Twitter whistleblower raises security concerns

Share on facebook
Share on linkedin
Share on twitter

Print

Image Source: PBS

A former Twitter security head turned whistleblower testified in court that the firm deceived customers and US regulators about security flaws.

Peiter Zatko also asserted that Twitter miscalculated the number of phony and spam accounts that were present on its network.

The allegations could have an impact on Twitter’s legal dispute with billionaire Elon Musk, who is attempting to back out of his $44 billion (£37 billion) purchase agreement with the company.

Twitter claims that Mr. Zatko’s accusations are unreliable and contradictory.

According to the report, he was fired in January due to poor performance and ineffective leadership.

In his damning revelations, Mr. Zatko charged Twitter with breaching strict security procedures and “lying about bots to Elon Musk,” which were first made public by CNN and The Washington Post.

In July, he submitted his grievance to the Securities and Exchange Commission. A redacted version of the complaint was made available to the BBC via CBS news.

Mr. Zatko also attacked Twitter’s handling of private data and asserted that it misreported some of these issues to US regulators.

Barack Obama, Joe Biden, and Kanye West have all been targeted in high-profile Twitter hacks.

Mr. Zatko expresses concerns about Twitter’s allegedly high rate of security incidents, which he claims averaged “roughly one security incident each week serious enough that Twitter was required to report it to regulators.”

He claimed that “nearly unmonitored” security concerns posed by individuals within the organization were known as “insider threats.”

The former security chief expressed his concern about how Twitter handled data by claiming that too many employees had access to private systems and user information.

He expressed concern that there was no effective disaster recovery plan in place for the business and asserted that in the past, Twitter had not properly deleted the data of users who had properly canceled their accounts.

Read Also: Jack Dorsey subpoenaed by Elon Musk 

He claimed that “deliberate ignorance was the norm” at the tech company when it came to fake and spam accounts, and he charged Twitter executives with having little motivation to count the number of such accounts on their platform accurately.

According to The Washington Post, he “provides little actual proof” to support these claims.

Lax Twitter security

However, Elon Musk’s legal team has already reacted to the remarks. His legal team claims that Twitter cannot confirm how many of its 229 million daily active users were actual humans in an effort to get the Tesla CEO out of the arrangement.

Following the disclosures made by Mr. Zatko, Mr. Musk tweeted screenshots of the article from The Washington Post along with a graphic that said, “give a small whistle.”

According to Mr. Zatko’s attorney, who spoke to CNN, his client began the whistleblower procedure before the takeover proposal became known and had not gotten in touch with Elon Musk.

Alex Spiro, a representative for Elon Musk, revealed to CNN that Mr. Zatko had been summoned as a potential witness.

Peiter Zatko is a well-known name in the world of computer security and is a former hacker.

He went by the moniker Mudge and was a member of the L0pht (pronounced “loft”) think tank on computer security. In 1998, he participated in congressional hearings on cyber-security.

Additionally, he has held executive positions at Google and DARPA, the research and development arm of the US government.