast.

And then there are the voters. There’s a load of nonsense talked about the BNP vote being a protest vote and that the people who voted for them not being racists. I’m afraid that doesn’t really bear any kind of scrutiny. There were plenty of protest parties to choose from. Just because you want to give the Labour Party an electoral kicking, that doesn’t lead inexorably to voting to the BNP. There are only two reasons why you would vote for the BNP. Firstly you’re the kind of racist dickhead who agrees with their policies. Or, alternatively, you thought you wanted to vote against Labour and didn’t bother to research the policies of the party you decided to vote for. In either case, you’re a moron.

Just before I went to bed last night, Nick Griffin (the leader of the BNP) was being interviewed by the BBC. What an odious little toad of a man. He was on the defensive throughout the interview. He obviously knows that his opinions are completely offensive to all rational people so he spends all of his time trying to find increasingly bizarre ways to defend them. He claimed that one reason why the BNP only allows white people to join is so that they can use race discrimination legislation against employers who try to sack employees who are found to be members of the party. Every time he opens his mouth, sane people just want to slap him.

I can understand why the BNP want to be a whites-only organisation (it’s because they’re racists) but I don’t understand why UK electoral rules allow it. They want to be seen as a legitimate politcal party. So why can’t we pass a law saying that all UK political parties have to reach certain standards of equality. You know, basic stuff like not discriminating on the basis of gender, race or sexuality. Seems obvious to me.

Griffin also likes to harp on about the “indigenous people”. He really needs a lesson in history. Perhaps someone should send him a copy of Homo Britannicus. The UK doesn’t have any indigenous people. Modern humans arrived in the UK from Europe less than 30,000 years ago. Maybe we should try to send Griffin back to the home of his ancestors. Mind you, it’ll be pretty crowded there as we all have our roots in Ethiopia.

Before the election there was a lot of discussion of the BNP on Twitter. The “#theBNPareTwats” meme got a lot of use. And yet it appeared to achieve nothing. But that’s not really surprising, is it? Twitter is largely an echo chamber. You follow (and are followed by) your friends and people who like what you write. The BNP discussions were largely people who were never going to vote BNP telling other people who were never going to vote BNP not to vote BNP. The chances of any of that witty repartee reaching and converting people who were going to vote BNP was close to zero. So perhaps we’re to blame a bit too. Instead of doing our bit to exchange insults about the BNP on Twitter, we should have been out there knocking on doors and explaining our point of view to people who don’t share it. Perhaps shouting about things on Twitter (and, I’ll admit with slight embarrassment, on blogs) isn’t the best way to change things.

It’s too late now though. There’s nothing we can do[1]. Four the next five years, two regions in the north of England will be represented by racists. We can hope that people saw these elections as unimportant and that they won’t vote the same way in the next General Election. But can we be sure of that? Perhaps we’d better consider doing some real campaigning next time.

Because the thought of BNP supporters in the House of Commons is far too grim to contemplate.

[1] Well, we can (and should) sign Hope Not Hate’s “Not in My Name” petition, but it’s not going to change anything.

Local Media – Twitterers in Balham

As I mentioned a couple of days ago, I’m becoming very interested in using the internet to bring local communities together. So here’s something else that I’ve built over the last few days.

About a week ago I saw Paul Carvill’s new site Twitian. It brings together all of the people from The Guardian who use Twitter and reposts their tweets. It’s an interesting way for people to find other people who might share their interests. I thought that it would be interesting to aggregate tweets on the basis of geography.

I contacted Paul and asked if he planned to release his code as open source. He said that he would, but that it wasn’t quite ready. But then I discovered the Perl Net::Twitter module and realised that it would be pretty simple to recreate a lot of what Twitian does. A couple of evenings of hacking and Balham Twits is ready to go.

It’s a pretty simple set-up. And I don’t do things quite the same way as Twitian. I’ve set up a new user on Twitter called balhamtwits and the site is generated using information about the people that user is following. One feature that I think is rather clever is that the program automatically follows anyone that follows it. So anyone can add themselves to the site by simply following balhamtwits. Of course that could lead to spam accounts being included automatically, so there’s a mechanism to manually remove and block undesirable accounts.

Anyway, I’ve put the code up on Github so that anyone else who wants to have a go can do so. It’s a surprisingly small amount of code. Of course, like all quickly hacked together projects, the documentation is a bit lacking. But I’ll work on that over the weekend. Honest.

Please let me know if you find it useful. And if you’re twittering in SW12, please follow balhamtwits.

Twitter Supports OAuth

I’ve been seeing various announcements and trials over the last few weeks, but it seems that the wait is over and Twitter finally officially supports OAuth. This means that there is no longer any reason for third party web sites to store your Twitter password if they want to interact with Twitter on your behalf. This closes a security hole that I’ve been going on about for months.

Well, except, the security hole hasn’t actually been closed. The third party applications still have the option to use the old authorisation mechanism. It wouldn’t, of course, be fair for Twitter to force all of the third party applications to change their authorisation code overnight. Twitter say:

There is no requirement to move to OAuth at this time. If/When a date is set for the deprecation of Basic Auth we will publish a notice on the API Development Talk. We will not set a date for deprecation until several outstanding issues have been resolved. When we do set a date we plan to provide at least six months to transition.

So you can still use the old, and broken, authorisation mechanism. But over the coming days and weeks we should see fewer and fewer applications using it. And there’s no excuse at all for new applications to use it.

I’m looking forward to using some of the Twitter add-ons that I’ve been avoiding for security reasons. I’ve already turned on Twitterfeed (which, as far as I can see, was one of the first applications to make the switch) and I’m planning to take closer look at Ping.fm just as soon as they switch over.

As a user of these applications there are a couple of things that you can do.

  1. Check the services that you are using to see if they have switched to using OAuth. You’ll know if they have as you’ll know longer be prompted to enter your username and password. Instead you’ll be shown a page on the Twitter site and asked to authenticate the application to interact with Twitter on your behalf.
  2. If your services have switched to using OAuth then do what ever you need to do in order to stop using the old mechanism. I can’t really explain what form that might take as I’ve never had to do it. Then change your Twitter password so that your current password isn’t still in someone’s database in plain text.
  3. If services that you use haven’t switched to using OAuth yet, then give the developers a gentle prod and tell them that you’ll be far happier using their service once they’ve made the change. Maybe even tell them that you’ll stop using their service until they’ve made the switch.

I’ve been quite harsh in my criticism of Twitter for encouraging this horrible antipattern to become so acceptable across the internet. I still think that it was a terrible design decision on their part and that they have taken longer than necessary to respond to the criticism they have received from several people. But I’m glad that they’ve now introduced OAuth and I hope that we can all do all we can to assign the old-style authenication to the dustbin of history as soon as possible.

Twitter and Passwords

Over the last year or so, Twitter has become one of the most successful social networking sites on the web. One mark of its success is the rich ecosystem of other sites which feed off it. The best example is probably the Twitter search engine which started as a separate web site but was so successful that it was bought by Twitter and integrated into the main site.

There are many other sites that also provide tools to improve your Twitter experience. Unfortunately a large proportion of them encourage users to break one of the fundamental rules of internet security. Even more unfortunately, it seems that most users don’t understand internet security and the sites are therefore thriving when they should be ignored.

What is this basic rule of internet security that these sites are breaking? They are asking for your Twitter username and password.

Your password for any particular service should always be a secret between you and that service. No-one else should ever need it. In fact if you read my piece about basic password security from a few years ago, you’ll know that the service shouldn’t store the plain text version of your password. Only you should know that.

I don’t understand why people are so willing to give anyone their Twitter passwords. Well, I suppose I do. The services that are offered are so shiny. I’d love, for example, to use Twitterfeed. But I can’t because it requires me to give over my password to someone else.

It’s not that I don’t trust the owner of Twitterfeed to do the right thing. It’s that I know it’s completely impossible for him to store the password as securely as it should be stored. Think about it. Twitterfeed needs your password each time it posts something to Twitter under your name. That means that it can’t use the non-reversable encryption that a sensible service uses for storing passwords. At best they use a reversable encryption method. At worst they store it in plain text.

Clause 3 of the Twitter terms of use says:

You are responsible for keeping your password secure

If I give my password to another site, I can’t do that. I’m sharing the responsibility for keeping my password secure with other people.

There are, of course, other people who share my concerns. You’ll see the occasional debate on this subject on places like Get Satisfaction. But I’m amazed by the number of people who should know better but still use these systems. A few weeks ago, Charles Arthur (The Guardian’s technology editor) wrote a piece on this subject. He talked about a site called TwitterRank which gave you some meaningless statistics about your place in the Twitterverse in when you gave it your username and password. Charles rightly advised people not to give their password to random web sites. But I knew that he had written the article because his Twitterfeed account posted details to his Twitter stream. When I pointed out the irony in a comment he seemed to miss the point.

How many otherwise intelligent people do you know who use Twitterfeed? Or other systems like Ping.fm? Over the weekend, Robert Scoble praised a site called PeopleBrowsr on his blog without bothering to point that it would ask for your Twitter password and what a bad idea that might be.

There are two arguments that people seem to use to defend these kinds of service. The first is that “it’s only your Twitter password”. And that’s true of course. The world wouldn’t end if someone got my Twitter password and started to send messages pretending to be me. But by promoting this way of doing things, it becomes more likely that people will be less protective of their passwords. How many sites have you seen that offer to tell you if your friends are signed up if you give them your Gmail username and password?

The other argument I often here is that the services are really useful and that Twitter don’t support any other way of doing the things that these services want to do. Well, I don’t know about you, but if the only way to get access to a really cool service was to go against basic security practices, then I’m happy to do without the service.

Here’s an idea. I’ve got this service which will monitor your bank account and send you a monthly report of where your money is going and (this is the really cool bit) will suggest places where you can save money by switching to other suppliers. It will even take any spare money at the end of the month and put it into the best investments it can find. you just need to give me your internet banking login details. Interested? I thought not.

And yes, Twitter are partly to blame for this. There’s a standard protocol for dealing with situations like this – it’s called OAuth. Twitter have been promising to support it for some time, but it’s still not here. And, to be honest, with the number of people who are quite happy to use their current, broken, authorisation model, why would they care about doing things the right way?

So here are a couple of suggestions. If you’re a Twitter user and you find a really useful Twitter-addon that you want to use but which asks for your password then don’t use it. And write to the owners explaining why you won’t use their service. And if you’re running a service which currently interacts with Twitter using passwords, then stop doing it. Close down your service. Explain to both your users and Twitter that you have closed your service until you can reimplement it safely.

I don’t expect for one second that all services will close down or that all users will stop using existing services. But it would be good if enough people stopped using the service until Twitter took notice and started using OAuth.

Who’s with me?

Update: A post from the Twitter development team on December 2nd promises “a beta of OAuth support [ ... ] ready for our first deploy in the next week or ten days”

Twitter Hierarchy

For most of the last year, I’ve been working behind a corporate firewall which blocks most social networking sites. It’s therefore only in the last month or so that I’ve been able to use Twitter all day every day.

It seems to me that many of Twitter’s users have slightly distorted the sites original purpose. It was originally intended to be used for posting brief “I’m doing this” messages, But many people seem to be using it to hold conversations with their friends. It’s become a sort of “non-instant messaging”. Interestingly, the site’s developers noticed this change and added features (like replies) which made it easier to use the site in this way.

But there are still places where the site’s origins are obvious. On anyone’s profile page you can see two numbers listing the number of people that person is following and the number of people who follow that person. But actually the Twitterverse doesn’t break down into two sets like that. There is a more interesting set of three numbers. For most people their sets of followers and followees aren’t disjoint sets. There is another set of people who both follow you and are being followed by you. Let’s call them your peers.

So we have three sets of people. The people who you follow but who don’t follow you in return (people you think are interesting but who don’t think you are interesting enough to follow), your peers and the people who follow you but who you don’t follow in return (people who think you are interesting but who you don’t think are interesting enough to follow). There’s probably a whole cyber-sociology paper in analysing the ratios between the sizes of those three groups for different types of people.

But the important thing is that you can only carry on a conversation with people in your peer group. It remind me of the old Frost Report sketch about class differences. The people higher than you in the food chain don’t listen to what you say. A few times I’ve missed things that people said to me because I’m not following them and simply adding “@davorg” to your message doesn’t add it to my home page (think of the spam potential if it did).

I get round this by using Twitter Search (previously Summize) to search for messages to me. Actually I go a step further than that and have a feed from that query in Bloglines. Is that a common solution to the problem? What do other people do? Is it a problem that you’ve noticed?

Another, related, issue is how do you move up the hierarchy? Is there an etiquette for contacting people who you follow but who don’t follow you? Can you just send them a direct message saying “hey I’m interesting, follow me”? And is anyone being inclusive and automatically following anyone who follows them?

Oh and what does Twitter have that Pownce, Jaiku or identi.ca don’t have? Is it just the number of users? Will we ever see a big move from Twitter to identi.ca like the MySpace to Facebook move of last year?

Update: hanakomu points out (on twitter of course) that if someone replies to you then the message appears in your ‘replies’ tag whether or not you’re following to them. Also, people get a mail when you follow them – but I think that’s probably optional.