April 10, 2024 at 06:42AM
X’s recent bug resulted in Twitter.com links being auto-changed to X.com, posing security risks and potential abuse. The feature had inadvertently masked malicious links as legitimate ones. X has since reversed the issue, but the incident highlighted a significant oversight. Notably, X has not publicly addressed the matter, raising concerns.
Based on the meeting notes, here are the key takeaways:
– X has apparently fixed an embarrassing issue related to URL handling on the social media platform formerly known as Twitter.
– An initial bug in X’s iOS app led to auto-changing Twitter.com links in Xeets to X.com links, despite the active use of the Twitter.com domain.
– This buggy implementation resulted in security vulnerabilities, enabling users to potentially publicize malicious web pages disguised as legitimate domains.
– There was a potential for abuse, particularly with well-known brands, and the issue went unchecked for at least nine hours before being addressed.
– Tests on Wednesday indicated that the issue has been reversed, and the Twitter-to-X policy no longer applies for the domain when written in all-caps, suggesting that the problem has been properly fixed.
These takeaways highlight the serious nature of the issue and the importance of thorough testing and oversight in implementing new features.