Tuesday, May 7, 2024

Vogon Today

Selected News from the Galaxy

StartMag

All the cyber flaws of Twitter according to the former head of security

2 years ago babelfish

All the cyber flaws of Twitter according to the former head of security

The former security chief accuses Twitter of mismanagement of cybersecurity. The lawsuit also has potential implications for Twitter's legal battle with Musk, who is looking to break out of a $ 44 billion contract to buy the social media platform.

Twitter misled federal regulators about security measures taken against hackers and spam accounts.

This is the complaint of the former head of security of the social media company Peiter Zatko who describes – according to the CNN and the Washington Post – a chaotic society, unable to protect its 238 million daily users, including government agencies, heads of state and other public figures.

Zatko sent his complaint to the SEC, the Justice Department and the Federal Trade Commission on July 6. The allegations come as the social media company is facing a legal battle with Elon Musk over the Tesla owner's Twitter acquisition deal for more than $ 44 billion.

The American businessman tried to pull out of the deal on July 8 – without paying the $ 1 billion penalty – citing Twitter's inability to provide details of bot and spam accounts. According to Zatko's complaint, Twitter executives lack the resources to fully understand the real number of bots on the platform, CNN reveals.

All the details await the trial that will begin on October 17 in Delaware.

THE ACCUSATIONS OF ZATKO

Twitter executives deceived federal authorities and the company's board of directors about the "serious shortcomings" in its defenses against hackers and its efforts to combat spam.

Additionally, Zatko claims that approximately 5,000 full-time employees have had extensive access to the company's internal software. What's more, access was not closely monitored, giving them the ability to tap into sensitive data and change the way the service works.

In the document, the former Twitter chief of security accuses the company, its chief executive Parag Agrawal and other managers of "extensive legal violations", including misleading statements to users and investors, as well as acting with "negligence if not complicity" towards the efforts of foreign governments to infiltrate the platform. Zatko's most damaging accusation is the fact that Twitter violated the 2011 agreement with the FTC on the protection of user data.

WHO IS THE FORMER SECURITY MANAGER OF TWITTER

Peiter Zatko is a famous hacker known as Mudge. He joined the social network at the end of 2020 but held the position of head of security for only two years, until last January.

During his time with the company, Zatko said he encountered a number of vulnerabilities "waiting to be discovered". It says it has found that half of the company's 500,000 datacenter servers run with outdated software that doesn't support basic security features, such as encrypting stored data, or that no longer have received regular security updates from their vendors. This meant that Twitter suffered from an "abnormally high rate" of security incidents, Zatko said.

THE REPLY OF THE COMPANY

All allegations from the micro blogging company denied.

A Twitter spokesperson said Tuesday that the company lifted Zatko from his senior executive role in January for "ineffective leadership and poor performance."

“Zatko's accusations and opportunistic timing seem designed to grab attention and inflict damage on Twitter, its customers and its shareholders. Security and privacy have long been the company's entire priorities on Twitter and will continue to be. ”

This is a machine translation from Italian language of a post published on Start Magazine at the URL https://www.startmag.it/innovazione/tutte-le-magagne-cyber-di-twitter-secondo-lex-capo-della-sicurezza/ on Wed, 24 Aug 2022 05:04:03 +0000.