Follow us:

Social media is very defective

25 October 2014 4:27
By Yaron Kottler

The current editor of PT is on record as saying social media is puerile. He may be wrong, because it is big business. But the way it is being managed and operated technically is definitely puerile.

When Facebook went down for 2.5 hours in June 2014, many instances were recorded where users immediately rushed over to Twitter. Chris Brogan, a social media marketing expert and New York Times bestselling author, left LinkedIn because of its issues and stated that he would be solely focusing his social media efforts on Google+. There are a multitude of horror stories about the bugs that reside in social media, making one wonder about the software testing that is invested in the platforms.

In January 2014, Karnesh Mehrah discovered that you can look like a “Twitter Celebrity” by having as many followers as you want (http://gizmodo.com/a-stupid-simple-twitter-bug-lets-you-create-followers-j-1509342431: all links retrieved 25th October 2014 2210hrs UTC). This bug was exploited by logging into a second Twitter account, accessing the link twitter.com/[targethandle] (where targethandle represents your main twitter account) and then pound on the follow button until your finger gets tired. Voila, you can have more followers than the founders of Twitter themselves.

Many Twitter users of 2012 experienced hurt feelings when supposed Twitter friends stopped following them (http://forbes.com/sites/shelisrael/2012/03/29/twitters-2-follow-bugs). However, it only turned out to be a bug where Twitter was inexplicably “unfollowing” random people. In a society where companies use Twitter to perform business through tweets and direct messaging, it is more than likely that greater catastrophes than just hurt feelings occurred because of this bug.

In 2010, a Turkish citizen discovered that you can force anyone to follow you on twitter (http://gizmodo.com/5535536/the-real-story-behind-twitters-ridiculous-follow-bug). By tweeting “accept username”, like “accept QualiTest”, QualiTest would automatically follow you. It was never explained by Twitter why this bug existed. Twitter contains many documented text commands, such as typing “STATS” to view your Twitter activity, and “FOLLOW USERNAME” to follow another person; however, these commands are benign and contained to your own account, while the ““ACCEPT” command affected someone else’s.

In September of 2013, an Indian engineer (http://gadgets.ndtv.com/internet/news/indian-engineer-gets-12500-bounty-for-finding-a-facebook-bug-that-let-anyone-delete-pictures-413761) received $12,500 for reporting a bug that allowed a user to delete any image on Facebook that was posted by anyone, without the original poster’s knowledge and approval. When using the mobile version of Facebook’s Support Dashboard, which allows users to flag and report a picture for removal, a user could manually modify the Photo_id and the photo owner’s Profile_id parameters, changing the photo removal link can be sent to one’s own Facebook ID and deleting the photo without the original uploader’s knowledge.

Mark Zuckerberg received a rude awakening (http://abcnews.go.com/Technology/mark-zuckerbergs-facebook-timeline-hacked-researcher-report-bug/story?id=20000282) in 2013 when a user discovered a bug where website URLs could be hacked to grab anyone’s Facebook ID and posting on a non-friend’s Facebook Timeline. Palestinian security researcher and hacker Khalil Shreateh wrote on Zuckerberg’s Timeline, “First sorry for breaking your privacy and post to your wall. I has no other choice to make after all the reports I sent to Facebook team." Although Shreateh had reported the error to Facebook previously, the Facebook White Hat security team refused to acknowledge the bug. Well played, Shreateh.

From 2007 to 2012, an ongoing issue (http://huffingtonpost.com/2012/09/24/facebook-bug-private-messages-timeline_n_1909813.html) was reported from many Facebook users that publicly displayed non-public direct messages on some user’s Timelines. Metro France reported, “"There may be messages from Inbox or chat conversations on internal Facebook. These messages are found mixed with comments from friends on the wall".

In June 2014, it was reported by The Register (http://theregister.co.uk/2014/06/20/antipodean_linkedin_accounts_open_to_mitm_hijacking) that LinkedIn accounts located outside of the US and Europe could be hijacked. Due to a failure to promptly fix a SSL stripping vulnerability, attackers could jump between the user and the service and replace the secure protocol with HTTP, allowing access to User IDs, passwords and all LinkedIn data. It was only after receiving six separate warnings throughout the course of a year that LinkedIn began to address the issue.

Marketing Land reported (http://marketingland.com/linkedin-company-page-bugs-fixes-coming-soon-39046) a bug in 2013 where not only links that were posted to the company page directed the user to error pages, but also “impressions” of company pages in LinkedIn members’ streams were unexplainably decreasing. While Marketing Land was able to create a workaround by adding the link in the headline, they noted that “It’s discouraging to not have your company profile page work properly.”

Chris Brogan, an extremely successful social media marketing expert, called it quits for his LinkedIn profile (http://integratedalliances.com/linkedin/linkedin-bugs-cause-chris-brogran-to-leave) in 2012 when he was experiencing issues with successfully adding people who requested a connection, along with a litany of other problems. When a social media guru decides to not use your social media outlet, it may be a sign that much, much more testing needs to be performed before you are releasing updates to your site.

The managers of the top social media apps obviously don’t test them, either because they are developers themselves, or they are controlled by developers. Understanding and using testing would improve their business performance, but they don’t get that. Their ignorance is holding their businesses back and there is a good chance it will destroy them.

Yaron Kottler is CEO of QualiTest USA


Related stories
The year ahead
TestEXPO – testing times ahead
It’s time to dream at TestExpo 2015
PT on hiatus
Test of the century


Copyright © 2004-2016
Professional Tester Inc
All rights reserved.
Legal Information