>The blue badge is one of the ways we help people distinguish the authenticity of accounts that are of high public interest.
This is gaslighting. That's not how blue checkmarks work in practice. They are a completely synthetic credibility token that is distributed by Twitter based on whose opinions it wants to boost. That is it.
If verified accounts were about authenticity, two things would be true:
1. Anyone would be able to verify their account after completing certain steps. There would probably be a fee, but no "high public interest" requirement (because it's an obviously gameable and subjective criteria).
This criteria certainly seems to point in that direction: "Activists, organizers, and other influential individuals". I mean, they don't quite outright come out and say that they verify people for advocating for causes that Twitter supports, but I don't think there's any other way to read "activist" really.
how about doing something to stop elon musk scams on the platform.
Something as simple as auto-flagging any account that changes its name and picture after posting to elon musk , or if an account changes its name and picture and then subsequently posts to musk, could help. Fase positives are problem with any solution.
But also, the scam is so hard to stop and and so persistent in large part because it is so profitable for the scammer. This creates a great incentive for the scammer to devote considerable effort to evading twitter's efforts to stop it. Just making .1 btc is like a year's worth of wages if you live in a poor country, and people send way more than that. It beats selling v1gra, p0ker, etc. Nothing comes close to it.
Twitter doesn't take impersonation[0] too lightly. They review accounts that have been flagged as an impersonation account, but still you can create jokey accounts, as per their clause:
> Twitter users are allowed to create parody, newsfeed, commentary, or fan accounts.
You have to have a disclaimer saying the account is a parody to avoid people thinking the account is the real person[1]
Pretty sure they were talking about verified profiles being hacked, changing their display name and avatar to Musk's, and then replying to Musk's tweet something along the lines of "I'm giving away free crypto, click here".
In my view, 2FA should be a requirement for verification.
There is hacked verified accounts too, but also people setting up jokey accounts without the parody disclaimer pretending to be Musk or other influential people, then asking to 'double your Bitcoin by sending coins here'.
That blue checkmark is fairly unmissable. Handle is lower opacity when looking at a tweet. I have nothing to back it up, but having looked at a few cryotocurrency addresses that I've seen from breached accounts, I'm willing to claim it's far more effective to phish a blue checkmark and pretend to be Musk.
2FA has historicially been broken because it is usually attached to a phone number, and phone service providers are suseptable to social engineering. What twitter (and other websites) should be using is PGP, where the user holds the secret key, and there are separate forms on messages to view PGP signatures, and forms on accounts to view their public keys.
Separating UX and "security" from a cryptosystem is impossible. Poor UX leads directly to security vulnerabilities.
Heck, we've seen that in library code: your AES implementation may be sound, but if the library interfaces make it easy to reuse an IV, or use a null IV[1], you have a broken cryptosystem.
I don't even know where to start: backwards compatibility to 90s era crypto, no forward secrecy, a web of trust model that encourages you to have a long-lived key – because with short-lived keys your trust has to be rebuilt after expiry, a cryptosystem that violently leaks metadata...
PGP should've died years ago; there are far better options today.
It is common to see verified accounts using the name section as a tweet-compose function, often adding jokey phrases in there to confuse people. But yeah, this practice should not be allowed and should be a red flag behavior.
Worked for me and there was one requirement that was a bit strange that I didn't see documented anywhere; you have to add a 'Hashtag URL', which is "The URL of a Twitter search for a specific and notable hashtag that you created or is about you." See: https://twitter.com/geerlingguy/status/1395463184681771016
I wrote on this awhile back, but Twitter should be verified-by-default. If you can verify your identity, you should be given the blue checkmark. That way you can restrict your feeds to those who are verified, or who can connect with you. I believe this would solve a lot of the vitriol and scam/spam issues rather quickly.
There are ~200 governments in the world, most of them don't even have digital infrastructure. Not even talking about resubmissions of blurred photos, fraud detection, human mistakes etc.
I always find it kind of odd when someone is verified on twitter but only has a few thousand followers. The impression it leaves is almost worse than not being verified at all.
Its just as often people that like to show their bodies as well as software developers, so bad take. Your observation happens, but you're reading way too far into it.
>people that like to show their bodies as well as software developers
I really dont understand what you mean.
>Your observation happens, but you're reading way too far into it.
I also dont understand this lol. So you admit this happens but just don't think I should care that much? Well I do care about the rich parlaying their wealth into political power by buying up newspapers and social media companies ala Jeff Bezos and Jared Kushner and the Qutaris and I would hope you do too.
I don't use twitter, but it always seemed to me that a blue check mark was an "upvote" from twitter, rather than authentication. Isn't this how it works? I don't think I'm able to get one if I asked for it.
Only because there are more notable, or influential people as some would put it. These are always going to be the priority and they happen to be individuals or organizations that tend towards the mainstream.
Giving General Motors a blue check mark is a no brainer because they are likely to be spending ad dollars. Giving celebrities of almost all levels, including short-lived ones, a blue check mark is also helpful because it has an impact on impersonation which is an attack vector on social networks.
The problem is that there are likely others in this celebrity bucket who are attack vectors, but bring reputational problems. Some pornstar might fall into this category. Twitter are much less likely to want to give them a blue check mark than a less well known comic. Someone can impersonate and attack a larger segment and Twitter's security team would probably advocate for reducing the risk, but the corporate arm of the organization won't go for this.
There isn't really anything nefarious here. It's just a case of the demand being so high and Twitter working out what they want to endorse. If they can get past some of the awkwardness of improving the posture around celebs like pornstars then I'd expect they'd extend the blue check mark to others who struggle. There are a lot of parties left out in the cold here. Things like this tend to be slow to evolve in corporate America.
reminder: Twitter censors their search, and won't let you download the tweets you've liked/saved, or your follower/following lists, in your data export.
I personally won't use sites that decide for me what I'm allowed to read (that they have already permitted to be posted). After a dozen years and tens of thousands of followers on the platform, I deleted my account.
You also can't really use a new account without getting locked out unless you add a phone number, and they have been incapable of keeping user data private or secure so far in the past.
Yes, they just contain numeric userids and tweet ids; not usernames or tweet data. The information is opaque and useless, you can't even construct URLs from them.
like.js contains full tweet text and working URLs. It's true that usernames aren't given. It's not true that Twitter "won't let you" download these lists at all.
This doesn't really change anything, as far as I can see.
The entire premise is wrong. Being verified on Twitter SHOULD NOT BE AN OPTION AT ALL because of the perverse incentives it creates, and the way it warps and destroys the whole platform.
The blue checkmark program started out as simply a way to prove you were the real you, if you were claiming to be someone important. But because of that element of "importance," it's become a mark of royalty. Blue checkmarks are the lords and masters of Twitter, largely exempt from its many abuses, because they're Very Important People. All the rest of the peasants on Twitter have to content themselves with the privilege of trodding the same digital ground as such majesty. One law for them, another for us.
Escaping from this kind of diseased thinking was a large part of the appeal of the early Internet, but now those who enjoy such perverse games are hell-bent on forcing them on everyone else. Every blue checkmark is another "Then let them eat cake!" hurled from the high parapets, a boot stomping on the face of the ordinary internet user forever. The only "good" social network site (and really the only good forum in general) is one where real names are banned. But of course that would hurt monetization, and interfere with constant surveillance by corporations and government. So we get this crap instead. The blue checkmark is incredible, because it manages to sum up, in one tiny, instantly recognizable icon, everything that is wrong with the "new" Internet.
> The only "good" social network site (and really the only good forum in general) is one where real names are banned.
Not just this but any identity markers like gender or age. This is the only way to get people to face uncomfortable ideas, when they can’t dismiss it because “oh it’s a man/woman, of course they would say that”.
What really is "verification" in that case? "The user is legally entitled to use this string of letters to designate themselves"?
The notability mark is useful: it means you're following basketball star Michael Jordan, which is probably what you meant. If you actually wanted to follow your brother-in-law Michael Jordan or a law professor Michael Jordan, there's really no simple binary mark that will help you separate them from each other. You'll have to do your research.
You can do also research on The Real Elon Musk Who Has Billions Of Dollars And Isn't Giving Any Of Them To You, and I honestly don't know if there's any way to help people who can't figure that out. But I could see Twitter at least wanting to try to help save people from themselves, because the bell curve has two tails.
Other than that... I'm not sure what any kind of verification really does. Maybe a dating app can help save you from wasting your time, because the whole point is that you're meeting strangers, some of whom will be bad people who get booted repeatedly. That's a completely different use case.
Look at a celebrity’s post, and the top comments are other famous peoples (social media handlers) blue check comments at the top with exponentially more likes than any authentic fans comment
This is gaslighting. That's not how blue checkmarks work in practice. They are a completely synthetic credibility token that is distributed by Twitter based on whose opinions it wants to boost. That is it.
If verified accounts were about authenticity, two things would be true:
1. Anyone would be able to verify their account after completing certain steps. There would probably be a fee, but no "high public interest" requirement (because it's an obviously gameable and subjective criteria).
2. Verification would never be revoked.