Ever since the early days of the Fail Whale, Twitter has earned, perhaps rightly, a reputation of not being the stablest of web services. The advent of today’s “forced follow” Twitter bug, which allowed users to very easily force anyone to follow them on Twitter, is not likely to help that reputation — nor is the fact that in combatting it, Twitter has temporarily reset follower and following counts to zero.
The exploit was first announced this morning by Webrazzi who noted that if a user enters “accept username” into Twitter, that user will automatically start following them. Suddenly, notoriously following-adverse users like Conan O’Brien would be seeing the random musings of hundreds of followers when they logged in to their accounts.
In testing this glitch, I managed to get Bill Gates to follow me. However, before I could come up with a clever charity idea to scam him out of his billions, Twitter slammed down on the bug, and they did it hard. Now, everyone
who used this bug is listed as having both 0 followers and 0 people following. This seems (hopefully) to be a temporary measure, as tweets from people users were formerly following are still populating the newsfeed.
We identified and resolved a bug that permitted a user to “force” other users to follow them. We’re now working to rollback all abuse of the bug that took place. Follower/following numbers are currently at 0; we’re aware and this too should shortly be resolved.
While an error of this nature has serious security implications, Twitter now reports that protected updates were not compromised. To temporarily fix this error, however, Twitter had to do some very serious clamping down, at the moment, all following is blocked on the service, seriously compromising Twitter’s usefulness. Worth noting, however, is that more users seem interested in using this exploit to have a little fun, as opposed to doing anything truly malicious.
A Twitter search for “Accept Conanobrien,” for example, reveals that hundred of users have been trying to force Conan to auto-follow them. Other Twitter-celebrities, such as Ashton Kutcher and Kim Kardashian have been popular targets as well.
The real question now is, what will users think of this serious security breach? It’s been a bad few weeks for sharing-centric web services, first with Blippy leaking users’ credit card information, followed by Facebook’s latest security concern regarding user chats, and now this problem with Twitter. Will this spark a exodus of users from Twitter and other services, similar to the “Great Facebook Deactivation Wave” we’ve been starting to see this week? Only time will tell.
Update: While Twitter has now fixed the “0, 0″ error that manifested when they first cracked down on the problem, it appears they may have reverted their database to a slightly too recent update. Bill Gates is once again following me, so if anyone has any good business ideas, let’s hear them in the comment section.
Update2: According to Mashable, the whole affair started most absurdly:
“According to an e-mail we received this morning, the Twitter bug and ensuing 0 followers/0 following fiasco was inadvertently started by a Turkish fan of heavy metal band Accept. When this young man tweeted “Accept pwnz,” he found that the user @pwnz was suddenly following him.”