But in a filing with the federal government that was first obtained by the Washington Post and CNN, Zatko alleges that Twitter has failed to adhere to a deal with the Federal Trade Commission to plug the cybersecurity holes that led to the hacks.
Zatko accused Twitter of failing to upgrade its server infrastructure, most of which he says is out of date — thus leaving it vulnerable to severe breaches.
He also said Twitter’s failure to safeguard the data of its 238 million users — among them government agencies, heads of state and defense officials — poses a national security risk.
Twitter often loses track of user data even when accounts are deleted, Zatko alleges — a violation of a pledge the company made to the FTC more than a decade ago.
Zatko describes a tense relationship with Twitter CEO Parag Agrawal, who is accused of discouraging the then-executive from giving the company board a full accounting of the site’s security flaws.
Instead, Zatko alleges, he was told to give a misleadingly glowing report to the board in order to deceive it into thinking the company was addressing its safety lapses while concealing the true scope of the problem.
If you found this story through Twitter, I apologize, but your entire identity has likely been stolen. At least that is what the former head of security, Mudge Zatko, is telling the Washington Post and CNN. This is one of those things that instinctually I know is bad, but my dumb brain can't quite wrap my brain around it. Like, yeah, I don't like the idea of hackers, people, companies, or the government knowing everything about my movement, internet activity, finances, and personality, but at the same time...I know they already do and I don't think I've been too victimized yet. Probably bought some things I didn't need like medieval steak knives, a portable air conditioner, and an indestructible chew toy for my dog that last about an hour before it was destroyed, but my life is still basically the same as it was before I started voluntarily or involuntarily giving away every spec on information about my life.
I do think it is interesting that it's the Washington Post and CNN teaming up to take down Parag Agrawal. It feels like those organizations have all worked together recently. Twitter, Bezos, and CNN feel like they're part of the smoke filled room that works together to push or kill narratives that don't suit them. They all were part of the group that freaked out when Elon was trying to buy Twitter.
Ultimately, the twitter deal with Elon fell apart because the twitter CEO refused to show real data about how many bots they have as users. Maybe Parag knew that the bots thing was just the tip of the iceberg and didn't want further evidence pointing towards his corruption or incompetence. Like..."hey head of cyber security...how abou you just lie to the board about how things really are".
That feels like something the board should be pissed about. And if Parag doesn't give a fuck about cyber security, then maybe he is a little lax with his own and maybe some of the dark truths about twitter will come out in discovery has he goes through multiple court battles at the same time.
As for the claim that twitter is a threat to democracy and national security...uhhh NO SHIT. Anyone who has used the app since 2016 will tell you that. I still love twitter. It is my most used app by a wide margin. I find it to generally be a good time on the internet with a dash of mutants that say things that make me want to commit felonies. But then I simply hit the mute button and go on debating and arguing with the people who seem to have genuine differing opinions than mine and it's fun. Good way to generally stay connected to the world.
I would love to live in a world where twitter gets gutted and remodeled to make the discourse more like real life and kind of how it was in like 2014. That was a pretty good time on twitter. Let's get back there.