Elon Musk’s Twitter rate limit explained
- Twitter has applied limits on the number of tweets you can read each day
- Elon Musk claims it is to prevent spam and data-scraping bots
- Web developers say an error has led to the platform ‘DDoS’-ing itself
Twitter users were thrown into a state of despair on Saturday when, after happily scrolling through the latest Love Island, Real Housewives or Ashes commentary, they were blocked from refreshing their feeds. The message ‘Sorry, you are rate limited. Please wait a few moments then try again’ popped up at the top, and soon after ‘#TwitterDown’ became a trending topic worldwide.
A state of confusion went on until Twitter boss Elon Musk explained that limits had been applied “to address extreme levels of data scraping & system manipulation” – of course, via a tweet after the event, rather than a warning ahead of time.
At that point, unverified accounts – i.e., those not paying a monthly subscription fee for Twitter Blue – could only read 600 posts a day, while this was increased tenfold for verified accounts. This appeared to include Tweets and replies, regardless of the dwell time, but it is unclear whether ads are included too.
It wasn’t long until the seemingly erratic Mr. Musk increased the rate limits, first to 800 read posts a day for unverified users and 8,000 for verified users, then to 1,000 and 10,000 posts respectively. He then offered the first explanation for the limits by retweeting an Elon Musk parody account which wrote: “We are all Twitter addicts and need to go outside.” Whether this made you chuckle or roll your eyes, it was clear that users had still not been given the full picture.
Twitter self-inflicted its own DDoS attack?
Some web developers and tech enthusiasts hypothesized that users were reaching rate limits because Twitter was unintentionally utilizing user browsers to DDoS itself – or scale ‘distributed denial-of-service’ attacks. These occur when a bad actor floods a service or network with fake internet traffic, often using multiple compromised devices to do so, thus preventing regular traffic from accessing it.
As Twitter user and developer @sysop408 put: “Someone made an ill-advised change at Twitter that caused some code on the Twitter website to spiral into an unchecked request look.” They posted a video of the site’s script spiraling out of control to prove their claim.
Twitter appeared to be continuing to fire off requests for feed content, despite nothing loading. The code may have been broken when developers implemented rate limits to address data scraping, as Musk said. But some think it could be linked to an earlier request from above – to block users who have not logged in from viewing any tweets at all.
It was also unclear whether the DDoS was triggered by intentional changes made at Twitter HQ or whether it caused the rate limits and restricted feed access itself. Either way, Yoel Roth, the former head of trust and safety on Twitter, wrote on rival platform Bluesky: “Futzing around with rate limits is probably the easiest way to break Twitter.”
YOU MIGHT LIKE
Twitter API vulnerability leaves millions exposed
It was on purpose, honest!
A few hours before the rate limits were installed, Musk tweeted that “almost every company doing AI… was scraping vast amounts of data, ” seemingly accusing developers, like OpenAI, of training their chatbots on tweets. Since his appointment as CEO, and subsequent role change to executive chair and CTO, he has been making moves to pull up the drawbridges which allow third parties to make use of Twitter data.
One such move was changing the free access to the site’s API to paid in March, which happened through a series of sporadic restrictions being applied, causing chaos for small developers who relied on it. Those who could, and did, fork out up to $42,000 per month for access to the API complained that its quality had never been worse. A developer told Mashable: “Everything used to work fine before we started paying half a million per year.”
Yesterday, Twitter doubled down on its assertion that the rate limits were placed intentionally to “remove spam and bots from our platform” in an official blog post. “We temporarily limited usage so we could detect and eliminate bots and other bad actors that are harming the platform,” it read. “Any advance notice on these actions would have allowed bad actors to alter their behavior to evade detection.” The post also confirmed that, as well as spam tweets, the rate limits are targeting those scraping Twitter data to train AI models.
Advertisers, shmadvertisers
While these restrictions are allegedly temporary – an end date has yet to be specified – they seem counterproductive. Despite an ever-growing collection of subscription-only features, Twitter’s primary source of income remains its advertisements. There is little incentive for advertisers to allocate spending to the platform if the sponsored tweets are not going to be seen.
Twitter insists that the changes only “affect a small percentage of people using the platform” and that the “effects on advertising have been minimal,” but it is still a risky maneuver given that advertiser trust in Twitter has been dwindling. The company’s US advertising revenue in April was down 59 percent from a year earlier, according to the New York Times, largely thanks to the restored access to banned accounts and reduced content moderation practices.
The Twitter mass exodus
Four days after the rate limits were imposed, it is still unclear how the key metrics behind them are calculated, like how Twitter knows when a Tweet has been read. There is also a separate, smaller rate limit for ‘new’ unverified accounts, but we do not know when they stop being counted as new.
The frustrations are the latest on a long list curated by Twitter users since Musk’s US$44 billion takeover, that was completed in October. Others relate to the removal of blue ticks from accounts not subscribed to Twitter Blue, relaxed hate speech policies, and the mass layoffs of key employees. This list is non-exhaustive.
If you’re looking for a new platform to get your news and view, check out the alternatives curated by TechHQ.