It was the big social media story of the week; on Thursday, Twitter went down due to a Distributed Denial of Service (DDoS) attack. And while Twitter was the most visible target, Facebook, Google, and others were also under fire due to a geopolitical attack against one man.
It’s been three days since the attacks. Everything’s back to normal, right? No, not exactly. While Twitter, YouTube , Livejournal, and others are working again, the attacks are still ongoing. This has resulted in the Twitter API and third party apps being hit hard as the social media company tries to resolve the DDoS crisis.
Over the last few days, we’ve received multiple complaints from 3rd party Twitter developers over issues with their Twitter applications – things like OAuth not working correctly, blocking server requests, etc. Twitter is very aware of the situation and in fact has been posting updates on the Twitter Development Talk Google Group.
Here is some of what Ryan Sarver, the Twitter API Product Manager, said at 10 AM PT this morning:
I wanted to send an update to everyone who is monitoring this thread and
keep you abreast of where we stand.
First of all, the attack is still on going. We continue to work with our
service provider and the other companies who are being attacked to resolve
the issue as best we can. But it is continuing and as Chad stated, we are
thus going to have continued and varied issues with access to the Twitter
Second, we have been monitoring every email and Chad and John have done a
great job responding to the threads where we have new information to add or
where we can clarify. As Chad stated in his last email there are known
issues that we are continuing to work on. We are trying to provide updates
when we have new information, but sadly there isn’t a lot new to report.
Please know that we can’t respond to each and every thread as our teams
time, in your best interest, should be put towards getting you all back
online as soon as possible. Please help each other answer questions if
someone already knows the answer. I will continue to give ongoing updates
every 5-6 hours throughout the day even if nothing has changed so that you
know we are still focused on it.
To be clear we have a large group of people working on this throughout the
weekend and our developer ecosystem is incredibly important to us. Please
believe us that this hurts us as much as it hurts you and we want to get you
back online as soon as possible. We are endlessly appreciative for the hard
work that each of you put into your applications and supporting Twitter
users and we want those services to be online and back to normal.
With that being said, this attack is continuing, almost 3 days later, and we
need to continue to do all that we can to defend it. Have faith that we have
the best people on it both at Twitter and at our partner’s companies.
He also mentions some of the common issues Twitter apps are experiencing, which include OAuth not working properly, request timeouts, and rate limiting and blacklisting issues. However, as of noon PT, it seems that many of these issues are resolved. Twitter apps are slowly coming back to normal.
Developer outrage has centered around a lack of updates from the Twitter team on the status of the API. Lots of developers depend on the API for their businesses, so their passion is understandable.
But let’s put this all into perspective. Twitter was part an unprecedented social media meltdown. The attack even managed to knock Facebook offline – a feat that’s impressive considering they have 250 million users, over a thousand employees, and many more servers. Twitter has far fewer users, less servers, and well shy of 100 employees at last count. The fact that they were able to restore things in a few hours is a big deal.
The attack is still ongoing. Twitter needs to defend itself. One of those ways was to cut down on the API so that the platform could limit requests to the servers and focus on the attack. And while extra communication might have quelled some of the outrage, I’d rather have them working on the API than writing long posts on the status of their work.
Twitter apps are slowly coming back to normal. Twitter is not broken. Let’s let the Twitter team work to thwart this attack instead of attacking the service that made all of these apps possible in the first place.