Twitter has Security Flaws and Elon is Being Lied to, Claims the Whistleblower

The whistleblower's allegations point toward laxity in following security protocols in general and bot proliferation in particular

Even as the controversy over the takeover has not ended, Twitter, with millions of users is grappling with another controversy with its former employee lifting off the metaphorical lid. In an unexpected turn, Twitter former employee Peiter Zatko revealed how Twitter has kept its misdemeanor undercover for a long period. In his exhaustive 200-page report sent to US lawmakers and regulators, was accessed exclusively by CNN and Washington Post yesterday. His main contention was, that the majority of users on Twitter are bots, a fact the Twitter CEO is trying to justify with wrong statistics to evade public scrutiny. Now that Elon Musk's case of Twitter takeover goes for trial in October, his revelations gain more weight, particularly supporting Elon Musk's argument alleging the presence of a large number of bots. Initially, though Elon expressed his confidence in defeating the boats, he made it the main line of argument in the upcoming $44billion Twitter takeover case. Clearly, if the whistle blower's report proves to be true, it would hold Twitter accountable for playing around with lies about its real-time users and more importantly about its lax security policies. Even though Twitter argues Elon has found an excuse in bots, to get out of the deal, merger experts say that Twitter has a stronger legal case because its financial commitments for the deal are still intact and have no issues coming in the way of regulatory approval.

Who is Peiter Zatko?

Peter is a cybersecurity expert who had quite an illustrious career in information security with stops at companies like Google, Pentagon, and Stripe, was hired by Jack Dorsey, as information security lead at Twitter after a hoard of security attacks on its high-profile accounts. He was fired by Twitter in January 2022 by Twitter CEO Parag Aggarwal for "poor performance and ineffective leadership." As per the Guardian report, he was fired after he began documenting Twitter's security violations. "What we've seen so far is a false narrative about Twitter and our privacy and data security practices that are riddled with inconsistencies and inaccuracies and lack important context. Mr. Zatko's allegations and opportunistic timing appear designed to capture attention and inflict harm on Twitter, its customers, and its shareholders. Security and privacy have long been company-wide priorities at Twitter and will continue to be," Twitter said in reply.

Beyond the 'bots'

Bots seem to be only a part of the problem with the wider concern being Twitter's lack of transparency and accountability. Zatko claims Twitter grossly violated the FTC consent order that requires implementing security protocols. Twitter's intentional negligence, Zatko claims, has put it at risk of a series of security breaches, one among being responsible for Zatko's appointment. He alleged, that Twitter asked users for their data on the pretext of security reasons and used it to target ads back to them, an offense under the FTC consent order that cost Twitter around $150 million. On a serious note, he mentions in the report, how Twitter planted a few agents from the Indian Government and foreign agencies as employees. He says Twitter executives knew that many of its employees had access to user information but never took action. It is not the first time Twitter has been accused of infiltration. Earlier, a Saudi Arabian national was convicted of infiltrating Twitter and spying on Twitter users, at the behest of one of the advisors of crown prince Mohammed bin Salman. Coming down on the operational efficiency of Twitter, he accused the company's executives of showing slackness in fixing security issues and taking proactive preventive steps. Targeting the current CEO Parag Agarwal, he said Twitter is under the control of the worst leader ever and he mentions good enough reasons for saying so. As a Twitter employee, he says he knows few Twitter executives proposing disabling a mechanism that detects potential spam accounts and "intentionally and knowingly deprioritizes" the platform's health only to focus on the mDAU (monetizable daily active Twitter users) metric – a metric purportedly designed to avert the honest questions raised by Elon Musk. Now that Zatko is summoned for the yet-to-begin Musk-Twitter trial, it is to be seen how far Zatko's allegations would justify Elon Musk's apprehensions.