How X (Twitter) Might be Secretly Leaking Your Data
X, formerly Twitter, finds itself in a sorry state as of late. Some commentators have gone so far as to claim the platform has been so radically altered under Elon Musk’s leadership that it is now “a shadow of its former self.”
Spam runs rampant, verification badges have lost their meaning, and privacy and security have taken a nosedive. In the post-Elon Musk era, X grapples with notable privacy issues, shedding privacy and security-focused employees and, consequently, witnessing the erosion of crucial features.
What Happened to Twitter Circles?
X’s decline is not mere conjecture; it’s evident in the case of Circles. This legacy privacy feature, designed to restrict specific tweets to a trusted group, inadvertently failed, exposing private community’s conversations to the public.
While the premise of Circles is clear enough—private chat groups meant for a select, trusted few—recent developments suggest a breach in this circle of trust. TechCrunch sheds light on a concerning trend: private Twitter Circle tweets entering the For You feeds of users who don’t belong to the intended Circle.
Failure of Twitter Circles More Than a Glitch
This flaw is more than a glitch; it challenges the fundamental purpose of the legacy privacy feature. Numerous users have reported their private musings surfacing in the feeds of followers outside the designated Circle.
Even more alarming is when these tweets appear in the feeds of individuals who don’t follow the original poster at all. The issue’s scope remains uncertain, leaving users to question the reliability of a feature designed to safeguard sensitive or private thoughts, ultimately calling into question X’s handle on privacy at large.
An X User’s Experiment
Consider the case of Ian Coldwater, a Twitter user curious to test the validity of these reports. Creating a Twitter Circle with one user, Coldwater sent a tweet explicitly asking to be liked only by the designated Circle.
In a working system, only the Circle member should have the ability to like and, consequently, see the tweet. However, to Coldwater’s surprise, three people, including two non-followers, liked the tweet. Confirming the issue, other users in the thread acknowledged seeing the message in their feeds without the Twitter Circle label.
Is the Failure of Twitter Circles Really a Big Deal?
For those using Twitter Circles as a casual means to share thoughts with a select group, the risk may seem inconsequential. Thoughts on a favorite TV show reaching the “wrong” eyes might not raise alarms.
However, for those using Twitter Circle as an outlet to vent about work, seek confidential advice, or share personal struggles with trusted connections, the warning bells ring loud and clear—this may no longer be a secure space.
Symptom of a Much Larger Privacy Issue
This incident marks another instance of a major Twitter feature failing to function as intended. Amidst the ongoing drama surrounding the company, it signals a broader issue—Twitter may no longer possess the resources to maintain reliable functionality.
A comparison with platforms like Instagram’s Close Friends and Snapchat’s Private Story, which continue to operate seamlessly, accentuates the failure of Twitter Circles. It prompts users to reevaluate their reliance on a platform grappling with the erosion of privacy features and the ability to uphold user expectations.
Is X Leaking Data from Your iPhone?
Now, a fresh problem has surfaced, only adding to the growing concern over X. The platform is apparently leaking user identity, a discovery made by the security researcher duo, Mysk.
While not as immediately alarming as the exposure of supposedly private tweets, any data leakage is cause for concern. In this case, it revolves around crash reports.
X Is Sharing Crash Reports Without Your Consent
The iOS version of the X app provides users the option to opt-out of sending crash reports. You’d think that, if you disabled this option, the app would honor your preference and remain discreet when encountering a crash.
Unfortunately, that’s not the case. The app defies your choice and surreptitiously shares crash reports without your knowledge or consent.
How Exactly Does This Leak Occur?
Mysk demonstrates this in action through a video demo, running the iOS app on a Mac with the “Send crash reports” option turned off. Upon restarting the app, it becomes evident that the app indeed transmits a crash report to Crashlytics, a Google product.
What makes this breach even more unsettling is the fact that crash reports, according to the App Privacy breakdown, are not anonymized or aggregated but are personally linked to individual users. In essence, every time the app crashes or restarts, a report tied to your identity is dispatched to Crashlytics.
A Breach of User Trust
This breach is not only a data leak but a breach of user trust, occurring even when users explicitly express their desire for the app not to share crash report data. The magnitude of this issue warrants attention, perhaps even intervention from regulatory bodies like the EU.
As users grapple with these concerning developments, the immediate solution proposed is stark but straightforward—delete the X app from your iPhone. It’s advice that carries weight, urging users to reconsider their digital interactions with a platform that seems increasingly unreliable in safeguarding user data.
X Struggles to Maintain User Privacy
This narrative has become a cautionary tale. X, once a beacon of social media, now faces compounding issues, from compromised privacy features to veiled data leaks.
The consequences are not just technical glitches but a tangible erosion of user privacy and trust. The vulnerabilities in Circles and the involuntary sharing of crash reports underscore a broader issue—the platform’s struggle to maintain robust privacy measures and uphold user expectations.
Users Must Stay Vigilant
As users grapple with this news, prioritizing privacy becomes more and more necessary. Deleting the app may be a temporary workaround, but it prompts broader reflection on the evolving landscape of social media.
X’s decline serves as a stark reminder that user trust is fragile and must be constantly earned and upheld. In an era where digital platforms play a central role in our lives, the vigilance and discernment of users become crucial in navigating the increasingly blurred line between the public and private.