Can Twitter Make It?

Sometimes, especially after this week’s Twitter DNS debacle—Internal Twitter Credentials Used in DNS Hack, Redirect-Twitter Email Security Blamed for Latest Hack—, I wonder if Twitter really has what it takes to make it in the long haul. It certainly took them long enough to get basic scaling working. At least now a simple Apple announcement or single conference won’t completely take Twitter down. If this is the second hack that Twitter has suffered because of, I’m guessing here, poor email and password management then do they have the management chops to succeed?

Reading GigaOM this morning on startups, and thinking about something to limber up the writing muscles, the number #3 startup killer struck me as something that maybe Twitter hasn’t been very good at:

3. Failure to Weed or Seed Soon Enough

We’ve written about how to hire, fire and mentor and why to remove underperformers quickly for superior teams. Our message is simply that you can never eliminate underperformers soon enough and that you should always be looking for superior talent. Superior people make excellent technology and develop appropriate processes.

[From Top 10 Internet Startup Scalability Killers – GigaOM]

Has Twitter been holding on to people and practices too long? Have managers been reluctant to be hard asses? Sometimes when you have been given responsibility for something, you need to step up to the plate. Case in point.

To write Using WordPress I’ve reduced the time I spend with M2O but I still have responsibilities over the servers and such. Earlier this week I emailed everyone that we had to be serious about passwords. I had been thinking about Twitter and written a lot about making good passwords for Future Shop and the book and realized that I knew that at least a few of the passwords people used were bad. Like epically bad.

Yesterday afternoon, thinking about it again, I realized that most people take password security about as seriously as drier lint so I did something that probably earned me a lot of curses: I forced everyone to reset their Gmail passwords on their next login.

Yep, probably damn freakin’ annoying. I didn’t stop with active team members either, all active email accounts that had been set up for people (believe me there is going to be some house cleaning again in that department come Tuesday). Are people pissed at me? Maybe. Frankly I don’t care. I realized that if I wanted to avoid a Twitter-like debacle, I needed to put a stake in the ground and say that this is serious business.

I don’t know if Twitter feels the same way about their system or service. I wonder if Ev, Biz, and Jack still think of Twitter as a lark. Millions of people don’t think Twitter is a lark. Millions of us rely on and use Twitter as a key informational tool. I think we need to remind the folks at Twitter that it isn’t a lark. That having lax password security isn’t a good thing. Again the call to decentralize Twitter should be ringing in our ears. We need redundancy. We need a server that people can install themselves. Maybe Twitter should bite the bullet and make a deal with Google to allow Google Apps for Domains to host replicant Twitter servers and build an actual architecture like we have for email.

I think until Twitter steps up to the plate, gets serious, and is no longer a single-point-of-failure service we have to question whether Twitter can really make it.

Comments

  1. says

    Great points Tris. As someone who often tries to demonstrate Twitter’s uses to other I am often put off by the fact that it doesn’t always work for demonstration purposes. I hope that Twitter gets through this.

    • says

      I hope so as well. Personally I think one of the best ways for Twitter to grow is to let go and make an architecture that allows for a distributed network. When Twitter doesn’t work like we hope/expect it’s hard to convince skeptics of its utility.

  2. says

    Great points Tris. As someone who often tries to demonstrate Twitter’s uses to other I am often put off by the fact that it doesn’t always work for demonstration purposes. I hope that Twitter gets through this.

    • says

      I hope so as well. Personally I think one of the best ways for Twitter to grow is to let go and make an architecture that allows for a distributed network. When Twitter doesn’t work like we hope/expect it’s hard to convince skeptics of its utility.

  3. says

    By your logic, since you only took your security step *after* Twitter’s failure, I wonder whether you regard what you do as a lark.

    It’s easy to armchair-quarterback. I doubt that you’ve ever run a *really* heavily trafficked system, yet you feel comfortable pontificating on scaling up. Twitter’s management has had to deal with extreme growth, and so far they’ve pulled it off.

    If you’re dissatisfied with a product or service, don’t use it; build your own. But no, you feel entitled to “need” things from them.

    Rohan Jayasekera, Toronto (Co-founder, Sympatico)

    • says

      Rohan, those are good points. You’re right it is easy to arm chair quarterback. For a security standpoint, you are correct I didn’t enforce better passwords earlier as I should have. I joked, I teased, and scolded all of my colleagues about their sucktastic passwords, but didn’t force action on them until now. Myself, I’ve been taking more and more stringent measures to lessen the chance that I would be the weak link in the chain.

      As for Twitter, I didn’t say I was dissatisfied, but what I’m suggesting is whether they are guilting of not culling out dead wood from the ranks or correcting bad habits like they should. Yes, they’ve gotten away with it until now, but I think two incidents that can be traced to email hacks should be a wake up call for them.

      Of course it is easy to complain, and no I’m not in a position to build my own. I am, however, in a position to support a distributed network of Twitter-compatible servers. If Twitter partnered with Google so that I could have a whitelabeled mirror of Twitter I’d switch to it if it would help the ecosystem grow.

      I think Twitter has significantly changed the game. They have, I think, invented the first new Internet communications tool since IM. Like IM, we need to have things like Jabber servers that can distribute the load.

      And, truth be told, I wrote the post to encourage discussion and maybe a little ire.

      If nothing else, I hope that I’ve made people think about it. And maybe change their passwords. ;-)

  4. says

    Rohan, those are good points. You’re right it is easy to arm chair quarterback. For a security standpoint, you are correct I didn’t enforce better passwords earlier as I should have. I joked, I teased, and scolded all of my colleagues about their sucktastic passwords, but didn’t force action on them until now. Myself, I’ve been taking more and more stringent measures to lessen the chance that I would be the weak link in the chain.

    As for Twitter, I didn’t say I was dissatisfied, but what I’m suggesting is whether they are guilting of not culling out dead wood from the ranks or correcting bad habits like they should. Yes, they’ve gotten away with it until now, but I think two incidents that can be traced to email hacks should be a wake up call for them.

    Of course it is easy to complain, and no I’m not in a position to build my own. I am, however, in a position to support a distributed network of Twitter-compatible servers. If Twitter partnered with Google so that I could have a whitelabeled mirror of Twitter I’d switch to it if it would help the ecosystem grow.

    I think Twitter has significantly changed the game. They have, I think, invented the first new Internet communications tool since IM. Like IM, we need to have things like Jabber servers that can distribute the load.

    And, truth be told, I wrote the post to encourage discussion and maybe a little ire.

    If nothing else, I hope that I’ve made people think about it. And maybe change their passwords. ;-)

  5. says

    Yes, exactly. Which is why I’m fine with taking heat for forcing password changes. In the era of shared documents (especially Google Docs) all it takes is one weak gmail password to cause a calamity.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>