Twitter’s former head of security alleged that the company misled regulators about its poor cybersecurity defenses and its negligence in attempting to root out fake accounts that spread disinformation, according to a whistleblower complaint filed with US officials.
The revelation could create serious legal and financial problems for the social media platform, which is currently attempting to force Tesla CEO Elon Musk to consummate his $44 billion offer to buy the company. Several members of Congress on Tuesday called on regulators to investigate the claims.
Peiter Zatko, who served as Twitter’s security chief until he was fired early this year, filed the complaints last month with the US Securities and Exchange Commission, the Federal Trade Commission and the Department of Justice. The legal nonprofit Whistleblower Aid, which is working with Zatko, confirmed the authenticity of a redacted copy of the complaint posted online by the Washington Post.
“This was a last resort for him,” said John Tye, the group’s co-founder and chief disclosure officer, in an interview Tuesday. He said Zatko exhausted all attempts to get his concerns resolved inside the company before his firing in January.
Among Zatko’s most serious accusations is that Twitter violated the terms of a 2011 FTC settlement by falsely claiming that it had put stronger measures in place to protect the security and privacy of its users. Zatko also accuses the company of deceptions involving its handling of “spam” or fake accounts, an allegation that is at the core of Musk’s attempt to back out of the Twitter takeover.
Better known by his hacker handle “Mudge,” Zatko is a highly respected cybersecurity expert who first gained prominence in the 1990s and later worked in senior positions at the Pentagon’s Defense Advanced Research Agency and Google.
He joined Twitter at the urging of then-CEO Jack Dorsey in late 2020, the same year the company suffered an embarrassing security breach involving hackers who broke into the Twitter accounts of world leaders, celebrities and tech moguls, including Musk, in an attempt to scam their followers out of bitcoin.
Twitter said in a prepared statement Tuesday that Zatko was fired for “ineffective leadership and poor performance” and said the “allegations and opportunistic timing appear designed to capture attention and inflict harm on Twitter, its customers and its shareholders.” The company called his complaint “a false narrative” that is “riddled with inconsistencies and inaccuracies and lacks important context.”
Zatko’s attorneys, Debra Katz and Alexis Ronickher, said Twitter’s claim about his poor performance is false and that he repeatedly raised concerns about “grossly inadequate information security systems” with top executives and Twitter’s board of directors. The lawyers said that in late 2021, after the board was given “whitewashed” information about those security problems, Zatko escalated his concerns, “clashed” with CEO Parag Agrawal and board member Omid Kordestani and was fired two weeks later.
The 84-page complaint describes a broken corporate culture at Twitter that lacked effective leadership and where Zatko said top executives practiced “deliberate ignorance” of pressing problems. His description of Dorsey’s leadership style is particularly scathing; he described the Twitter founder as “extremely disengaged” during the last months of his tenure as CEO to the point where he would not even speak during meetings on complex issues facing the company.
Zatko said he heard from colleagues that Dorsey would remain silent for “days or weeks.” Dorsey announced he was stepping down as Twitter CEO in November 2021.
The disclosure says Twitter offered no monetary incentives for improving security and platform integrity, although the company did offer $10 million bonuses last year for top executives who could generate short-term user growth.
Among Zatko’s accusations of cybersecurity malpractice: Software and security updates were disabled on more than a third of employees’ computers — unduly exposing them to malware — and it was common for people to install “whatever software they wanted on their work systems.” Such lapses are typically considered cardinal sins in cybersecurity.
Whistleblower Aid said it is legally precluded from sharing Zatko’s statement. The same group worked with former Facebook employee Frances Haugen, who testified to Congress last year after leaking internal documents and accusing the social media giant of choosing profit over safety.
“I wouldn’t say he’s happy about having to become a whistleblower, but he’s resolute in his decision,” Tye said. “And committed to getting to the bottom of this.”
Among the most alarming complaints is Zatko’s allegation that Twitter knowingly allowed the Indian government to place its agents on the company payroll where they had “direct unsupervised access to the company’s systems and user data.”
A 2011 FTC complaint noted that Twitter’s systems were full of highly sensitive data that could allow a hostile government to find precise location data for specific users and target them for violence or arrest. Earlier this month, a former Twitter employee was found guilty after a trial in California of passing along sensitive Twitter user data to royal family members in Saudi Arabia in exchange for bribes.
The complaint said Twitter was also heavily reliant on funding by Chinese entities and that there were concerns within Twitter that the company was providing information to those entities that would enable them to learn the identify and sensitive information of Chinese users who secretly use Twitter, which is officially banned in China.
Zatko also describes willful ignorance by Twitter executives on counting the millions of accounts that are automated “spam bots” or otherwise have no value to advertisers because there is no person behind them. Zatko cited a “damning” 2021 outside report that found Twitter’s tools for tackling bots were neither sufficiently automated or sophisticated and instead relied on humans “not adequately staffed or resourced, to address the misinformation and disinformation problem.”
Alex Spiro, an attorney representing Musk in his effort to back out of his Twitter acquisition deal, said lawyers have issued a subpoena for Zatko. “We found his exit and that of other key employees curious in light of what we have been finding,” Spiro wrote in an email Tuesday. Spiro said Zatko and Musk have not been in contact at any time this year.
Tye said “he’s never met Elon Musk. Doesn’t know Elon Musk. They know people in common.” Asked if mutual friends could have shared information about Twitter’s bot problems with Musk, Tye said Zatko “has not communicated with any other party about his disclosures” since filing the complaints in July.
Whistleblower accuses Twitter of cybersecurity negligence
https://arab.news/25yzz
Whistleblower accuses Twitter of cybersecurity negligence
- Peiter Zatko served as Twitter’s security chief until he was fired early this year
- Better known by his hacker handle ‘Mudge,’ Zatko is a highly respected cybersecurity expert
EU bans 4 more Russian media outlets from broadcasting in the bloc, citing disinformation
- The EU has already suspended Russia Today and Sputnik among several other outlets since February 2022
BRUSSELS: The European Union on Friday banned four more Russian media outlets from broadcasting in the 27-nation bloc for what it calls the spread of propaganda about the invasion of Ukraine and disinformation as the EU heads into parliamentary elections in three weeks.
The latest batch of broadcasters consists of Voice of Europe, RIA Novosti, Izvestia and Rossiyskaya Gazeta, which the EU claims are all under control of the Kremlin. It said in a statement that the four are in particular targeting “European political parties, especially during election periods.”
Belgium already last month opened an investigation into suspected Russian interference in June’s Europe-wide elections, saying its country’s intelligence service has confirmed the existence of a network trying to undermine support for Ukraine.
The Czech government has imposed sanctions on a number of people after a pro-Russian influence operation was uncovered there. They are alleged to have approached members of the European Parliament and offered them money to promote Russian propaganda.
Since the war started in February 2022, the EU has already suspended Russia Today and Sputnik among several other outlets.
Israeli soldiers post abusive videos despite army’s pledge to act: BBC analysis
- The BBC analyzed 45 photos and videos posted online by Israeli soldiers that showed Palestinian prisoners in the West Bank being abused and humiliated
LONDON: Israeli soldiers continue to post videos of abuse against Palestinian detainees despite a military pledge to take action against the perpetrators, analysis by the BBC has found.
The broadcaster said it had analyzed 45 photos and videos posted online by Israeli soldiers that showed Palestinian prisoners in the West Bank being abused and humiliated. Some were draped in Israeli flags.
Experts say the footage and images, which showed Palestinians being stripped, beaten and blindfolded, could breach international law and amount to a war crime.
The Israel Defense Forces said some soldiers had been disciplined or suspended for “unacceptable behavior” but did not comment on the individual cases identified by the BBC.
The most recent investigation into social media misconduct by Israeli soldiers follows a previous inquiry in which BBC Verify confirmed Israeli soldiers had filmed Gazan detainees while beating them and then posted the material on social platforms.
The Israeli military has carried out arbitrary arrests across Gaza and the West Bank, including East Jerusalem, since the Hamas attack on Oct. 7. The number of Palestinian prisoners in the West Bank has since risen to more than 7,060 according to the Commission of Detainees’ Affairs and the Palestinian Prisoner Society.
Ori Givati, spokesperson for Breaking the Silence, a non-governmental organization for Israeli veterans working to expose wrongdoing in the IDF, told the BBC he was “far from shocked” to hear the misconduct was ongoing.
Blaming “current far-right political rhetoric in the country” for further encouraging the abuse, he added: “There are no repercussions. They [Israeli soldiers] get encouraged and supported by the highest ministers of the government.”
He said this played into a mindset already subscribed to by the military: “The culture in the military, when it comes to Palestinians, is that they are only targets. They are not human beings. This is how the military teaches you to behave.”
The BBC’s analysis found that the videos and photos it examined were posted by 11 soldiers of the Kfir Brigade, the largest infantry brigade in the IDF. None of them hid their identity.
The IDF did not respond when the BBC asked about the actions of the individual soldiers and whether they had been disciplined.
The BBC also attempted to contact the soldiers on social media. The organization was blocked by one, while none of the others responded.
Mark Ellis, executive director of the International Bar Association, urged an investigation into the incidents shown in the footage and called for the IDF to discipline those involved.
In response to the BBC’s investigation, the IDF said: “The IDF holds its soldiers to a professional standard … and investigates when behavior is not in line with the IDF’s values. In the event of unacceptable behavior, soldiers were disciplined and even suspended from reserve duty.
“Additionally, soldiers are instructed to avoid uploading footage of operational activities to social media networks.”
However, it did not acknowledge its pledge to act on BBC Verify’s earlier findings in Gaza, according to the broadcaster.
4 journalists killed in Gaza as death toll climbs above 100
- 104 Palestinian media workers reported dead, along with 3 Lebanese and 2 Israelis
LONDON: The Gaza Media Authority on Thursday said that four journalists had been killed in an Israeli airstrike, bringing the total number of journalists killed in the conflict to more than 100.
The victims were identified as Hail Al-Najjar, a video editor at the Al-Aqsa Media Network; Mahmoud Jahjouh, a photojournalist at the Palestine Post website; Moath Mustafa Al-Ghefari, a photojournalist at the Kanaan Land website and Palestinian Media Foundation; and Amina Mahmoud Hameed, a program presenter and editor at several media outlets, according to the Anadolu Agency.
The Gaza Media Office said the four were killed in an Israeli airstrike, but did not provide additional details on the circumstances surrounding their deaths.
A total of 104 Palestinian journalists have been killed since the conflict began on Oct. 7. Two Israeli and three Lebanese media workers also have been killed.
The latest loss adds to the already heavy toll on media workers, with the Committee to Protect Journalists saying the Gaza conflict is the deadliest for journalists and media workers since it began keeping records.
Israel is continuing its offensive on Gaza despite a UN Security Council resolution demanding an immediate ceasefire.
On Thursday, South Africa, which has brought a case accusing Israel of genocide to the International Court of Justice, urged the court to order Israel to halt its assault on Rafah.
According to Gaza medical authorities, more than 35,200 Palestinians have been killed, mostly women and children, and over 79,200 have been injured since early October when Israel launched its offensive following an attack by Hamas.
Russia outlaws SOTA opposition news outlet
- Authorities said outlet tries to destabilize the socio-political situation in Russia
- Move could criminalize SOTA content and puts its reporters at risk of arrest
LONDON: Russia declared opposition media outlet SOTA “undesirable” on Thursday, a move that could criminalize the sharing of its content and put its reporters at risk of arrest.
Authorities in Russia have declared dozens of news outlets, think tanks and non-profit organizations “undesirable” since 2015, a label rights groups say is designed to deter dissent.
In a statement, Russia’s Prosecutor General accused SOTA of “frank attempts to destabilize the socio-political situation in Russia” and “create tension and irritation in society.”
“Such activities, obviously encouraged by so-called Western inspirers, have the goal of undermining the spiritual and moral foundations of Russian society,” it said.
It also accused SOTA of co-operating with TV Rain and The Insider, two other independent Russian-language outlets based outside of the country that are linked to the opposition.
SOTA Project, which covers opposition protests and has been fiercely critical of the Kremlin, denied it had anything to do with TV Rain and The Insider and rejected the claims.
But it advised its followers in Russia to “remove reposts and links” to its materials to avoid the risk of prosecution. SOTA’s Telegram channel has around 137,000 subscribers.
“Law enforcement and courts consider publishing online to be a continuing offense. This means that you can be prosecuted for reposts from 2023, 2022, 2021,” it said.
SOTA Project was born out of a split with a separate news outlet called SOTAvision, which still covers the opposition but distanced itself from the prosecutors’ ruling on Thursday.
Since launching its offensive in Ukraine, Moscow has waged an unprecedented crackdown on dissent that rights groups have likened to Soviet-era mass repression.
Among other organizations labelled as “undesirable” in Russia are the World Wildlife Fund, Greenpeace, Transparency International and Radio Free Europe/Radio Liberty.
OpenAI strikes deal to bring Reddit content to ChatGPT
- Deal underscores Reddit’s attempt to diversify beyond its advertising business
- Content will be used to train AI models
LONDON: Reddit has partnered with OpenAI to bring its content to popular chatbot ChatGPT, the companies said on Thursday, sending the social media platform’s shares up 12 percent in extended trade.
The deal underscores Reddit’s attempt to diversify beyond its advertising business, and follows its recent partnership with Alphabet to make its content available for training Google’s AI models.
ChatGPT and other OpenAI products will use Reddit’s application programming interface, the means by which Reddit distributes its content, following the new partnership.
OpenAI will also become a Reddit advertising partner, the company said.
Ahead of Reddit’s March IPO, Reuters reported that Reddit struck its deal with Alphabet, worth about $60 million per year.
Investors view selling its data to train AI models as a key source of revenue beyond Reddit’s advertising business.
The social media company earlier this month reported strong revenue growth and improving profitability in the first earnings since its market debut, indicating that its Google deal and its push to grow its ads business were paying off.
Reddit’s shares rose 10.5 percent to $62.31 after the bell. As of Wednesday’s close, the stock is up nearly 12 percent since its market debut in March.
