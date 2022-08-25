Drafting

BBC News World

24 August 2022

image source, Getty Images

A former Twitter security chief has claimed that the company misled US authorities and its users about security flaws in its services.

In a statement to Congress and other organizations that has been revealed by the American news network CNN and the newspaper “The Washington Post”, the informer, identified as Peiter Zatko, affirmed that the firm underestimated the number of false accounts and spam that there is on your platform.

The accusations could affect the legal battle that Twitter maintains with the billionaire Elon Musk, after the latter announced his intention to cancel the agreement for $44 billion to buy the company.

After assuring that Zatko’s remarks are “inaccurate and inconsistent”, Twitter revealed that the informer was fired in January for poor performance.

negligent attitude

Zatko accused Twitter of failing to maintain strict security practices and “lying about bots to Elon Musk” in the complaint he also brought to the Securities and Exchange Commission last July. The BBC has seen a copy of the document, which was shared by the US news network CBS News.

In the text, the informer criticizes the way in which Twitter has been handling sensitive information and, above all, how it has faced the attacks on its platform.

image source, Getty Images Caption, The former Twitter security chief has assured that the company has not paid attention to external and internal threats and that this endangers user information.

Twitter has faced a series of high-profile hacks. Former president Barack Obama and the current president, Joe Biden, as well as the singer Kanye West have been some of the targets of these attacks.

The confidant maintains that the social network has suffered a high rate of security incidents. “About one every week serious enough that Twitter had to report it to regulators,” he said.

He also denounced the company’s failure to take steps to deal with so-called insider threats – security risks posed by people with malicious intent from within the company. These asserted that there were “virtually unattended”.

Out of control

The former head of security, in his complaint, describes Twitter as a chaotic company where many employees have access to sensitive systems that contain users’ personal data.

image source, Getty Images Caption, Despite the fact that Twitter registers a very high rate of “security incidents”, management has not taken extraordinary measures to prevent attacks, Zatko said in his complaint.

Zakto said it warned that the company lacked a viable disaster recovery plan and that, in the past, it did not properly delete the data of people who canceled their accounts.

As for fake and spam accounts, he said “deliberate ignorance was the norm,” and accused management of showing little interest in precisely identifying how many there really are on its platform.

In the opinion of the newspaper “The Washington Post”, the confidant “provided little solid evidence” to support these claims.

Ammo for Musk

Elon Musk’s lawyers have been quick to react to Zatko’s revelations. The Tesla founder is in the middle of a legal battle with Twitter, after he announced his intention to break the billionaire deal to acquire the social network, arguing that the company has no way of verifying how many of its 229 million active users newspapers are really people.

image source, Getty Images Caption, The lawyers of Elon Musk, who is fighting Twitter over the latter’s decision to give up his intentions to buy the firm, have listened carefully to Zatko’s complaints.

Following the release of the whistleblower’s remarks, Musk tweeted screenshots of the story published by the US newspaper.

Zatko’s lawyer told CNN that his client filed his complaint before the businessman did public its offer for acquiredlaugh to the technology firm, and that he had not contacted him.

However, one of Musk’s lawyers, Alex Spiro, told the same network that Zatko had been called as a possible witness in the process that Twitter initiated against his client.

deep throat 2.0

The informer is a former hacker and a well-known figure in computer security circles.

image source, Getty Images Caption, The former Twitter security chief presented his complaints against the technology firm to the United States Congress, as well as to the Commission and the Stock Exchange.

Nicknamed “Mudge,” he was a member of the computer security think tank L0pht (pronounced “loft”), and participated in the Congressional hearings on cybersecurity in 1998.

He has also held senior positions in Google and in the research and development agency of the US government, DARPA.

“What we have seen so far is a false narrative about Twitter and our privacy and data security practices that is riddled with inconsistencies and inaccuracies and lacks significant context,” a Twitter spokesperson said.

“Zatko’s accusations and timing seem designed to grab attention and inflict harm on Twitter, its customers and its shareholders. Security and privacy have long been Twitter priorities and will continue to be,” it added.

For his part, John Tye of the organization Whistleblower Aid, which is advising Zatko, described him as a “hero” and called on authorities to investigate his allegations.