your current location is:Home > TechnologyHomeTechnology

Former Twitter security chief acts as whistleblower: report shocking security inaction

  • joy
  • 2022-08-24 13:35:04
  • 305 read
  according to reports, according to related complaints and whistleblower documents submitted to the US Securities...

  according to reports, according to related complaints and whistleblower documents submitted to the US Securities and Exchange Commission (SEC), the Federal Trade Commission and the US Department of Justice, the US social media Twitter (Twitter) appeared. A heavyweight "whistleblower" has been reported to Twitter for egregious inaction on user privacy, cybersecurity and content moderation on the platform.

  The complaints were filed by Whistleblower Aid, a nonprofit law firm in the United States, this time assisting former Twitter security chief Peiter "Mudge" Zatko. In a past revelation by Facebook's parent company Meta, the "whistleblower helper" also represented well-known whistleblower Frances Haugen.

  The whistleblower helper confirmed to the press that the above-mentioned whistleblower document is true.

  Affected by this news, Twitter's stock price plummeted sharply that day, down as much as 7.3%.

  In his whistleblower filing with the SEC, Zucker said he has witnessed numerous times in 2021 that Twitter executives make deceptive and misleading statements involving the board, users and shareholders. Among them, the company's CEO, Parag Agrawal, asked Zach to provide false and misleading documents.

  Later, Zach was suspended. In his last work report before his suspension, Zach accused Twitter management of failing to truthfully report problems to the board in four areas.

  These four problems include: outdated software that lacks the most basic security safeguards; management confusion over who can access or control systems and data; problems with internal processes; and numerous cybersecurity incidents affecting large numbers of users' data, the number of incidents being overwhelming People are shocked.

  In the report, Zucker said that more than half of Twitter's 500,000 servers were running outdated software, and that a quarter of employee computers did not receive regular operating system upgrades (upgrades that provide critical security patches).

  Zach said that Twitter casually allows employees to enter the platform work environment, and he has never seen such chaos in a company as historical and important as Twitter. He believes that almost all Twitter employees have gained access to systems or data that they should not have.

  Twitter could be found to have violated a 2011 agreement with the Federal Trade Commission if the U.S. government determines that Twitter has misled consumers about its security measures. In this agreement, for the next 20 years, Twitter promises that it will never mislead or deceive consumers about how to protect consumer safety and privacy data.

  The agreement also requires Twitter to establish comprehensive information security systems and to have those security systems reviewed by an external independent auditor for ten consecutive years.

  A spokesman for the U.S. Senate Intelligence Committee said the committee had also received the whistleblower letter and was convening a special meeting to discuss it. "We are taking this matter seriously."

  Fake account information Musk cares about

  Zach, the whistleblower, also referred to Twitter's misdirection towards outside acquirer Musk. Earlier, Twitter claimed that the proportion of fake accounts and bot accounts was less than 5%, and Musk did not believe it. Musk is preparing to cancel the agreement to buy Twitter, and the two sides have entered court proceedings.

  A lawyer representing Zucker said there was no connection between Zucker and Musk.

  Musk's lawyers said the team had issued a subpoena to investigate Zucker, and the team believed that Zucker and other departing Twitter executives could bring some of the information the team was looking for.

  As planned, the lawsuit between Musk and Twitter will begin in October, and a court in Delaware will rule on whether Musk is still obligated to complete the Twitter acquisition process.

  Zack reported that on May 16, Twitter CEO Egwa said that every day, Twitter will do its best to find and delete bot accounts. But Egvar's claim is just a lie.

  Zack said Twitter executives had no interest in weeding out bot accounts, and the entire management had no appetite to assess the proportion of fake accounts because, if accurate data were made public, it would damage Twitter's public image and capitalization.

  Zach reported that, in many ways, Twitter lacked security measures and systems. About 7,000 of Twitter's employees are reported to have access to the company's internal software, and that access is not monitored.

  CEO response

  In an open letter to employees, Egvar said Zach was just a former executive who was fired in January 2022, citing poor performance and a lack of effective leadership.

  Egvar said Twitter was learning about Chuck's public allegations. What I see so far are basically false descriptions, full of errors and self-contradictions, and some descriptions have no context. A Twitter spokesperson confirmed that some of the information released by the media was indeed part of Egwa's open letter.

  Given Twitter's current spotlight, management expects to see more headlines in the next few days that will make the job harder for Twitter employees, Egvar said.

  He said he understands that employees are proud to work at Twitter and cherish the company's values. "We will defend our character as a company in every way, and we will provide facts to face the truth."


TAG: No label

Article Comments (0)

    • This article has not received comments yet, hurry up and grab the first frame~


Top