“He remains one of the best security minds on the planet today,” Kevin O’Brien, co-founder and CEO of cybersecurity firm GreatHorn, said of Zatko after Twitter hired him.Īfter a Twitter hack in 2020 that led to the accounts of users including Elon Musk and Joe Biden being compromised, Twitter co-founder and then-CEO Jack Dorsey gave Zatko a broad mandate as the social-media company’s “head of security.” Zatko ultimately supervised hundreds of staffers and had a mission to evaluate Twitter’s security problems, present them to company leaders, and come up with a strategy to fix them, according to his disclosures. “They show how the potential for abuse is there…and it will inform the work we’re doing on this legislation.” The disclosures suggest that “Twitter is disorganized and careless” and highlight the “total lack of institutional and practical controls they have,” a senior Democratic staffer tells TIME. The Senate Judiciary Committee has also indicated it intends to investigate Zatko’s allegations, and the Senate Intelligence Committee is looking to set up a meeting with him, according to CNN. The House Energy and Commerce Committee is reviewing the documents, which are coming to light weeks after lawmakers advanced a landmark data privacy bill and the FTC launched an effort to review data privacy protections. Securities and Exchange Commission, the Bureau of Consumer Protection at the Federal Trade Commission, and the civil and antitrust divisions of the Justice Department, and a redacted version was shared with Congress. Zatko’s disclosures, which were first reported by the Washington Post and CNN and which TIME obtained from a congressional source, were sent to the U.S. The focus should be on the facts laid out in the disclosure, not ad hominem attacks against the whistleblower,” says John Tye, of Whistleblower Aid which is representing Zatko. This was just one example of Twitter’s “negligence and even complicity with respect to efforts by foreign governments to infiltrate, control, exploit, surveil and/or censor” the platform, its staff and its operations, Zatko alleges.Ī source close to the company says that Zatko’s claims around the time of his exit were “investigated and found to be sensationalistic and lacking merit.” “Mudge stands by everything in his disclosure, and his career of effective and ethical leadership speaks for itself. His disclosures allege that Twitter executives hired two people whom he believes were Indian government agents and put them in positions with “direct unsupervised access” to internal Twitter data and information. Zatko also says Twitter is beset by fundamental architectural flaws that allow too many employees “God mode” access to its systems, making the platform vulnerable to hackers and to influence by foreign intelligence agencies. Zatko’s disclosures allege the social media company’s executives committed securities law violations by making “material misrepresentations and omissions” in SEC filings, and asked him to mislead the board by minimizing security vulnerabilities. Security and privacy have long been company-wide priorities at Twitter and we still have a lot of work ahead of us.“ Zatko’s allegations and opportunistic timing appear designed to capture attention and inflict harm on Twitter, its customers and its shareholders. “While we haven’t had access to the specific allegations being referenced, what we’ve seen so far is a narrative about our privacy and data security practices that is riddled with inconsistencies and inaccuracies, and lacks important context. Zatko was fired from his senior executive role at Twitter for poor performance and ineffective leadership over six months ago,” a Twitter spokesperson told TIME. Ī Twitter spokesperson said the company had not seen Zatko’s allegations in full, but rejected a description of his main allegations. “If these problems are not corrected, regulators, media, and users of the platform will be shocked when they inevitably learn about Twitter’s severe lack of security basics,” Zatko wrote in a Feb. ![]() Notably, the disclosures imply that the problems were allowed to fester under Agrawal, who was the most senior executive in charge of security issues before Zatko arrived. The documents shine a light on what Zatko alleges are years of basic security failings at Twitter, which he says make the platform vulnerable to abuse and even total collapse. These vulnerabilities led to frequent serious security breaches, exploitation by bad actors, and infiltration by foreign governments, Zatko alleges. In 84 pages of disclosures and supporting documents, which TIME reviewed, Zatko accuses the $33 billion social-media platform’s top executives of violating the Federal Trade Commission Act and Securities and Exchange Commission regulations by misleading users, investors and board members about critical data security and privacy issues.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |