Twitter Inc (NYSE:TWTR) is trying out a new service that would give users more room to add their own thought when retweeting, replacing the ‘Quote Tweet’ feature with a called ‘Retweet with Comment.’ The experimental feature, first noticed by Mashable, won’t necessarily be rolled out to everyone as the company is constantly testing new features with small groups of users to make sure they work and to get some initial feedback.
Retweet with Comment gives you your own 140 chars
The main benefit of Retweet with Comment is that you don’t have to edit the retweet to make room for your comment because you get the full 140 characters to yourself, the retweet is just passed on as an image. Mashable grabbed a picture of Twitter Inc (NYSE:TWTR)’s head of communications Carolyn Penner testing out the new feature. Some people already hate it, as you would expect for any minor change to someone’s daily habits, but it does seem like most people will appreciate the extra room once they get used to the new feature.
Twitter’s new feature could be a response to TweetDeck scripting attack
It would be interesting to know if the recent scripting attack on TweetDeck had something to do with the change. Anytime you have the option to write text into a textbox online, the web service (Google search, Disqus comments, TweetDeck, whatever) is supposed to check for and then remove any executable code that it finds before passing on the text. TweetDeck wasn’t doing that so people figured out that they could write a Tweet that instructed TweetDeck to ‘Quote Tweet’ and then send out the same piece of code, creating a self-replicating tweet.
This is an embarrassing mistake for TweetDeck to make, and it was fixed promptly, but it wasn’t a mistake the Twitter had any real control over. A third-party app screwed up and suddenly Twitter Inc (NYSE:TWTR) was full of these bogus tweets. But if Retweet with Comment is showing an image of the last person’s tweet instead of pulling it up in a text box like the Quote Tweet function does now, the same kind of cross site scripting attack shouldn’t work, even if another third-party app screws up down the line.
The TweetDeck attack couldn’t do any real damage since it was confined to the TweetDeck app’s permissions (so no compromised information or damaged files; some have disputed even calling it a hack), but considering how negative some of the reporting was, Twitter Inc (NYSE:TWTR) might have decided to protect themselves from another round.