Friday, September 9, 2016

New Twitter stalker-assist feature is enabled by default


I noticed a new feature on my Twitter mobile app this morning - one that I'm not exactly keen on. I'm even less keen on it being added and enabled by default. By default, Twitter now has a "Send/Receive read receipts" feature that lets the sender know when you have read a DM. I'm not exactly sure when it was added, but I know it was not there a couple of days ago.
Useful? Maybe, depending on your preferences. As fellow traveler Trey Ford pointed out to me, many if not most chat apps already have this feature. iMessage, Facebook Messenger, Whats App - they all let you know when your message has been seen by the recipient.
Twitter has a different use model though - and more to the point, has another feature that in conjunction with this can make things a bit awkward. With "Receive Direct Messages from anyone" enabled, any person on Twitter can send private messages to you. Combined with this new "Send/Receive read receipts" feature, strangers can send you messages - and know when you read them.
It's sort of a stalker's dream.
I won't scream and shout to disable the setting - that's truly a personal preferences choice. But at the very least you should be aware that Twitter has added this feature, and that by default it is turned on.

If you wish to disable it, here are instructions. I presume the Android settings are similar, but I don't have a screen capture handy. Also, hat tip to Bryan Brake for pointing out that you must do this for EVERY Twitter account you manage.

iOS app: Select the "Me" icon, then the Settings gear, then Settings. Under Privacy and safety, look for the Send/Receive read receipts selector.




Twitter.com website: Select the profile and settings icon, then Settings. Select the Security and Privacy menu, then look for the Send/Receive read receipts check box.




Do you have something to add? A question you'd like answered? Think I'm out of my mind? Join the conversation below, reach out by email at david (at) securityforrealpeople.com, or hit me up on Twitter at @dnlongen