Affiliate links on Android Authority may earn us a commission. Learn more.
š³ Good morning, and sorry for the slight delay in putting the Daily Authority in your inbox. No one to blame but yours truly. Hope your day is going better!
Twitter is a security nightmare, says former Twitter security head
Even before Elon Musk got involved, Twitterās inner workings have been a source of endless drama that often found its way to the public. Now, an explosive new whistleblower report paints a damning picture of the companyās security practices. And the whistleblower is none other than Twitterās former security boss.
- Dual reports from CNN and The Washington Post revealed yesterday that Peiter āMudgeā Zatko, Twitterās former head of security, alleges the company has shockingly poor security practices and that itās misled regulators about it.
- The allegations were made in a detailed 200-page whistleblower disclosure that Zatko filed with the SEC, FTC, and the Department of Justice in the US.
- Zatko is a well-known figure in the security industry. A long-time āethical hacker,ā he occupied roles at Google, Stripe, and the Department of Defense, before joining Twitter in 2020.
- Former Twitter CEO Jack Dorsey recruited Zatko after a highly embarrassing incident that saw crypto-scammers take over the accounts of Joe Biden, Elon Musk, and other world-famous users.
The allegations
- Zatkoās main charge is that Twitter fosters a culture of lax security. More than half of the companyās 7,000-strong workforce have access to usersā personal data, as well as internal management tools for the service.
- Thousand of company-issued laptops have copies of Twitterās full source code on them.
- The company was forced to hire at least one Indian government agent, who then had access to sensitive user information, Zatko claimed.
- Twitter executives have no incentive to accurately count the number of bots and spam accounts on the platform. Quite the opposite, bonuses are tied to the number of active users, meaning execs are financially motivated to ignore the bot problem.
- Zatko claimed Twitter deliberately misled both users and regulators about its security and privacy practices, violating an agreement with the FTC from 2011.
- The company failed to delete user data in the past, simply because it couldnāt keep track of where user data was stored and who had access to it.
- Jack Dorsey, who left Twitter in May of this year, was a ādisengagedā CEO. Towards the end of his reign, he barely spoke in meetings, sometimes for days on end, Zatko said. Senior staff had concerns about his health, and even junior and mid-level employees felt the company was rudderless. In this climate, Zatko claimed he received no support for his push to improve security practices.
The fallout
- Itās still very early, but Zatkoās whistleblower disclosures have already generated waves.
- US lawmakers on both sides of the aisle are already investigating the accusations. Members of Congress have also asked the FTC to analyze whether Twitter has broken the terms of its 2011 agreement.
- Elon Musk was quick to use Zatkoās allegations to paint Twitter in a negative light, even if the report doesnāt contain evidence to support Muskās claims that Twitter greatly undercounted the number of bots and spam accounts. The billionaire is engaged in a legal battle with Twitter, as heās trying to walk out of a deal to acquire the company. (Heās also had some pretty interesting ideas for increasing Twitter profits).
- The security community was quick to rally behind Zatko. Meanwhile, Twitter said it fired him for āineffective leadership and poor performanceā and that the report paints a āfalse narrative that is riddled with inconsistencies and inaccuracies, and presented without important context.āĀ Twitter has failed so far to address any of the specific claims Zatko made.
Roundup
š» We called the Galaxy Book 2 Pro an āultralight delightā in our new review. Check it out if youāre after a high-quality Windows ultrabook (Android Authority).
š¤¾āāļø Thereās a surprise Fitbit launch event coming today. The Google-owned company is bringing updates to its popular trackersĀ (Android Authority).
š“ The BlackBerry brand might be dead and buried, but the legend lives on. At least in film form. The BlackBerry movie has recently wrapped production (Engadget).
š² Ten million people have watched House of the Dragon on HBO ā are you one of them? Check your knowledge of the Game of Thrones universe in this quiz (Android Authority).
š¹ In the āwhat took them so long department,ā Sony announced an āultra customizableā version of its DualSense controller for the PS5 (PlayStation Blog).
š° The acer Chromebook Vero 514 is a cool rugged machine made of recycled materials. Itās no slouch eitherĀ (Android Authority).
š My wife was confused this morning by this Facebook bug that filled her timeline with updates from Arnold Schwarzenegger and the Red Hot Chili Peppers. Millions were affectedĀ (The Verge).
šøĀ A $1,200 phone was the most popular Android phone in North America in Q2 2022 (Android Authority).
šæ A new trailer is out for Rings of Power, Amazonās upcoming blockbuster show set in the Lord of the Rings universe (Ars Technica).
ā If youāre a Plex user, you need to change your password right awayĀ (Android Authority).
š° The Porsche 911 Sally Special was auctioned off for $3.6 million over the weekend. Itās a one-of-a-kind 911 GTS inspired by the Sally Carrera character in the movie Cars. All the money is going to charity! (CNET).
Wednesday Weirdness
Ever wondered how whales sleep? Apparently, sperm whales sleep vertically at about 15 meters deep, in pods of five or six animals. They just take a deep breath and enjoy naps of up to two hours.
Sperm whales are the size of a school bus, so youād expect this to be common knowledge. Amazingly, this behavior was only first documented in 2008, and the first good pictures showing a pod of sleeping sperm whales were taken in 2017 by French photographer Stephane Granzotto. You can see more in his portfolio here.
Chill with a pod of sleeping whales ā easily the most surreal experience on my bucket list.
Have a good one,
Bogdan Petrovan, Managing Editor.