Twitter suspends security researcher's account as a threat

Twitter suspends security researcher's account as a threat

Summary: Twitter erroneously suspended, and subsequently restored, a prominent researcher's account two months after he tweeted a security warning intended to inform his audience about an imminent threat.

SHARE:

Twitter erroneously suspended, and subsequently restored, a prominent researcher's account two months after he tweeted a security warning intended to inform his audience about an imminent threat.

Aside from poor security handling, this situation offers a case study example of immature customer service and suggests problems with the organization's corporate culture.

Mikko H. Hyppönen, Chief Research Officer at well-known computer security and anti-virus firm F-Secure, discovered that Twitter unexpectedly banned his account without warning. Here's a screen capture (that I edited for clarity) from Mikko's blog:

When Mikko complained, Twitter restored his account with this minimal explanation:

I've unsuspended your acct. You were suspended for using the malware URL rnyspeceDOTcom in DMs. Be careful! We scan evrythng for malware.

Apparently, this tweet got Mikko intro trouble:

I asked Mikko to share his thoughts on what happened:

Obviously, I was quite surprised about the whole incident. As I've worked with Twitter previously regarding Twitter worms and such, I really didn't expect this. In addition, I wasn't expecting them to ban me because of a tweet that was actually warning users to stay away from a phishing site. I think their process leaves a lot to be desired.

Twitter did not immediately respond to my request for comment.

THE PROJECT FAILURES ANALYSIS

There are several problematic aspects regarding Twitter's handling of this matter:

  1. Twitter waited two months to suspend Mikko's account after he sent the "illegal" tweet. A two-month delay responding to perceived security threats does little to protect users.
  2. This case has extreme irony because Mikko's tweet attempted to warn followers away from a major security threat. In addition, his tweet included spaces in the middle of the address, making it non-clickable for readers.
  3. For the coup de grâce, the company's explanation is rude, blames the user, and does not even apologize. In addition, Twitter did not restore any of Mikko's followers or the people he followed.

One might expect a small, poorly funded startup to exhibit these problems, but that's not Twitter's situation. According to Bloomberg, the company is valued at $1 billion, having raised $150 million.

Cute logos and web page illustrations are no substitute for genuine customer service values. If the company doesn't improve customer service attitudes, its reputation may one day descend to the level of cable and telephone companies: hated utility services that we tolerate until a replacement comes along.

Topics: Social Enterprise, Enterprise Software, Security, Software

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

13 comments
Log in or register to join the discussion
  • Just the beginning...

    I'm glad this incident was reported here and although it may be viewed as minor, it actually wreaks of of much bigger issue.
    It is clear that Twitter's CS is overwhelmed as it took so much time for a reaction to occur.
    It is likely that a form of data mining or filtering led to the eventual skewed action/resolution.
    What if the scenario had been different? What if words triggered concerns by DHS or the FBI? Ridiculous?
    I believe as social networks such as Twitter and others take traction, increased monitoring will lead to incidents soley based on algorythms and security software, not CSR's.
    How soon the FBI busts down your door will depend on what you say and NOT what you do...
    Scary? You bet!!
    Redeye Dog
    • Some tend to react wihout thinking...

      Was just reading an article on child porn using a map of a city in California with the URLs pictured as locations on the map. The comment on one of the locations was it was raided twice--local police and the FBI before---they didn't find anything. Seems someone in the area was using the owners wireless LAN to access the network and post porn. The authorities now check for a wireless signal before the bust the door down. Another good reason not to use wireless.
      rgoeken1@...
  • Latest Ecomm Fad

    Twitter is for twits. If one could count on it for at least meaningful haiku, then I'd feel mollified, but...
    Technogeez
  • RE: Twitter suspends security researcher's account as a threat

    I myself has recently been suspended and I have no idea why. I have built up over 6,000 followers and all have been wiped out in a single stroke. When I found out I was quite shocked. Needless to say I contacted support via email yesterday evening and still have heard nothing. I don't care how big and successful they are, I'm not sure I can ever really trust them again.
    mpnc
  • RE: Twitter suspends security researcher's account as a threat

    If it had happened to me & it was a very important message about security I would have opened a few accounts from different computers in different names to make sure the legitimate message got through to as many people as possible.I do not use twitter much as not possible to put enough information in a message for it not to be taken out of context.
    ronangel
    • yeah, right...

      if you would do that, and you would get caught, then you would have even more problems with them.
      sailor_0703
  • What does he expect

    Twitter is for twits
    tracy anne
  • Linden Lab bans people warning about ignored critical security issues

    There are other companies having trouble to handle security issues, too:

    http://sourceforge.net/tracker/?func=detail&aid=2792370&group_id=219595&atid=1046873

    That issue was not completely fixed until 2009-09-22.
    They are still other security issues on the website like leaking cookies out of https.
    thunder2
    • Thanks thunder2, very interesting! ..(nt)

      .
      JCitizen
  • RE: Twitter suspends security researcher's account as a threat

    http://www.dudemalls.com Sell:Ed/POLO tshirt$13,jean$30,handbag$35,jordan shoes$32,coach lv handbag$35,coogi/burberry jean$30 Free shipping!

    our price:

    bikini $25
    coach chanel gucci LV handbags $32
    coogi DG edhardy gucci t-shirts $15
    CA edhardy vests.paul smith shoes $35
    jordan dunk af1 max gucci shoes $33
    EDhardy gucci ny New Era cap $15
    coach okely CHANEL DG Sunglass $16
    (air max, shox tn, rift, puma, dunk sb,) nike jordan shoes 1-24 $32
    edhardy(shoes, tshirts, jeans, caps, watche, handbag) $25
    AF(jeans, coat, hoody, sweater, tshirts)Abercrombie & Fitch $31


    http://www.dudemalls.com/productlist.asp?id=s83 (Bikini)

    http://www.dudemalls.com/productlist.asp?id=s8 (Nike_Air_Jordan)
    jamesopiji
  • Wow...

    Wow, just wow...don't know how better I can say it than that...twitter is really dumb on this one...twitter's services can really be useful at times, but its premise is already available through both Facebook and Myspace. Twitter's features (like search), as well as some of its format, which is user-implemented (i.e. retweets, and search keywords like metatags), are much more useful than what Facebook or Myspace has, but the idea of answering the question, "What are you doing?", is not entirely original. Twitter's service is improved on that idea, but most of those improvements have depended on the user to implement (again, retweets, and metatag-like search keywords). If Facebook were to implement such a search feature, Facebook could easily throw out Twitter already as it is.
    sailor_0703
  • RE: Twitter suspends security researcher's account as a threat

    Good commentary, Michael. Apparently their real-time searching of their own data stream isn't so real-time if they caught it 2 months later. Let's see if Twitter updates their processes.

    (Btw, why are you using Opera v9.6 still -- from the screenshot -- instead of the much-improved Opera v10?)
    ktopera
  • RE: Twitter suspends security researcher's account as a threat

    We don't pay anything for these services yet people are surprised when they don't receive customer service?
    alan@...