I've had my twiter account locked half a dozen times (web client, using Tails) in the last few weeks. It seems to be some new security heuristic where one is still able to login to change the password but the account is locked from generating new public (or DM) events.
It is a super annoying "security feature" to say the least. I think some Twitter security folks are on this list - if so, I'd love to discuss the issue in detail. It seems like the issue is when Tor circuits rotate. So when I've logged in from say, a US Tor exit node, all is fine. After a while, I'll be exiting the Tor network through Germany. It appears that say, over the course of a day, I'll jump through ten countries. At some point, Twitter decides that this is abuse or evidence of hacking or something. It doesn't appear to know that I'm using Tor though. So while actually, I'm just consistantly using Tor, the GeoIP is constantly rotating. I suspect this is what trips the security feature in question. It would be nice if Twitter was a bit more intelligent about Tor usage. I wrote the BulkExitList feature on check.torproject.org for Wikipedia. They ironically use it to block edits from Tor. Twitter could use that export of data or a similar one to have a list of all current (updated per hour with the network consensus) exit nodes and then do something better than Wikipedia. All the best, Jacob -- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at [email protected].
