Twitter knows everything you’ve been saying on the platform. Everything…even DMs (Direct Messsages) you think have been deleted forever.
It’s been said that once something’s on the internet, there’s no way to remove it. We guess this seems to apply to deleted Twitter DMs too. It seems like the platform retains all the DMs you’ve thought were long gone and forgotten.
Shocking, isn’t it? All those drunken messages you’ve sent, all those weird messages you’d rather forget sending your exes…you thought deleting them erased them from existence? Twitter laughs at your naivete.
The guys over at TechCrunch have found out that there are actually ways to exploit Twitter’s API to retrieve deleted Direct Messages, even when both the sender and recipient have deleted the message. Yep, you read that right.
On top of that, it seems that they’re also able to access DMs from suspended or deactivated accounts.
The flaw, first discovered by security researcher Karan Saini, seems to have gone unfixed for quite a while now.
TechCrunch have been fiddling around with the exploit and they’ve discovered they were able to recover messages sent years ago, long thought to have been deleted and banished into the ether. That’s an incredibly long time to keep deleted messages.
Put aside the absurdity of this for a moment and think of the privacy implications. With nothing you delete ever really gone, anybody with the right tools and access can potentially gather incriminating details and use them for their own nefarious purposes.
So the next time you want to send a DM to somebody, think long and hard on the content and whether you REALLY want to send it. Deleting it might not be as easy as you think, especially when you think it’s already been deleted in the first place.