[liberationtech] when you are using Tor, Twitter will blocked your acc

[Jacob Appelbaum]

I've had my twiter account locked half a dozen times (web client,
using Tails) in the last few weeks. It seems to be some new security
heuristic where one is still able to login to change the password but
the account is locked from generating new public (or DM) events.

It is a super annoying "security feature" to say the least.

I think some Twitter security folks are on this list - if so, I'd love
to discuss the issue in detail. It seems like the issue is when Tor
circuits rotate. So when I've logged in from say, a US Tor exit node,
all is fine. After a while, I'll be exiting the Tor network through
Germany. It appears that say, over the course of a day, I'll jump
through ten countries. At some point, Twitter decides that this is
abuse or evidence of hacking or something. It doesn't appear to know
that I'm using Tor though. So while actually, I'm just consistantly
using Tor, the GeoIP is constantly rotating. I suspect this is what
trips the security feature in question.

It would be nice if Twitter was a bit more intelligent about Tor
usage. I wrote the BulkExitList feature on check.torproject.org for
Wikipedia. They ironically use it to block edits from Tor. Twitter
could use that export of data or a similar one to have a list of all
current (updated per hour with the network consensus) exit nodes and
then do something better than Wikipedia.

All the best,
Jacob