Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wpautoterms domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u996806617/domains/vidyut.net/public_html/wp-includes/functions.php on line 6121
Posting using Twitter api without permission - Vidyut

Posting using Twitter api without permission

There is this service called Tweet cloud, which analyses your tweets for keywords and creates a cloud with the most highly used ones. Pretty. interesting too. However, I find that when it posts a link to your cloud, it also posts an image of the cloud using twitpic. How does it login to twitpic to post on my behalf?

Here’s the process.

When you login to the website, you reach this basic page, where it tells you about the service. Clicking Generate a cloud prompts you to grant access with your Twitter account.

Nice cloud. Loved it. You have the option to tweet your result or not. I chose to tweet. This is the tweet that got sent.

As you see from the short url, the pic is hosted at twitpic.com. I don’t remember logging in to twicpic. I didn’t authorize a login for twitpic. But the image got posted from my account. How did this happen?

I checked, but I was not logged in to Twitpic. Thus:

So I suppose the question now is if Twitter authorizations can be used by third parties to post in my name. Sure, this time, nothing offensive as such was done, but the point that it is possible to do it – is it a security issue? You decide.

If you want updates.


Posted

in

,

by

Tags:

Comments

Leave a Reply