If you are the kind of person who can’t help but look when you drive by an accident scene, DMFail is for you. The site, which has been all the rage on Twitter for the last few days, shows direct (private) messages that were sent improperly on Twitter and are therefore public.
If you want to send another Twitter user a message that only she or he sees, you type [D + username + message]. But a lot of people accidentally type DM (for Direct Message) instead of D, and when that happens you pay the price of having your message pop into your Twitter stream for everyone to see.
DMFail grabs all those messages and reprints them on its site for everyone to see, which can be quite a horrible experience for the people involved. Thus the accident scene analogy.
It would be fairly trivial for Twitter to change things so that DM also sends a private message, but so far they haven’t. On average, a couple of messages per hour over all of Twitter end up hitting DMFail.
Direct messages on Twitter don’t seem to be all that secure in general. They’re available to third parties through the API, for example, and there has been at least one case where confusion led to making some direct messages public.
Anyhow, from now on I’m just going to start all my Twitter messages with DM. I suggest you do the same.
Update: Twitter will make changes to allow DM to send private messages too.
See all
Post
Does Twitter pay you for PR? Seriously, please answer the question.
I really hate anonymous commenters. Seriously, use your real name.
i hate adam jackson, anon, and frank
Adam Jackson…if that is your real name.
My name has nothing to do with my question. If there is a business relationship between TC and Twitter it needs to be disclosed. The constant Twitter advertorials are getting out of hand.
Hilarious, who comes up with these things?!
Heh, this service was spreading all over the Tworld yesterday and now its on Tech Crunch, i wonder after this people will really type DM instead of D :/
Yeah, you seem to be obsessed with Twitter lately. And Scoble is obsessed with Friend Feed!
Although your previous post about not being able to follow conversations on Twitter is right on. I hate not being able to follow threads on there and it’s just too confusing.
I’m cycling off of Twitter. Part of it is that I just reinstalled Twhirl after abandoning it for being too buggy a while back, so seeing more twitter crap on my desktop.
Twhirl was the way for my Twitter activity until I started using TweetDeck which I have switched to now!
just game it…send a dm link pretending to be super private spamlocator.com should be all over this…
Availability through API’s is a pretty innocuous crime for DM’s to be guilty of. Pretty much any service that offers an API and has a permissions layer is going to make permissioned information available via the API. Facebook, Yahoo, Google, etc. all do.
The point that you shouldn’t send sensitive information over Twitter is, of course, valid regardless.
yeah, but one thing I’m trying to confirm is if it’s just in the firehose stream, regardless of authentication. Can anyone confirm?
oops.
http://twitter.com/TechCrunch/statuses/1083638503
Where did people get off in the first place thinking “DM” was the proper command anyway? Assumption?
…Michael sums it up easily with “It would be fairly trivial for Twitter to change things so that DM also sends a private message, but so far they haven’t.”
Yeah, they could easily have both implementations.
Mike, I haven’t used the firehose stream (assuming you’re talking about the stuff gnip is doing, since dm’s definitely doesn’t show up on FF or search) but they don’t show up in normal unauthenticated API calls. The only way DM’s show up anywhere in the API (I think) is via the “direct_messages” request, which is required to be authenticated by the user whose dm’s you’re requesting.
Thanks Evan. I am going to check with Eric at Gnip about what they get through XMPP.
Only the public stuff, amigo. Twitter, Seesmic, Delicious, etc. are all public only. We’re hoping to expand to authenticated data in the futue, but we’re not there yet.
Oh yeah, Mike, you forgot to mention the “cutesy” little public replies @DMFAIL sends someone when they commit the error!
How do I reply directly to a comment? (Unrelated, just for future commenting joy)
I wanted these DM results sorted by authority, thx.
We have a winner.
The opposite FAIL of broken DMs is when the “D” itself is omitted, and would-be private messages are sent to the world. At one point this summer, Dave Winer accidentally posted his phone # to Twitter instead of sending a DM. I think Scoble also sent his home address the same way at one point.
This fear has me almost exclusively using DMs from within the Twitter Web service. Doing so in TweetDeck, for example, freaks me out.
DMFail is a very amusing service…
Secure notes - http://sn.linkstore.ru
It is one time readable next notes and they could be distributed via Twitter
And yet Techcrunch help DMFail more famous than ever
every day i see a new app built around twitter, and those apps are not simple apps, looks like builders spend a lot of time and energy to make them real.
My question is, when twitter itself cant make any money out of it, why do so many people spend their time and energy on building apps that wont make any money? is that because of economy today? like there is no hope to sell your app anyway so why not build apps that are not profitable but are fun to play with.
Elvirs,
People build these apps because they CAN. Coders are very creative and will build with no revenue model in mind. They build it because they see a need in the marketplace.
Necessity is the mother of invention and fuels many coders. I love the creativity that they show even though many of these exercises will end up in the deadpool, some stars will arise.
Cheers!
wow, amazing the things people come up with. There are so many apps being made about twitter everyday…
The “fake” DM has been a big joke in my twitter circle for a while now. Along with “folloe” and “fab”. I think it’s hilarious that anyone would try and use twitter for sensitive info anyway.
I don’t care so much, I signed up for @twitflinch.
Yeah, that was great for about 8 seconds.
thanks for the post
http://www.youtube.com/watch?v=763vmCrRBDg
In olden days, this DM was “privately” in CU-SeeMe chat. The fun came in people actually typing in (privately) to make others think they were spilling /private/ chat into the public chat room.
Alice: Hey Bob!!
Bob: (privately) Hey Alice… wanna [obligatory typical thing]
Everyone else (privately): Bob! I can see your private chats!!
The hilarity ensued.
I hope to see this room gaming soon in Twitter land in hopes of being lifted from the regex funny pages.
Very funny- some good healthy snark here. You may actually bring some redeeming qualities to Twitter if you keep this up.
Somewhat in the same spirit, you may enjoy this:
http://agitationist.com/1500-m.....r-must-die
Thanks for the heads up. I recently joined twitter, and there are a few things that have confused me about it. It’s good to know how to avoid making this particular mistake. One of the problems is that a lot of twitter users perfer the DM option, and won’t respond to direct messages, so I suppose you just have to be careful about what you say.
Nice Article. Thanks for sharing. Didn’t know about this at all.
Thanks again
My name is Adam Jackson
That is quite serious. Luckily I’m never using this feature.
I bet now that people know about this site, a lot of people are just making up funny comments now to make it on DMFail.
Yup, DMFail fail. But it was good for a laugh.
I got sent martin sargent (from revision3 and the screensavers) cell phone number this way, curtsey of sarah lane and her improper direct message =D
flitri hi! how you doin?
Buried your comment for burying Tech Crunch.
And yet Techcrunch help DMFail more famous than ever