• unexposedhazard@discuss.tchncs.de
      link
      fedilink
      arrow-up
      126
      arrow-down
      5
      ·
      edit-2
      4 months ago

      Because this is clearly bullshit.

      Dont get me wrong, i totally believe there are exceptions made for specific accounts in exactly this fashion, but the stuff seen in the screenshots is just completely fabricated. Whatever this is, its not how Twitter would configure exceptions for stuff like this.

      Read this for a rundown of why its either completely fabricated or at least not trustworthy

      Article: https://dataconomy.com/2024/07/25/twitter-api-leak-twitter-protected-users/

      R*ddit comment: https://www.reddit.com/r/h3h3productions/comments/1ebf8lx/comment/let06na/

      This keeps getting posted today and its fucking stupid. There are many legitimate points to criticize about Twitter and Musk so there is no point in spreading fake shit.

      • big_slap@lemmy.world
        link
        fedilink
        arrow-up
        42
        ·
        4 months ago

        the way twitter handled this (banning this user) is going to make people spiral and believe this was legitimate, as well. throwing a lot of fuel on the fire, par for the course with twitter under musk leadership, unfortunately

      • Blue_Morpho@lemmy.world
        link
        fedilink
        arrow-up
        16
        arrow-down
        1
        ·
        4 months ago

        So you are saying that if a post is bullshit, Twitter should delete the account?

        Because Twitter has a double standard when it comes to free speech.

        • unexposedhazard@discuss.tchncs.de
          link
          fedilink
          arrow-up
          17
          arrow-down
          1
          ·
          edit-2
          4 months ago

          No im just providing people with the reason for why he got banned.

          But yeah you cant really expect to spread fake news about the very service you are posting on and not expect to get banned.

          I mean he would probably also be banned if it was real but thats besides the point.

      • Optional@lemmy.world
        link
        fedilink
        arrow-up
        6
        ·
        4 months ago

        I wish they could be more authoritative. Basically they say “well, maybe, but maybe not” with no clear examples either way.

        Would a variable have a subdomain? Unlikely but Musk’s jenius coding antics do not allow us to dismiss it either.

        The security certificate is valid. Ok.

        Why use okta for this? Again ¯\_(ツ)_/¯

        The banned words include British and Australian slurs - ? Ok?

        And ultimately:

        As this story develops, users and observers alike will be watching closely to see if any additional evidence emerges to support or refute the claims made in the Twitter API leak.

        Until then, the true nature of Twitter’s content moderation practices for high-profile accounts remains a subject of speculation and debate.

  • Phen@lemmy.eco.br
    link
    fedilink
    arrow-up
    40
    ·
    4 months ago

    Hard to believe this is true. Not the “feature” itself (that’s very believable), but the claim that this was exposed as okta configs - that just doesn’t make much sense. Not impossible, but very unlikely.

    • Seasm0ke@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      4 months ago

      I mean, I’d believe musk did it himself as a grade a idiot with just enough understanding to make a mess of things, but yeah doubt

    • Zetta@mander.xyz
      link
      fedilink
      arrow-up
      21
      ·
      edit-2
      4 months ago

      I’m not an expert but this seems likely fake, it just feels real because they really do let those accounts say whatever

      • shininghero@pawb.social
        link
        fedilink
        English
        arrow-up
        13
        ·
        4 months ago

        Definitely fake. I’ve worked in IT, and I know Okta’s offerings. They do multi-factor and SSO stuff, basically password management stuff on steroids along with any regulatory compliance checklist stuff.

        They do not rent out cloud infrastructure for other companies to use.

    • sugar_in_your_tea@sh.itjust.works
      link
      fedilink
      arrow-up
      11
      arrow-down
      1
      ·
      edit-2
      4 months ago

      Why not? This is one of the more tame things Musk screwed up.

      But no, this is most likely fake. It’s way too convenient for it to be true.

      • Echo Dot@feddit.uk
        link
        fedilink
        arrow-up
        3
        ·
        4 months ago

        It’s not how code works. There’s no reason to send this information to the client because the filtering runs server side, so the client never needs to know about it.

        • sugar_in_your_tea@sh.itjust.works
          link
          fedilink
          arrow-up
          1
          ·
          4 months ago

          You’re assuming proper design. I’ve worked on systems where filtering was done client-side (and fixed that), it’s stupid, but it’s what happens when a FE is assigned a task and uses the tools at their disposal. In fact, I think Lemmy used to filter deleted comments clientside a few versions ago.

          • Echo Dot@feddit.uk
            link
            fedilink
            arrow-up
            1
            ·
            4 months ago

            If they were deleting contents client-side then you could get around the filters by using something like tweet deck. Since we know that doesn’t work we know that the filtering can’t be done client-side.

    • Septimaeus@infosec.pub
      link
      fedilink
      arrow-up
      3
      ·
      edit-2
      4 months ago

      Anecdotal but I’ve encountered a lot of this lately. It seems people have taken to dropping the term “API” arbitrarily into posts and conversations to signal knowledgeability with recognizable lingo, often resulting in nearly plausible but not quite accurate technical descriptions.

      TBF I bet it works most of the time, due to the ubiquity of interfaces in software, and I may only notice it when they feel emboldened by the success of their first attempt.

  • givesomefucks@lemmy.world
    link
    fedilink
    English
    arrow-up
    27
    arrow-down
    2
    ·
    4 months ago

    I legitimately don’t understand why anyone that isn’t a far right asshole is still on twitter.

    If it’s just them, they’ll fight each other and eventually abandon it.

    If you think you’re staying to “fight” them, then you’re giving them what they want: an argument in a place they control and a target for the rest to focus on.

    • lemonmelon@lemmy.world
      link
      fedilink
      arrow-up
      3
      ·
      4 months ago

      One could keep an account open for monitoring purposes, but I can’t fathom actively engaging there anymore.

      Even supposing apolitical content, I wouldn’t want to generate anything for Twitter.

  • Lasherz12@lemmy.world
    link
    fedilink
    arrow-up
    20
    ·
    4 months ago

    Probably true, but this is almost certainly a bs source. The code and list of names doesn’t make sense since Elon is online 23/7 and his real list wouldn’t even fit inside a 50 page dossier…

  • Tudsamfa@lemmy.world
    link
    fedilink
    arrow-up
    19
    ·
    4 months ago

    I actually got called and Elon Defender for pointing out that this is most likely fake, I’m glad most people here at least came to that same conclusion.

    Still,

    • jol@discuss.tchncs.de
      link
      fedilink
      arrow-up
      7
      ·
      4 months ago

      Glad im not the only one who immediately thought this. Ugh, I grew to distrust 99% of what I see online nowadays. And this doesn’t even look legit

  • Echo Dot@feddit.uk
    link
    fedilink
    arrow-up
    14
    ·
    edit-2
    4 months ago

    I am fairly show this has already been debunked. That’s not how programming works, you wouldn’t have a list of people on the API side. There’s absolutely no reason for it to live on that side, it would be on the server because that’s where it would have to run anyway.

    • jol@discuss.tchncs.de
      link
      fedilink
      arrow-up
      3
      ·
      4 months ago

      No, you see, the algorithm uses the API to parse the tokens and then it asserts the heuristics on the server. Trust me, my uncle works at Twitter.

    • OldWoodFrame@lemm.ee
      link
      fedilink
      arrow-up
      2
      ·
      4 months ago

      Yeah plus they know the code is open source, so even if that wasn’t the normal and correct way to do it, it is how they would do it.

  • pelespirit@sh.itjust.worksM
    link
    fedilink
    arrow-up
    1
    arrow-down
    3
    ·
    4 months ago

    This post keeps getting reported for fake news. Honestly, I don’t know anything about coding so it might be? Don’t really care tbh, so stop reporting it please. Even the people saying it’s fake don’t seem to be sure and say it’s “probably fake.” I’m just going to go ahead and lock it.