Better yet: don't install the Twitter app, and instead use m.twitter.com, which works perfectly and stays entirely within the browser's sandbox as it should.
You can have a separate icon for that as though it were an app, and if you really want to, you can enable push notifications just as you could with an app.
I'm often getting some form of "you're rate limited", "not allowed to perform this action" etc. until I hard-reload the full page.
Given that others have reported it, and it's been there for a long time, I suspect Twitter at the very least intentionally doesn't put too much resources behind the web site to force people to use the app.
Of course, if a service really wants to push an app onto me, it's clear that the app gives them some real benefits, and its usually the kind that aren't a benefit for me (more tracking, better ways to push ads, more "engagement" notifications, ...). So the harder something wants to push an app, the clearer it is that I never, ever want their app to touch my device.
> I'm often getting some form of "you're rate limited", "not allowed to perform this action" etc. until I hard-reload the full page.
I thought I was the only person dealing with this.. It happens for pretty much every tweet that I open in a browser. After a refresh, everything loads fine, but it's quite annoying.
I get that for most tweets I open (not logged in - I don't have an account) in my mobile browser. I get a much better success rate if I open it in private browsing mode.
I get this every single time a tweet opens in the iOS web view. I have got their app but either they or Apple or someone screwed something up and tweets never open in it.
I think it's intentional. It doesn't happen when I am on desktop using the same site with virtually no change. Are you also using Firefox by any chance?
My experience is that the web app does not work perfectly. In fact I get an endless spinner >50% of the time and lord help me if I try to open a comment thread.
No kidding! I rarely look at Twitter, but if I do, in 50% of cases I have to refresh the page to get any content to show. I thought I was the only one.
Agreed. I rarely use Twitter anymore, but when I do, I use the mobile site, and it's awful in my experience. My phone is about 1.5 years old, but I don't think a website should struggle to load on a somewhat old phone.
And if you still insist on having an app, you should be using a third party one anyway. The official one is simply not a good experience in my opinion.
Although now that I think of it, maybe that's not such a good idea if you're using Android, given the lack of moderation on Google Play. I don't know what the third party Twitter app ecosystem is like on there, but I'd be cautious and meticulously vet the developer of any app you're considering trying.
The security patch from Google is from October 2018 it looks like.
So Twitter is to blame for not coding a mitigation for vulnerable devices? Or is it the phone manufacturer's fault for not releasing security patches for their phones?
Strangely, I got a notification for this on twitter.com on Win 10 Chrome and it said "you are no longer using a vulnerable version of Anrdoid on this device".[1] I do use Twitter for Android on my phone, so maybe they sent the notifications to anyone using it but they forgot it could be displayed in the web interface too.
I find the "Our understanding" language strange. Presumably this number comes from some kind of metrics, but it seems like a bit of CYA language?
Still, appreciate the heads up for something they AFAIK didn't have any obligation to give a notification for.
They're awfully vague about exactly what the vulnerability was and what could exploit it. I thought the sandboxing between apps would be quite solid and well-tested. Did that break somehow, or did the Twitter app have some kind of insecure API for other apps to interface with the local Twitter app?
There needs to be a law that states that once a company stops supporting s device they must release the keys to allow users to modify their devices themselves.
You can have a separate icon for that as though it were an app, and if you really want to, you can enable push notifications just as you could with an app.