Twitter whistleblower cites security flaws before Congress
Twitter whistleblower cites safety flaws earlier to Congress
WASHINGTON (AP) — The former safety leader at Twitter told Congress that the communal media platform is plagued by frail cyber defenses that build it in danger to exploitation by "teenagers, thieves with every one other accompanied by spies" with every one other accompanied by place the privacy of its users at risk. Peiter "Mudge" Zatko, a respected cybersecurity expert, appeared earlier to the Senate Judiciary Committee to lay not here his allegations Tuesday.
"I am here today since Twitter leadership is misleading the public, lawmakers, regulators with every one other accompanied by flat its own board of directors," Zatko said while he began his sworn testimony.
"They don't know what facts they have, where it lives with every one other accompanied by where it came from with every one other accompanied by so, unsurprisingly, they can't retain protected from danger it," Zatko said. "It doesn't matter who has keys if there are no indeed locks."
Zatko said "Twitter leadership ignored its engineers," inside small portion since "their administrative incentives led them to prioritize profit over security."
His message echoed one brought to Congress opposed to another communal media colossus last year, nevertheless different from that Facebook whistleblower, Frances Haugen, Zatko hasn't brought troves of inner documents to spine up his claims.
Zatko was the head of safety for the influential platform until he was fired early this year. He filed a whistleblower objection inside July accompanied by Congress, the Justice Department, the Federal Trade Commission with every one other accompanied by the Securities with every one other accompanied by Exchange Commission. Among his most solemn accusations is that Twitter violated the terms of a 2011 FTC settlement by falsely claiming that it had place stronger measures inside place to retain protected from danger the safety with every one other accompanied by privacy of its users.
Twitter Inc
EXPLAINER: Why Twitter's former safety head is testifying
Twitter whistleblower bringing safety warnings to Congress
Business Highlights: China's exports, Apple's new offerings
Judge: Musk tin use Twitter whistleblower nevertheless not delay case
Sen. Dick Durbin, an Illinois Democrat who heads the Judiciary Committee, said Zatko has comprehensive flaws "that may constitute a straight threat to Twitter's hundreds of millions of users while well while to American democracy."
"Twitter is an immensely strong platform with every one other accompanied by can't pay for gaping vulnerabilities," he said.
Unknown to Twitter users, there's a lengthy way additional personal details disclosed than they —or occasionally flat Twitter itself — realize, Zatko testified. He said "basic systemic failures" that were brought forward by firm engineers were not addressed.
The FTC has been "a little over its head", with every one other accompanied by a lengthy way behind European counterparts, inside policing the type of privacy violations that have occurred at Twitter, Zatko said.
Zatko's claims could too affect Tesla billionaire Elon Musk's try to spine not here of his $44 billion deal to obtain the communal platform. Musk claims that Twitter has lengthy underreported spam bots on its platform with every one other accompanied by cites that while a source to nix the deal he struck inside April.
Many of Zatko's claims are uncorroborated with every one other accompanied by become visible to have little documentary support. Twitter has called Zatko's description of events "a incorrect narrative ... riddled accompanied by inconsistencies with every one other accompanied by inaccuracies" with every one other accompanied by lacking important context.
Among the assertions from Zatko that drew observation from lawmakers Tuesday was that Twitter knowingly allowed the management of India to place its agents on the firm payroll, where they had access to extremely sensitive facts on users. Twitter's lack of ability to log how employees accessed user accounts made it firm for the firm to notice when employees were abusing their access, Zatko said.
Zatko too accuses the firm of deception inside its handling of automated "spam bots," or fake accounts. That allegation is at the centre of billionaire tycoon Elon Musk's try to spine not here of his $44 billion deal to buy Twitter. Musk with every one other accompanied by Twitter are locked inside a sharp legal battle, accompanied by Twitter having sued Musk to strength him to complete the deal. The Delaware judge overseeing the instance ruled last week that Musk tin include new proof related to Zatko's allegations inside the high-stakes trial, which is place to start Oct. 17.
Sen. Charles Grassley, the committee's ranking Republican, said Tuesday that Twitter CEO Parag Agrawal declined to testify at the hearing, citing the ongoing legal proceedings accompanied by Musk. But the hearing is "more important that Twitter's secular litigation inside Delaware," Grassley said. Twitter declined to remark on Grassley's remarks.
In his complaint, Zatko accused Agrawal while well while other older executives with every one other accompanied by board members of numerous violations, including making "false with every one other accompanied by misleading statements to users with every one other accompanied by the FTC concerning the Twitter platform's security, privacy with every one other accompanied by integrity."
Zatko, 51, earliest gained prominence inside the 1990s while a pioneer inside the ethical hacking movement with every one other accompanied by subsequent worked inside older positions at an elite Defense Department research component with every one other accompanied by at Google. He joined Twitter inside late 2020 at the urging of then-CEO Jack Dorsey.
___
Follow Marcy Gordon at https://twitter.com/mgordonap
No comments: