Twitter, the increasingly popular micro-blogging service, has come under quite a bit of criticism in the past few weeks. Users of the platform, which describes itself as an "information-sharing network" are struggling with what to do about false information being spread around.
It may not sound like a big deal for individual users to let a white lie slip about some status update. But during the past few weeks there have been some more concerning examples of misinformation spreading across the social forum.
For example, Twitter users (as well as those on other popular sites such as Reddit.com) were quick to identify certain individuals as possible culprits of the Boston Marathon bombings days after the attacks, including a Brown University student who had been missing and was later found dead with no connection to the Boston incident. Rumors about whether suspects had been captured or arrested streamed through Twitter users’ timelines as breaking news unfolded after the attacks, some of it true and some not.
After the commotion of the marathon incident seemed to have settled down a week later, another black eye for Twitter popped up when the Associated Press’s Twitter account was hacked, and perpetrators sent out fabricated updates from the venerable news agency’s Twitter feed reporting that the White House had been attacked and President Obama injured.
With such misinformation spewing out from the firehose that is Twitter, it begs the question: Is Twitter broken?
[WHO CAN BE TRUSTED? EFF: Trust Twitter -- but not Apple or Verizon -- to protect your privacy]
Twitter may have answered that question somewhat. The company is reportedly looking into adding a two-factor authentication system to the free service, according to Wired Magazine, which security experts say would make it harder for hackers to gain access to Twitter accounts, and could have possibly prevented the AP’s incident.
“It’s a great idea,” to implement two-factor authentication, says Scott Behrens, an application security expert at security consultancy Neohapsis Labs. The administrative and technical challenges of rolling out a two-factor system will likely be some hurdles to implementing a system, he says because Twitter integrates with so many other services, apps and web sites.
Despite some developers of third-party Twitter apps being upset by recent changes to “clamp down” on Twitter APIs, Behrens says those changes could actually make it easier to ensure third-party apps are playing by Twitter’s rules, including the potential roll-out of a two-factor system.
Two-factor authentication seems like a natural fit for the company though, especially in light of the recent incidents such as high-profile accounts like the AP being hacked. Others like the Burger King and Major League Baseball accounts have also been victims of hackings.
Two-factor systems, such as the ones sold from vendors like Symantec, RSA and others, usually require both a password that a user knows and some randomly-generated code that is supplied to them, and are an industry-accepted best practice security technique. Google already has an optional two-factor system, but Behrens says there’s a careful line. “Usability is the biggest question,” Behrens said; Twitter still wants to keep it easy for Tweeters to use – especially non-technical savvy ones, which is why he believes an opt-in approach would likely be best. Behrens wonders if Facebook and LinkedIn follow in Twitter and Google’s footsteps in exploring two-factor authentication?
Implementing two-factor authentication will not solve all of the problems that have cropped up around Twitter in recent weeks though. It may help prevent the AP’s account from being hacked, but it would do nothing to prevent false rumors from spreading like wildfire.recent article, noting that he regrettably tweeted incorrect information linking Brown University missing student Sunil Tripathi to the Boston Marathon bombings. When Honan tweeted it out, some number of people retweeted it, sharing it with their followers; some number of their followers may have retweeted it as well. Even if Honan had issued some corrective alert to his followers that the tweet was incorrect, it would not guarantee that everyone else down that chain of retweets would see it as well.
Wired reporter Mat Honan offers a solution in a
Honan, therefore, proposes a way to mark tweets as having knowingly false information, or showing them having been edited. Twitter does allow the ability to delete Tweets, which also deletes the post from any users who have retweeted it, but there is no post-facto editing of Tweets currently. Others have proposed some sort of upvoting and downvoting system, a common feature of many social media sharing sites like Reddit.
Paul Gillin, a social media expert in the Boston area, says all of these issues amount to “growing pains” for Twitter as a platform. Twitter is being used in ways that its creator Jack Dorsey likely did not originally envision when he created it in 2006. Gillin is optimistic that between steps Twitter will take, such as implementing two-factor authentication, and by the general Twitter user base learning who to trust and who not to, that the platform will improve. He cautions against throwing out crowd-sources platform altogether though. Wikipedia, for example, after last month’s bombings very quickly compiled a well-sourced posting on the incident. “Don’t dismiss tools because of some bad experiences,” he says.
Network World senior writer Brandon Butler covers cloud computing and social collaboration. He can be reached at BButler@nww.com and found on Twitter at @BButlerNWW.