Twitter would still have security flaws after the takeover by Elon Musk

Twitter would still have security flaws after the takeover by Elon Musk

Twitter’s security issues are far from over. According to a former employee of the social network quoted in a complaint filed in October, the platform did not fix its security problems, even after promising to do so following a major incident in 2020. That year, teenagers have hacked into the accounts of politicians, celebrities and other high-profile figures, including former President Barack Obama and billionaire Elon Musk, to spread a cryptocurrency scam. Twitter has
assured that it had restricted access to its internal systems and tools while it investigated the attack.

The whistleblower, a former Twitter engineer, worries about an internal program that allows employees to tweet under any account. A Twitter employee estimated that around 4,000 employees had access to this program, formerly known as “GodMode”. The existence of this program shows that ”
Twitter’s public statements to users and investors were false and/or misleading
Says the anonymous witness quoted in the complaint. The nonprofit law firm Whistleblower Aid filed the complaint with the Federal Trade Commission (FTC) and the US Department of Justice.

A “GodMode” program for Twitter employees

The Washington Post, which interviewed this ex-Twitter engineer, has already reported on these allegations. The person, who requested anonymity for harassment and security reasons, told the Daily that Twitter created the “GodMode” program so employees could tweet for certain advertisers. Twitter engineers reportedly renamed the program “privileged mode” following internal backlash. This witness reportedly told Congress and the FTC that Twitter engineers could still access this program. He also filed another complaint in September with the FTC and the US Department of Justice, raising similar concerns about employee access to Twitter accounts. In that complaint, another Twitter engineer revealed that they discovered in 2020 that employees could tweet under any account and raised the same issue two years later.

Before Elon Musk struck a deal to buy Twitter for $44 billion late last year, the social network’s former security chief Peiter Zatko exposed several security issues within the company. , including the fact that employees had too much access to user data. Twitter fired him. In his complaint, Peiter Zatko accuses Twitter of violating an agreement reached 11 years ago with the FTC. The social network claimed that its allegations were “
riddled with inconsistencies and inaccuracies and lacked important context
“. Whistleblower Aid also represents Peiter Zatko. After the Elon Musk takeover, the company halved its workforce, disbanded its Trust and Safety committee and made other sweeping changes that raised questions about Twitter’s ability to handle security and safety issues. content moderation.

The FTC declined to comment on the latest complaint filed by the whistleblower. The latter also met with the Senate Judiciary Committee and the Energy and Commerce Committee of the House of Representatives, reports the Washington Post.

This week, Jan Schakowsky, the elected Democrat of Illinois, declared herself
particularly concerned about Twitter user data, as well as the potential impact of debts Elon Musk owes to foreign powers
“, adding that the testimony of the whistleblower ”
highlights the fact that technology companies regularly fail to protect the security and privacy of consumer data
“. She urged Congress and regulators to pass legislation to help better secure consumer data. article adapted by CNETFrance

Image: James Martin/CNET