Twitter continues to work through username squatting issues by reassigning trademarked and even non-trademarked user names to their more appropriate owners. It’s a manual process that sometimes takes weeks, but with Twitter’s growing importance more and more brands are trying to lock up their usernames. Now, though, Twitter has a new headache, and poor organization and planning around Twitter’s third party developer platform is to blame.
When Tweets are published there is an additional layer of information below the main message that says when the message was posted, and how it was posted. Here’s an example message Michael Arrington just posted from the Seesmic Twitter web app. If you click on “Seesmic” in that Tweet it takes you to Seesmic.com.
But there’s a problem. Twitter’s API allows developers to register any application name, and Twitter messages posted from that third party application will show that name and will link to anything the developer wants. Only names that contain “twitter” or “tweet” are filtered out. Everything else is fair game.
Robert Robb from TweetBorder emailed us about this, and show this test Twitter message that was posted from “Windows.” He also registered the Microsoft name but deleted it to avoid any legal trouble.
We’ve checked, and the TechCrunch name has already been taken by someone.
This isn’t a big issue yet, but we expect to become one shortly. And if you want to avoid the hassle of trying to get your name back from the Twitter API, we recommend you take steps to register your name and application now.
That sounds like something that should be pretty easy to fix.
yep
If anyone wants to name their application “kevin” let me know.
I’m sure they’ll fix this, good problem to have.
People post from Tweetvite constantly, so it doesn’t look like Twitter is filtering out all names containing “tweet”.
I also wonder what Tweetdeck would think if they were getting filtered out for “tweet”.
what difference does it make if noone uses the application to generate tweets…if a squatter wants to register 1k API names, noone is going to see that in their stream unless they follow the spammer in question…and if that API user is spamming their network, then most folks would just unfollow them.
It can be used for misdirection and/or causing developers problems. That’s the point.
It’s not so much a problem of spamming people, as squatting on names which could be put to better use by a legit application.
First off, there’s no API to register API names, so you can’t register them in mass and lock other people out.
And since everything happens as part of the OAuth implementation, the app that registered the name doesn’t pass the name along for every update as a string. It probably passes the consumer key, which the backend uses to look up the app name. This means Twitter can easily re-assign the app name tied to an OAuth consumer key and thus rename the app centrally on the backend without requiring a code change on the application.
It might have just been laziness on the part of the OAuth signup form, but by allowing people to chose their names upfront without validation, you’re not imposing a undue delay in people getting started using their OAuth API credentials. Since Twitter can easily change the name on the backend, they probably thought let’s err on the side of letting as many developers as possible create apps and use their platform.
Registered a couple of the ones related to my web properties and domains, don’t my users to trust an application name by the tweet and then be directed to a malicious link.
Thanks for bringing this to our attention, wasn’t something I would ever have considered.
Interestingly, only the app name field is checked for uniqueness. Anyone can specify any URL, even if it’s already been used by another application.
>> Twitter’s API allows developers to register any application name
Twitter needs to make a change to their API and start locking things down a bit.
Twitter should take itself offline permanently, problem solved.
“Tweet” IS allowed.
I run multiple media sites for fastpitch softball. I have http://www.fastpitch.tv http://www.fastpitch.fm http://www.fastpitch.us I have been trying to get the name softball. It has never been used in the 2 years it has been listed, but I can’t get any help from Twitter on this at all. I know I am not guaranteed the name, but I feel I am a better user than the person who has it now.
this is completely unrelated to that, we’re talking about user-agent names, not twitter names.
I thought it was about both app names, and user names. If I am mistaken I do apologize.
“…nd even non-trademarked user names to their more appropriate owners.”
“Appropriate” according to whom?
I requested @burke from Twitter last year after the original user hadn’t posted anything in nearly two years and per Twitter’s rules, I was granted the name because of the sustained inactivity.
I will be quite pissed off if they arbitrarily give it to a corporate entity just because it claims “brand integrity” or somesuch.
Where are these rules at?
Twitter does not just let anyone register anything, they do actually pay attention to what elements are set up by companies. We of course have registered Gnip.
This is stupid, if you’ve got an app with a unique name and someone else registers the user agent name in the API, send an email to twitter and they’ll delete the squatter.
Twitter actually took my twitter account away twitter.com/krug and gave it to krug.com even though my name is Krug talk about BS politics of whose got the money, all the content umm gone fucking twitter
see thats why twitter is corrupt and pure bullshit
“lol we ar gonna give teh correct name to people we think matter”
what is this, high school?
Are “tweet” domain’s really filtered? TweetDeck seems to work: http://twitter....atus/4015559083 .
Our business name is taken by someone who is not even active and has no business/trademark etc under the name. We also own the .com domain.
I contacted twitter to ask them to remove the account so that we could sign up with it or to assign ownership to us, but they ignored our efforts >_<.
As such, I can only conclude that they are all talk when it comes this name squatting.
You can use the tweet, but you cannot have it as a separate word. For example TweetService would be OK but Tweet Service would be rejected.