IP address X-posure now a feature on Musk's social media thing Video and audio calling features for X Premium users added last year to Elon Musk's version of Twitter have been expanded to everyone on the platform, and FYI: It may reveal your IP address to those you're nattering away to. For some of you, that's not a problem. You're calling people you know and trust anyway. For others, it …
It seems that Twitter in solidarity with Facebook have decided to enhance security by stopping anyone login in at the moment.
Unlike FB, my connecting Twitter session hasn't expired, but can't login on the web at the moment.
> To find the audio and video calling features, which can only be disabled or modified in the Twitter app, not on the website,
Is the new calling feature only a thing in the App? as you say, I can't find anything in the settings about this on the web based access.
Am I correct in the wording of he article that you now cannot directly message a another user on Twixter unless you pay for a subscription or the other part has paid and message you first?
I mean if Elons goals is to drive all the free users off the platform to another one where you can message for free, then hes doing good work with that. Maybe he just wants only the die hard Musk fanbois left on Twixter as surely they would be dumb enough to pay a monthly fee to use it?
The Register knows my IP address as well, when my browser client connects to the server. Peer-to-peer video calls would, by their very nature, also require disclosing one's IP address to the other peer. The workaround is to run traffic through an intermediary, which seems like what X is doing. How is this any different than any number of other Internet-related services? The Register hates X and Elon, I get that, but the fact that sniffing traffic from a peer-to-peer connection reveals the destination of the traffic is obvious.
Not to mention that knowing someone's IP address does not let you "physically" track them. The author needs to write more clearly and possibly gain a better understanding of how the IP protocol works. Not everything X does is malicious.
> Not everything X does is malicious.
True that: there is still that bloke who pauses at the entrance to the car park, to let pedestrians cross first; they can't let him go as he is the only one who knows how to make Elon's coffee, which makes him the most valuable employee.
Although the rumour is that he'll be getting a company Tesla; the autopark won't suffer from his un-X-like behaviour.
Yes, we've expanded that part of the article. We do know what IP addresses and P2P comms are all about.
This is a heads up for those who assumed Twitter's calling feature was routed through X servers. It's not, by default, you have to switch that on.
We felt this was something worth pointing out to people in general. Not everyone is an IT expert like yourself.
C.
Hopefully it's in hand. I thought it had changed when the GDPR rules came into play, one of my blocks changed but not the other, but it used to be the rules for having real IP address blocks. My business is based at my home.
The real laugh is that websites never get my location right. They claim I'm all over the country, but never close to home :-)
The marketing people were never allowed to make use of the whois data, I guess the like of RIPE aren't good to pick a fight with, you suddenly find you can't connect to the Internet :-)
I had the same question - why is this news? Of **COURSE** the person you're doing a peer-to-peer anything with gets your IP address. Am I missing some other point here?
In my case, I'm on T-Mobile home internet; my public IP address isn't always in the same state as me!
The news to me was that there may be video calling going via a host provider is is masking the IP addresses of the participants! Although thinking about it, that would be the easy way to intercept data for building profiles etc. Now I'm envisioning Google/Facebook/X data centres with masses of servers doing voice and facial recognition on live video calls, all in the name of "privacy".
Personally, I've never assumed privacy on the Internet ever since I first looked into how email worked and realised it was the equivalent of sending a message through the public mail system on a postcard, ie pretty much since I first got an internet connection.
To its credit, Xitter discloses that its audio and video calling exposes user IPs on the help page for the feature. X said "once our servers facilitate the initial setup, the call itself is routed peer-to-peer such that each parties [sic] IP address may be visible to the other."
Not sure if that was something that was accidentally left in before publishing or if it was intentional, but if El Reg adopted that as the new official unofficial moniker for the company, I would find it hilarious.
Yes. The application will call home to Twit-central, and the software there will join the two ends together - a bit like the old plug-in switchboards. Unlike the old switchboards, the call routing will not continue through Twit-central. Once each end knows the public IP addresses, they can talk to each other point-to-point. The Network Address Translation side of the firewall will track the passing packets so it knows where to return the data to internally. I would guess (hope) the app is using HTTPS as pretty much every firewall device on the Net passes that without messing with it.
And thanks to this article, I have already disabled this unwanted feature bloat!
@Licensed_Radio_Nerd
Quote: "...Twit-central, and the software there will join the two ends together...the call routing will not continue through Twit-central..."
Reason for my question:
(1) peerA - NAT - internet_server - NAT - peerB ## works as described where the internet_server "joins the two ends"
(2) peerA - NAT - vanilla_internet - NAT - peerB ## don't see how this can ever work
Why do ordinary people have to pay to get a service provider to connect a peer-to-peer communication?
And, of course, maybe the "internet_server" is saving (at least some) metadata!!!!!!!
>Peer B etc
Both ends of the VPN connection need to run the same “brokered” VPN client.
> Why do ordinary people have to pay to get a service provider to connect a peer-to-peer communication?
Operator connected calls have always carried a premium…
> And, of course, maybe the "internet_server" is saving…
There will be a saving due to the connnection not having to be trombones via X’s servers.
I have a Twitter account, never used it much. But, prompted by this article, I just opened the app for the first time in ages (well over a year I guess) and edited the setting. I scrolled through the first dozen or so messages on my timeline just to see what's what (I followed maybe a dozen accounts, mostly infosec)
All of them were far-right / hate speech type stuff, it was quite unbelievable. Just wow. I'll keep the account just so no-one else can grab my username, but I don't see myself ever using it again.
I had exactly the same experience when I logged in for the first time in over a year a couple of weeks back. I had the pleasure of a video of a drug lord being murdered, a dad beating the crap out of his daughter for having an OnlyFans account and a fight on the Tube. I follow tech news, science news, retro tech and some comedians. Don't know how anyone can cope with Twitter anymore.
I haven't logged into it in ages and I don't follow anyone, so if that's what's "trending" to be put in the feeds of people there I guess that's not exactly going to draw in a lot of new users. At least existing users who follow a lot of stuff would (hopefully/presumably) not get the nazi shit but instead get the people they followed. But who knows, since Musk has effectively forced himself into everyone's feeds you are going to get some alt-right stuff no matter what!
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
