Posted on by m1k3y

The trouble is that Twitter’s authorisation process makes no distinction between small toys like that and big applications like TweetDeck that handle your entire account. Toys only need to read public messages and perhaps tweet once, but usually request, and are being given “read and write” permission, which means they can do every action Twitter can provide an authorised user: the power to change profile pictures, follow and block users, and – crucially – read direct messages. Changing your password doesn’t lock them out either; you need to explicitly revoke their access.

Who’s reading your Twitter DMs? | Technology | guardian.co.uk

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.