Twitter accused of manipulation by its ex-security chief
The former security chief of Twitter has accused the social network of hiding vulnerabilities in its protection system and lying about its fight against fake accounts, at the heart of a legal dispute between him and Elon Musk.
In an 84-page document sent last month to the United States Department of Justice as well as the country’s stock market regulator and competition authority, revealed on Tuesday by the Washington Post and CNN, Peiter Zatko denounces » serious and shocking failings, willful ignorance and threats to national security and democracy ».
Twitter, for its part, assures that security and data protection are among its priorities and affirms, in a message sent to AFP, that the complaint is « riddled with inconsistencies and inaccuracies ».
The company also accuses its former manager of opportunism aimed at « harming Twitter, its customers and its shareholders ».
Mr. Zatko, who presents himself as a whistleblower, mentions in his document obsolete servers, software vulnerable to computer attacks and claims that Twitter executives have sought to hide the number of hacking attempts from US authorities as well as to the members of the Board of Directors.
These shortcomings, says the former official, have made the social network particularly exposed to cyberattacks from foreign state actors who want to jeopardize American national security.
Zatko also says the company has consistently prioritized growing its user base over fighting spam and bots.
He thus qualifies as a lie a tweet published in May by the boss of the platform, Parag Agrawal, in which the leader assured that Twitter was doing everything to detect and remove spam as quickly as possible.
The issue of fake accounts is at the heart of the legal battle between Twitter and Elon Musk, the billionaire having repeatedly accused the company of minimizing the proportion of fake accounts and spam, estimated at 5% by the platform.
Mr. Musk is counting on this argument to justify the abandonment, in early July, of his plan to buy Twitter for $44 billion and avoid paying severance pay.
“We have already subpoenaed Mr. Zatko and we find his dismissal and that of other key employees strange in light of what we have discovered,” said Alex Spiro, one of Mr. Musk’s lawyers, in a statement. an email to AFP.
The entrepreneur for his part reacted by posting, on Twitter, a drawing of the cartoon character Jimini Cricket whistling, an allusion to the English word designating whistleblowers.
– Former hacker –
Mr Zatko was fired in January, due to « ineffective leadership and poor performance », according to a Twitter spokesperson.
Former hacker known by the nickname « Mudge », he was hired at the end of 2020 by the co-founder and ex-boss of Twitter, Jack Dorsey, after the hacking of the accounts of many personalities (Joe Biden, Barack Obama, Elon Musk, Jeff Bezos, Kim Kardashian, etc.).
He is represented in his proceedings by the association for the protection of whistleblowers, Whistleblower Aid, which has already defended Frances Haugen, a former computer scientist from Facebook whose revelations had tarnished the reputation of the social network giant last fall. .
« It took the courage of a high-ranking whistleblower with an impeccable reputation on issues of ethics and integrity for government agencies and the public to learn the truth, » said Libby Liu, director of Whistleblower Aid, in a statement.
According to the Washington Post and CNN, the US Senate Intelligence Committee wants to speak with Mr. Zatko to discuss his charges.
The upper house judiciary committee has also expressed interest.
Its chairman, Dick Durbin, said « the whistleblower’s allegations of widespread security breaches at Twitter, deliberate misrepresentations by senior executives to government agencies, and infiltration of the company by foreign intelligence sources raise serious concerns ».
“If these accusations are true, they may raise fears of data protection and security risks for Twitter users around the world,” added the elected Democrat in a press release.
dho/jum/eb
