Analyzing Tweets for your digital “fingerprint”

Twitter has changed the way the world communicates, from protestors organizing rallies to our president threatening NFL players to teenagers following the drama of their high school, its easy to get information when its less than 140 characters.

As a cybersecurity engineer, Twitter is one of my best tools to stay up to date regarding new vulnerabilities, attacks happening worldwide, and sharing information about exploits that are being published. By using Twitter, you are willingly giving the platform a large amount of data that could potentially be used to identify you, all with basic user privilege to the platform.

How? Metadata. Every 140 character tweet you send contains more than 20 times that in additional information like timezone, language preferences, detected language in tweet, sources (iPhone/Android, mobile app/website, etc), a rough geolocation, historical activity, account protection status, and a whole bunch of other information. All of this metadata is available to anyone using the Twitter API. Taking apart a single tweet may not be very revealing, but skimming through thousands of tweets will reveal some patterns, and thats where the danger begins.

Another cybersecurity analyst who goes by his twitter handle @x0rz created a python script that allows a user to batch process thousands of tweets to identify those patterns, which I’ll use on my own account and a few other high profile accounts.

In my last 1,000 tweets, 273 had some form of Geolocation enabled, most of which were from Frisco and Dallas.

self_locations

In my last 10,000 tweets, you can establish a rudimentary sleeping pattern. One can assume that I generally wake up around 7AM and sleep around midnight/1AM. self_sleep

We can do the same thing with the President’s personal twitter account. The @realdonaldtrump account. In his last 500 tweets, he’s interacted most with Fox and Friends, and generally sleeps between midnight and 5AM.

trump_sleeptrumo_interactions

Former president Barack Obama’s twitter account is far less active. @BarackObama averages 1 tweet per day, with zero geolocation metadata available. Screen Shot 2017-09-27 at 1.15.45 PMScreen Shot 2017-09-27 at 1.15.51 PM

 

Using publicly available Twitter metadata, we can figure out location information, friends, sleep patterns, and a whole host of other information about an individual. For those that are into data analytics, you could even pull the content of the tweets and find interests, hobbies, frequented locations. Seriously, this is terrifying stuff. If you want to remain anonymous on the internet, limit the amount of information you’re letting the Twitter API take.

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s