Except the plan will never work for mobile users who sign up via the App Store or Google Play Store.
"According to his biographer, Walter Isaacson, Musk’s push to sign-up subscribers was very much intertwined with his quest to build an “everything app,” and Musk grew angry when he learned Apple doesn’t share credit card details of those who sign up with their iPhones." https://www.engadget.com/x-is-starting-to-charge-new-users-1...
Of course every iOS developer already knew this, including members of his own engineering staff, which just goes to show how insulated and out of touch with reality the guy is.
Just finished reading the bio so I can clarify this a bit. Despite what it sounds like out of context the take away was that he did know the App Store rules but he was under the (wrong) impression a company of that scale could speak with Apple and get the data anyway.
TBH this highlights even more how out of touch they are -- too used to living in a bubble where the rich can get what they want and bypass rules that apply to regular folk.
It’s not like there’s no precedent for this. Look at all the rules WeChat was able to ignore due to their size and influence. I assume Elon expected a similar treatment for Twitter.
WeChat is backed by the CCP, aka the government with a military and de facto legal control over Apples factories. If they don't comply with WeChats requests, the CCP can ban Apple from doing business in China, with force if they have to. Hence, Apple complies.
That's where the precedent comes from - WeChat (as well as basically all major Chinese companies) carry state backing to force their way. Musk has afaict no backing from any government, least of all the DoD (who hate his guts for the shit he's pulled with Starlink in Ukraine).
WeChat is way more important to everyday life in China than the iPhone is. I'm writing to you from Shenzen right now.
You don't need an iPhone to survive in China. You absolutely need WeChat to survive.
For example, you literally can't order food when dining inside a large number of restaurants without WeChat. The menu is in WeChat.
So whatever WeChat (Tencent) wants, Apple has to consider it. Otherwise, Chinese phone makers can and will provide more convenience.
However, I don't think it's even legal for Apple to hand over credit card info to third parties. Not that Apple would anyway, because it would completely destroy customer trust in Apple.
It would actually be completely fair to say that X now costs $1 per month to use. You'd have to drop the ads as well, which given their fall out with larger advertisers again would make sense. In some weird sense it would fit with my overall view of Musk, if the advertisers don't like what he's doing, he'll block their access to his platform.
Journalists, consultants and influencers could just expense the cost and get a tax deduction or have their employer pay. Given the value most people claim to get from X/Twitter I don't see why $12 - $20 isn't a reasonable cost.
I'm also not sure if a dollar per month would be enough to keep bots at bay, it's also a little unreasonable to simply outsource your vetting of users to the credit card companies and banks in this manor and I doubt that neither VISA nor MasterCard finds the idea amusing.
I'm amazed that the 'rebranding' was started, seemingly with no plan, then just aborted, with x.com still just being a redirect to twitter.com, and everything still in 'Twitter blue'.
Nobody's going to call it X, and 'ex dot com' isn't a great name. He should probably just accept that mistakes were made and revert it.
It’s not the $1, it’s the identity linked to the charge. So now they can be blocked as well as traced back to the funding account.
I once was in a charity sponsored therapy group and they had a $10 fee. I was annoyed as this was a pretty wealthy organization and the fee seemed discriminatory, or at least a hassle. I learned that it was just there to validate each participant.
So I think this is just a filter to help reduce bot spam.
If X or Twitter or whatever accept payments via Apple Pay or Google Pay then there is absolutely no way to track anything. It's those services simply dont provide any information back to ex-Twitter.
Also there is number of services like privacy.com that allow to hide real card details. And even if person is using real card then payment process have absolutely no way of knowing anything except those few last numbers of the card.
Bypassing credit card checks for botting as easy as any other protections.
When performing this kind of verification, you can easily (and usually do) block cards from services like privacy.com by looking at BIN codes. I also don’t think spammers can get large numbers of unique DPANs from Apple and Google Pay since that involves a cryptographic exchange between your device and Apple/Google with involvement from your issuing bank.
Also most payment processors provide some sort of key that lets you identify if two users entered the same credit card number, for example Stripe[1]. So you’re not limited to last four digits for checking if two cards are the same.
Yes you can block everything, but with every specific service blocked you limit your ability to accept new users. There also legitimate banks that let you have 5-10 virtual cards or generate unique card each time you pay.
Spammers do have large number of unique phones in their farms as well as budget to have undetectible rooting and hardware ID faking. And Google Pay / Apple Pay as well as majority of banks actually do nothing to prevent you from adding your cards to 10 different phones.
Of course it's all makes lives harder for everyone who want to get a new account, but nothing including literal ID / passport and face verification make is impossible to bypass.
> payment process have absolutely no way of knowing anything except those few last numbers of the card
This is just plain wrong.
1. Payment processors know everything because they process the payment
2. Application developers don't know anything besides the last 4 is closer to reality because they're probably not PCI compliant to access the remaining information. BUT some processors such as Adyen will try to provide a unique identifier for each card (that has no further information except linking multiple purchases across vendors and channels).
Now with this unique identifier X still wouldn't know WHO you are but they could provide that information to advertisers that might know or at least use it to track you online and in person
> 1. Payment processors know everything because they process the payment
They know all the information you given, but in practice they can't even verify "name on the card" that you entered in most of countries. In some countries they can check your billing address ZIP code, but that's all about it.
And there absolutely no way for them to find out if you are unique user with one card or you just have 10 cards for the same credit account or created 10 supplimentary cards for all your family and the dog.
Apple and Google and Stripe do not allow the same card on multiple accounts.
Also, having a fraudulent Apple Pay account is pretty rare and requires an entire apple account. That can be shut down if shenanigans.
My original point is that having a credit card greatly reduces the anonymity of accounts and allows for greater ability to trace back to the user. Both for uniqueness (ie, does prepend front 500 twitter accounts?) and for legal reasons (eg, prepend just did a crime, let’s find out who prepend is).
This doesn’t mean people can’t get around it. It means most people can get around it.
I think for the therapy group there’s also an aspect of wanting people to have some skin in the game. If you give something away for free, plenty of people will take it. But as soon as you put a mild obstacle in the way, even if it’s a small payment, you’ll weed out the people who don’t really want to be there.
> It’s not the $1, it’s the identity linked to the charge. So now they can be blocked as well as traced back to the funding account.
Do people on HN actually think this will work? I'm genuinely curious. Knowing everything we know about the underground economy of sockpuppets, bots and carders - combined the (un)willingness of real people (especially in relatively poorer countries) to pop out their credit card during signup for a social media site - do folks really think this will produce a high-quality stream of new signups?
It just will not solve the problem he's trying to solve. It will reduce low-effort and out-of-box tooling, but it'll also increase the value of successful networks, which will encourage better tooling and cover the mule costs.
Stolen credit cards generally cost enough per number that getting one Twitter bot out of each is not going to be economically viable. Not to mention the fact that if the $1 is charged back, Twitter will know about it.
The backlash is funny. USPS does the same thing for mail forwarding to verify identity and legitimacy. It’s not like this is some crazy money-making idea from Elon.
> It’s not like this is some crazy money-making idea from Elon.
It's going to give him real name, street address, and zip/postal code for these users; for a company that makes most of its money off ads, that's absolutely money-making.
I remember having to send a euro for a service (can't remember which, only that I was building my rack at the time, but it might have been for a car pooling service), but it was immediately reimbursed upon reception from the service provider.
People need their mail, because they can't things like social security checks without it. It's not clear that anyone really needs Twitter, except for influencers and bot-shops.
There’s a 0% chance that musk has any private interest in reducing bots. Bots was his excuse to try to get out of an obviously shitty deal that he made. That’s it.
Given the current policy around blue tick (which is full of crypto bot and onlyfan sex workers, without any reaction from Musk whatsoever) I doubt it will have any effect.
Also, World of Warcraft servers are full of bots, despite needing to pay to create and keep an account, so again it doesn't bode well.
And payment processors can also identify these. And most of them you have to purchase with a minimum amount on ($10 or $20 afaik).
Virtual debit cards however are interesting. My bank lets me set up as many of those as I like and I don't even have to use my real name or billing address with them.
And yeah, there's also the stolen credit card / debit card market. I really can't see this adding that much pain for these bot handlers. It might make it a bit easier to identify the patterns at least.
I think this will just end up moving the problem further down the line and end up with twitter accounts being bought / sold.
Can you automate that though? Having to buy an individual card per bot could be a pretty annoying secondary cost for a thing whose lifetime value is likely measured in the single digits of dollars.
You don't buy card numbers individually. You buy lists of them, of varying quantity, quality and price and you just cycle the numbers until you find ones that work.
Costs per card about $5 bucks, and will get cycled into a multi-merchant hit to extract the most value from each card. A $1 Twitter charge, $50 bucks in digital gift cards, a "maybe it will work" hit for hundreds in electronics, or clothes, etc.
If nothing else, Twitter just made itself a GREAT place to test stolen numbers, since a $1 charge isn't likely to raise any flags and get the card shut down.
Bot farm owners are the only ones who dont care about either $1 a year or $5 a month because they are the only ones on platform who know their ROI very well.
They are, credit card thieves will happily spend more than $1 to verify a credit card. Not acting on such transactions if how you get an angry call from VISA.
They charge for "the ability to tweet, retweet, like posts and reply to posts."
It will be very interesting to see how this turns out.
Obviously, there is no value in the ability to publish your thoughts. You can do that for free on an ever growing number of platforms. But Musk seems to bet on a private attention economy. Where even private individuals are willing to pay for attention. Not only businesses.
> Where even private individuals are willing to pay for attention
Twitter Blue is already this. When you get verified your replies and posts are boosted in others feeds. Just one of the reason the quality of the app has bottomed out but yes: I think there is an audience very willing to pay for that.
This is really just a way to get your CC authorised to make transactions. It’s a nothing cost, but it exponentially increases he likelihood of someone buying something through the platform, or upgrading to a new feature set.
I have no evidence to back this up, but I imagine a lot of people are like me and just keep the app on their phone or whatever for when the occasional person sends them something or they read a post on a forum that makes them need to actually browse Twitter.
I imagine a lot of people like me are not even going to remotely consider to pay a dollar to have that ability. It’s not nearly important enough or integral to our daily lives.
This does make me curious though. Could someone pay a dollar to have an account that dozens of people can access until it’s tapped each month or day or whatever the limit is? Basically create the Netflix account sharing problem for Musk. Or mirror the content out forcing a constant whack a mole?
I paradoxically only really started heavily using Twitter when it seemed to decay under Musk (because I wanted be along for the fun ride). But I can hardly imagine that there could have been more bots before than there are now. Almost all my tweets are immediately liked by some catfishing bot and there are crypto spam bots under every slightly popular tweet.
Same here. And good engagement dropped down significantly. When I had 10K followers, I can easily get 200-400-500 likes and they were more or less real because I also get a lot of impressions and replies.
Nowadays with 35K followers I get, say, 20 likes and ~3 of them are bots.
As someone who reported tons of stupidly obvious spam/crypto bots pre takeover I'm genuinely puzzled as to people reporting _increased_ bots as I can spot maybe one every now and then. Maybe it's because I'm a passive user, but to me it's solved.
Interesting. It could be that I never noticed before because I wasn't as active (and have gained a couple followers in the meantime, thus becoming a slightly more attractive target). In any case it's now bad enough to make me reconsider using the platform at all (that and the promoted replies and tweets by blue checkmarks). Related to your remark about reports: my last few spam reports got the reply that the tweets didn't violate the "sensitive content policy", even though I reported them as spam, not sensitive content. So something seems to be broken about the report system now too.
There are definitely more bots in the replies to the people I follow (a dwindling number as they are all switching focus to bluesky, threads and their own email).
And many have the $8 checks so ... $1 a year is going to very little to the bot population.
In another April 14 message, angel investor Jason Calacanis messaged Musk: “You could easily clean up bots and spam and make the service viable for many more users — removing bots and spam is a lot less complicated than what the Tesla self driving team is doing.”
I think that's a good way to reduce bots but I also don't think Musk is an honest person.
What is the ratio of junk emails to junk carrier mail? The reason there is so much electronic spam and scams is because the cost to blast these out at scale is essentially $0.
Carrier mail is also traceable. Payment systems add traceability to something like X.
The people making those charges don't care about the accounts; they're using the $1 charge to test that the stolen card details work before going and buying a $500 gift card somewhere else.
The victim eventually does a chargeback, which are expensive and risk your merchant account.
Lots more discussion yesterday: https://news.ycombinator.com/item?id=37922973