Former Twitter security chief denounces “flagrant deficiencies and negligence” in the social network

Twitterlinkedin

Although we recently learned that the data of millions of Twitter users had ended up being auctioned by a hacker. Now, your safety is again in question.

The social network of the little blue bird would have been presenting, and ignoring, multiple security problems for several years. These, in addition to being a threat to their users and shareholders, would also be a threat to national security and democracy, according to statements by Peiter “Mudge” Zatkoformer Twitter security chief, made exclusively to CNN and The Washington Post.

Zatko, a famous hacker and cyber security expert, started working for Twitter in late 2020, after the social network suffered a serious attack in which the accounts of Joe Biden, Elon Musk and other personalities were hijacked. The company fired him in January 2022.

Zatko reported this situation to the US authorities in July

The former Twitter security chief filed a series of complaints with the US Securities and Exchange Commission, the Federal Trade Commission and the Justice Department last July. These detailed various irregularities on the platform, failures in its security and recklessness in Twitter’s working structure.

Zatko assured in his statements that he had already tried to warn the company’s board of directors, without any success.

Lack of security controls, internal spying and disabled firewalls

In the work environment that Zatko describes, chaos seems to prevail, while control is rather absent. According to the hacker, Twitter does not have basic security controls and half of the 500,000 servers in Twitter’s data center integrate a software that is outdated and incompatible with these functions. In addition, an excessive number of workers have access to the company’s internal software, giving them access to a multitude of sensitive data.

Likewise, the company would not actively monitor the activity of employees on their computers, facilitating the installation of spyware. Due to this, multiple espionage attempts at the request of external organizations would have been discovered.

Furthermore, Zatko claims that the workers’ own handheld devices contain complete copies of Twitter’s source code. And that a third of these blocked automatic security fixes, had the firewalls disabled and enabled remote access for unapproved purposes.

Hard blow to Twitter before his trial against Musk

At the beginning of July, one of the relationships that gave the most talk this year was coldly broken, through a letter between lawyers. Elon Musk renounced the purchase of Twitter due to the inability of the social network to demonstrate the number of false accounts and bots present in it. However, this rupture, far from being friendly, has ended up in court.

Now, Zutko’s statements would pave the way for Musk ahead of the trial in which the tycoon intends to get rid of the payment of 44,000 million dollars to Twitter. And, it is that, the hacker, among all the failures indicated, would also have highlighted the inability of the social network to moderate and count the real number of bots.

Something to which the tycoon has not been slow to react from his own Twitter account, making a play on words with the nickname of whistleblower (snitch, confidant) with which Zutko has been described.

Image: Depositphotos

Stay informed of the most relevant news on our Telegram channel