Update: apparently theyre banning anyone who posts those leaks
Another update: Theres a disclaimer of “manipulated media” on posts about it now
because these kinds of twitter shots are easy to fake, and even if real don’t prove much, i just wanted to add a little extra from a quick internet search
so at least it’s not just a bunch of faked screenshots from some user. So i read a little from the Cyber Daily link, here’s an excerpt:
———————————————
According to another post on X, VX Underground was sent a direct message from a “throwaway” account that shared the Okta link and its screenshot with the group. The group then decided to pass the information on to “other people who are better fitted to do investigative research and journalism”.
However, someone leaked the images before the investigation could conclude, with people now sharing the news of the leak and its list of alleged “protected users” on X and beyond.
What VX Underground did say was that the URL included in the leak could not be connected to, and instead, it returned 403 or 404 errors. Cyber Daily has tested the URL – http://protected-users.twitter.okay.com/1721835914 – and confirmed that it indeed 404s.
“We have no way to accurately assess if the information is accurate,” VX Underground said in a post dated 7:35am on 25 July.
While some believe the leak to be true, other commentators are not so sure. For one thing, there are several typos in the screenshot of the user list, and some have pointed out that the configuration of the alleged list makes no sense.
“Okta doesn’t do multilevel subdomains. Okta API’s don’t operate like this at all. The URL is all wrong,” said X user @scriptjunkie1.
“Data access always requires auth. They use other data formats. Anyone who’s worked with Okta config knows this is a very lazy fake, and it’s irresponsible to share.”
Several users of the Hacker News site were also leary of the list’s authenticity.
“Why would they use Okta to pass such a list of ‘protected users’ to the clients?” one user asked.
“This is obviously fake. As tech-savvy users, you should easily be able to verify this,” said another.
“The subdomain cannot resolve as it does not have a valid cert, and okta does not have an API to do this.”
Cyber Daily has not reached out to X for comment, as Elon Musk admitted in March of last year that all comments directed at the company by the media are ignored.
A journalist with better contacts, Leonard Bernardone, is saying that X has said “the images being circulated are fake”.
For now, however, X’s heavy-handed banning of the account sharing the original leak is leaving some to believe it must be, in some way, true. That said, there’s currently no way to confirm the leak is real, and it should probably be taken with a grain or two of salt, no matter how believable it may be.
———————————————-
i was unable to quickly ascertain who owns Cyber Daily or what biases they have, but i do like a “lets wait for real proof” point of view.
My main take away is that if this does turn out to be true? exactly zero of us will be surprised, which is a solid indication of the public perception of twitter (none of us are ever going to call it x, right?) and that in and of itself shows where twitter is as a platform.
I am not convinced this one is real tho. It very well could be, but i’d like more solid evidence
