Comment by mindcrash
2 months ago
Way back then I exposed massive data collection from Twitter by Google which made it possible to plot locations at which you used Twitter in Google Maps by simply putting your Twitter handle into the search field. Somehow they knew about these locations even when you opted out of sharing location data with Twitter (I checked) -- so this was only possible by Twitter privately providing this information to Google.
This "experiment" has since then been shut down, but exposing this and many other other forms of activism permanently has cost me my Twitter account, to the point that asking to reinstate it several times because I was permanently suspended for no valid reason led to X Support directly rerouting every attempt to appeal this decision into the digital trash can.
Let's say nothing surprises me anymore.
Is this your experiment? https://github.com/jkakavas/creepy https://www.geocreepy.com/
Mine was even creepier.
This one used data shared by the user (opt-in on sharing geolocation in the app or browser), which then is publically exposed through the API (like this feature says it would).
Mine doesn't give a shit, geolocation was shared even when turned off by the user in Twitter.
Sorry for misrepresenting the functionality of the original cree.py project.
What it does is download all photos that the user shared on Twitter, extract GPS tags from EXIF, and put markers on Google maps, annotated with these photos.
Could you link to some of it? Sounds extremely interesting!
See screenshot: https://xcancel.com/kpcuk/status/601451439215353857
Do note that at first it was assumed just Chrome was involved, but then people started to message me that they also saw it when using the apps, Firefox, Safari and other browsers aswell.
Sounds like they showing geoip for tweets/profiles?
1 reply →
Thanks!
It's really indefensible to post this without linking to your research to show people what you found.
Believe it or not, I wrote about it on my now permanently suspended Twitter account.
Here is a remnant from someone who replied at the time:
https://xcancel.com/kpcuk/status/601451439215353857
By the way: somewhat later we (thanks to a group effort) figured out it wasn't "just" Chrome as mentioned, and this basically led to the strong assumption there was some serious data sharing involved.
And yes that screenshot from this person is 100% real; my pins for example were sprinkled all across Brighton in the UK near places with Wifi access (I recently went on a city trip there at the time), and my home town in the Netherlands.
Tweets were geolocated, with a 'see tweets near me' page until about 14 years ago, so it's entirely feasible that at least some of that infrastructure has survived the feature being removed.
"Tweets near me" was based on people sharing geolocation with Twitter (one of the things you can opt-out of when setting up your profile).
I didn't share any geolocation with Twitter. At least not voluntarily.
Doesn't every site route every support request for every reason into the digital trash can? You're supposed to just make a new account, using as many mechanisms as possible to make sure the site can't link it to your old account.
I’m not even sure that’s possible for some sites.
A few years ago I tried to create a separate digital footprint from scratch (just an experiment out of boredom when my isp offered a second number for free). I used an ultra cheap never before used android phone and set it up outside my home.
Google went nuts. All sorts of captchas, security checks and attempts to link me to other information popping up on every step. Eventually it wouldn’t let me use the phone unless I provided a credit card number.
Apple secretly linked my account to my >15 year old inactive account as well as another random account that isn't even mine. Nothing happened of it until I let my iPhone sync its settings to a new iPad. The iPad spammed a password input form for my old account that blocked all other UI elements. It didn't accept any password even after a password reset. Took me an hour to make the tablet usable again. The password form still randomly pops up every few weeks and there seems to be no way to fix the mess.
Bonus: the iPad's device name is now "My iPhone" because it also synced the device name from the phone.
1 reply →
That's the modern tech landscape for you. They really want to know who you are because they make more money that way. For a similar experience, try Tor Browser.
I too sell my phone and buy a new one and also get a new phone number each time I get banned
Someone from X Support replied, basically told me to fuck off and that this would happen after my second or third appeal... so no.