Whistleblower: China, India had agents employed for Twitter
WASHINGTON (AP) — Twitter's former safety leader told Congress Tuesday there was "at least one agent" from China's intellectual capacity work on Twitter's payroll with every one other accompanied by that the firm knowingly allowed India to add agents to the firm roster while well, potentially giving those nations access to sensitive facts concerning users.
These were some of the troubling revelations from Peiter "Mudge" Zatko, a respected cybersecurity expert with every one other accompanied by Twitter whistleblower who appeared earlier to the Senate Judiciary Committee to lay not here his allegations opposed to the company.
Zatko told lawmakers that the communal media platform is plagued by frail cyber defenses that build it in danger to exploitation by "teenagers, thieves with every one other accompanied by spies" with every one other accompanied by place the privacy of its users at risk.
"I am here today since Twitter leadership is misleading the public, lawmakers, regulators with every one other accompanied by flat its own board of directors," Zatko said while he began his sworn testimony.
"They don't know what facts they have, where it lives with every one other accompanied by where it came from with every one other accompanied by so, unsurprisingly, they can't retain protected from danger it," Zatko said. "It doesn't matter who has keys if there are no indeed locks."
"Twitter leadership ignored its engineers," he said, inside small portion since "their administrative incentives led them to prioritize profit over security."
Twitter Inc
EXPLAINER: Why Twitter's former safety head is testifying
Twitter whistleblower bringing safety warnings to Congress
Business Highlights: China's exports, Apple's new offerings
Judge: Musk tin use Twitter whistleblower nevertheless not delay case
In a statement, Twitter said its hiring procedure is "independent of some overseas influence" with every one other accompanied by access to facts is managed into and not here of a host of measures, including background checks, access controls, with every one other accompanied by monitoring with every one other accompanied by detection systems with every one other accompanied by processes.
One matter that didn't go nearer up inside the hearing was the question of whether Twitter is correctly counting its operative users, an important metric for its advertisers. Tesla CEO Elon Musk, who is trying to obtain not here of a $44 billion deal to buy Twitter, has argued lacking proof that numerous of Twitter's violently 238 million done every one day users are fake or malicious accounts, aka "spam bots."
The Delaware judge overseeing the instance ruled last week that Musk tin include new proof related to Zatko's allegations inside the high-stakes trial, which is place to start Oct. 17. During the hearing, Musk tweeted a popcorn emoji, regularly used to propose that one is sitting spine inside anticipation of unfolding drama.
Separately on Tuesday, Twitter's shareholders voted overwhelmingly to agree with the deal, according to multiple media reports. Shareholders have been voting remotely on the matter for weeks. The ballot was mostly a formality, mainly specified Musk's efforts to nullify the deal, although it does understandable a legal hurdle to closing the sale.
Zatko's message echoed one brought to Congress opposed to another communal media colossus last year. But different from that Facebook whistleblower, Frances Haugen, Zatko hasn't brought troves of inner documents to spine up his claims.
Zatko was the head of safety for the influential platform until he was fired early this year. He filed a whistleblower objection inside July accompanied by Congress, the Justice Department, the Federal Trade Commission with every one other accompanied by the Securities with every one other accompanied by Exchange Commission. Among his most solemn accusations is that Twitter violated the terms of a 2011 FTC settlement by falsely claiming that it had place stronger measures inside place to retain protected from danger the safety with every one other accompanied by privacy of its users.
Sen. Dick Durbin, an Illinois Democrat who heads the Judiciary Committee, said Zatko has comprehensive flaws "that may constitute a straight threat to Twitter's hundreds of millions of users while well while to American democracy."
"Twitter is an immensely strong platform with every one other accompanied by can't pay for gaping vulnerabilities," he said.
Unknown to Twitter users, there's a lengthy way additional of their personal details disclosed than they — or occasionally flat Twitter itself — realize, Zatko testified. He said Twitter did not address "basic systemic failures" brought forward by firm engineers.
The FTC has been "a little over its head", with every one other accompanied by a lengthy way behind European counterparts, inside policing the type of privacy violations that have occurred at Twitter, Zatko said.
Sen. Lindsey Graham, a Republican from South Carolina, said one positive consequence that could go nearer not here of Zatko's findings would exist bipartisan legislation to place up a tighter system of regulation of tech platforms.
"We need to up our game inside this country," he said.
Many of Zatko's claims are uncorroborated with every one other accompanied by become visible to have little documentary support. Twitter has called Zatko's description of events "a incorrect narrative ... riddled accompanied by inconsistencies with every one other accompanied by inaccuracies" with every one other accompanied by lacking important context.
Still, Zatko came off while a convincing whistleblower who has "a a large amount of credibility inside this space," said Ari Lightman, professor of digital media with every one other accompanied by marketing at Carnegie Mellon University. But he said numerous of the problems he raised tin probable exist found at numerous other digital technology platforms
"They retain away from safety protocols inside a sensory power of innovating with every one other accompanied by running really fast," Lightman said. "We gave digital platforms so a a large amount of autonomy at the beginning to grow with every one other accompanied by develop. Now we're at a point where we're, 'Wait a minute ... This has gotten not here of hand.'
Among the assertions from Zatko that drew observation from lawmakers Tuesday was that Twitter knowingly allowed the management of India to place its agents on the firm payroll, where they had access to extremely sensitive facts on users. Twitter's lack of ability to log how employees accessed user accounts made it firm for the firm to notice when employees were abusing their access, Zatko said.
Zatko said he spoke accompanied by "high confidence" concerning a overseas agent that the management of India placed at Twitter to "understand the negotiations" in the centre of India's ruling communal gathering with every one other accompanied by Twitter concerning new communal media restrictions with every one other accompanied by how well those negotiations were going.
Zatko too revealed Tuesday that he was told concerning a week earlier to his firing that "at least one agent" from the Chinese intellectual capacity work MSS, or the Ministry of State Security, was "on the payroll" at Twitter.
He said he was likewise "surprised with every one other accompanied by shocked" by an exchange accompanied by contemporaneous Twitter CEO Parag Agrawal concerning Russia — inside which Twitter's contemporaneous CEO, who was leader technology officer at the time, asked if it would exist possible to "punt" contented moderation with every one other accompanied by surveillance to the Russian government, since Twitter doesn't really "have the ability with every one other accompanied by tools to do things correctly."
"And since they have elections, doesn't that build them a democracy?" Zatko recalled Agrawal saying.
Sen. Charles Grassley, the committee's ranking Republican, said Tuesday that Agrawal declined to testify at the hearing, citing the ongoing legal proceedings accompanied by Musk. But the hearing is "more important than Twitter's secular litigation inside Delaware," Grassley said. Twitter declined to remark on Grassley's remarks.
In his complaint, Zatko accused Agrawal while well while other older executives with every one other accompanied by board members of numerous violations, including making "false with every one other accompanied by misleading statements to users with every one other accompanied by the FTC concerning the Twitter platform's security, privacy with every one other accompanied by integrity."
Zatko, 51, earliest gained prominence inside the 1990s while a pioneer inside the ethical hacking movement with every one other accompanied by subsequent worked inside older positions at an elite Defense Department research component with every one other accompanied by at Google. He joined Twitter inside late 2020 at the urging of then-CEO Jack Dorsey.
___
Follow Marcy Gordon at https://twitter.com/mgordonap
0 comments: