Peiter Zatko, the former head of computer security at Twitter, has just denounced to several American media the unscrupulous practices of the social network in terms of security. He also assures that the company did indeed lie about the number of bots present on the platform. Explosive allegations that could well have an impact in the lawsuit between Elon Musk and Twitter.
After the revelations provided by this whistleblower on the practices of Facebook, it is the turn of a former Tech executive to reveal the shortcomings of another social network: Twitter. Peiter Zatko, former IT security manager of the platform, has just denounced in detail the dubious practices of the company in a 200-page report provided to CNN and the Washington Post.
This former hacker, whose reputation is legendary in the middle, points the finger dozens of frauds committed in recent years. Among the most serious facts, he affirms in particular that Twitter violated an agreement with the Federal Trade Commission, relating to compliance with certain security standards on the platform. He also filed a complaint with this institution for the same reasons.
This commitment, made in 2011, mainly concerned the security offered by Twitter to its users. However, and according to the whistleblower’s report, half of the company’s servers are still running outdated software and are therefore particularly vulnerable to computer attacks.
Zatko joined Twitter at the request of Jack Dorsey
In an interview given to CNN, Mr. Zatko recounts having joined Twitter in 2020 at the request of Jack Dorsey, still CEO of the social network at the time. The creator of the blue bird wanted Peiter Zatko’s expertise to strengthen security systems. Remember, Twitter had been hit by a massive cyberattack, which resulted in the hijacking of accounts belonging to important and famous personalitieslike that of Barack Obama, Bill Gates or Kanye West.
After spending two years trying to patch numerous security flaws spotted in Twitter’s systems, he was sacked in January 2022 by the new executive board led by Parag Agrawal. According to Peiter Zatko, he was fired for refusing to remain silent about the company’s security vulnerabilities and questionable practices.
The former pirate justifies his speaking out by assuring that he still has a duty “towards Jack and the users of the platform”. I want to finish the job that Jack hired me to do, which is to improve the platform”.
Also read: Twitter – personal data of 5.4 million users is on sale for $30,000
Report confirms Twitter’s lies to Elon Musk
The report harbors another ticking time bomb. Indeed, Peiter Zatko confirms that Twitter did indeed lie to Elon Musk about the number of active fake accounts. In a tweet posted on May 16, Parag Agrawal assured that these bots represented less than 5% of the 450 million users monthly assets. “This tweet was a lie. In truth, Agrawal knows full well that Twitter executives have no interest in accurately detecting or reporting spambots,” he complains.
Worse still, he specifies that the leaders are incentivized (via annual bonuses of up to $10 million) to continually increase the number of users rather than removing robots.
As you can imagine, these allegations could have a significant impact on the upcoming lawsuit in October 2022 between Twitter and Elon Musk. The two entities are embroiled in a legal standoff after the Tesla boss withdrew in a $44 billion Twitter takeover deal. And while Jack Dorsey was added to the list of witnesses called to the bar this Tuesday, August 23, 2022, Elon Musk’s lawyers have already “issued a subpoena to Mr. Zatko”.
The billionaire’s representatives add that they have found “the exit of Mr. Zatko and those of other curious employees in light of what we have discovered”. A direct reference to the doubts expressed by Elon Musk on the quantity of fake accounts present on Twitter.
Various and disturbing accusations
Of course, Mr. Zakto’s disclosures to the SEC (Securities and Exchange Commission) contain other accusations:
- Indiscriminate access : a significant part of the vulnerability of Twitter’s systems is due to too many employees who have access to the most critical systems. Zakto asserts that half of the 7,000 employees can view personal data users and access internal software used to modify the functioning of Twitter
- Access to users’ personal data by government officialsespecially in India
- Data deletion fault : Twitter has not deleted user data in the past, despite requests. The reason ? This data is too dispersed in internal systems to be found
Twitter’s response to these revelations was swift. The social network accuses Peiter Zatko to go into sensationalism and to present the facts selectively: “Mr. Zatko was fired from his senior role at Twitter for his poor performance and ineffective leadership more than six months ago. While we have not had access to the specific allegations he refers to, what we have seen so far is a narrative about our privacy and data security practices that is riddled with inconsistencies and inaccuracies, and which lacks important context”, concludes Twitter.
Source : washington post