I love this, but have found it much too easy to view other people's generated tweets.<p>Because each generated tweet's URL ID is generated from a numerical value iterated by 1 upon each generation, and because there is no auth in front of tweets (likely to make sharing easier), all generated tweets are trivially browsable at moment of generation via manually iterating the URL's ID number by 1.<p>I.e. I am able to view with no auth:<p><a href="https://tweets.gptlabs.us/tweet/1000" rel="nofollow">https://tweets.gptlabs.us/tweet/1000</a>
<a href="https://tweets.gptlabs.us/tweet/1001" rel="nofollow">https://tweets.gptlabs.us/tweet/1001</a>
<a href="https://tweets.gptlabs.us/tweet/1002" rel="nofollow">https://tweets.gptlabs.us/tweet/1002</a>
<a href="https://tweets.gptlabs.us/tweet/1003" rel="nofollow">https://tweets.gptlabs.us/tweet/1003</a>
<a href="https://tweets.gptlabs.us/tweet/1004" rel="nofollow">https://tweets.gptlabs.us/tweet/1004</a>
<a href="https://tweets.gptlabs.us/tweet/1005" rel="nofollow">https://tweets.gptlabs.us/tweet/1005</a>
<a href="https://tweets.gptlabs.us/tweet/XXXX" rel="nofollow">https://tweets.gptlabs.us/tweet/XXXX</a>.........<p>It's therefore trivial to download the entire database of generated tweets via script, including many harmful ones, associated with people who would potentially not consent to ever sharing them.<p>A trivial fix could be to re-generate all tweet IDs using long, alphanumeric, non-iterable, case-sensitive IDs.<p>Otherwise, a clear warning of this current default publicity would also be good to input at every point of the journey.