Twitter Whistleblower’s Senate Testimony: 4 Key Revelations 

Twitter Whistleblower’s Senate Testimony: 4 Key Revelations

Twitter Whistleblower’s Senate Testimony: 4 Key Revelations.  

  • Zatko recently testified before the Senate about Twitter’s issues and here are 4 key mindblowing revelations you should know.
Twitter Whistleblower’s Senate Testimony: 4 Key Revelations
Peiter Zatko | Photo credit: Wikipedia

Peiter Zatko filed an explosive whistleblower complaint against Twitter in July, in which he alleged that Twitter failed to protect user data, refused to address warnings when raised with executives, and lied about its security issues.

Peiter C. Zatko, better known as Mudge, is a network security expert, open source programmer, writer, and hacker. He was the most prominent member of the high-profile hacker think tank, the L0pht as well as the computer and culture hacking cooperative, the Cult of the Dead Cow.

Zatko was hired as Twitter’s security head before being fired in January by new CEO Parag Agrawal.

Zatko recently testified before the Senate about Twitter’s issues and here are 4 key mindblowing revelations you should know about the social media microblogging platform as compiled by Breitbart News.

1.  Zatko claims 4,000 Twitter employees have access to users’ personal info

Sen. Josh Hawley (R-MO) questioned Zatko on the access that Twitter employees have to user data, asking:

“I want to make sure I got this straight. You’ve stated today and in your report that about 4,000 Twitter employees are classified as engineers. Is that right?”

Zatko confirmed that around half of Twitter’s 7,000 employees at the time were classified as engineers, to which Hawley responded: “Got it. And that means that these 4,000-ish employees would have had access to live user data all over Twitter. They could access individual users’ personal information, including their live data. Have I got that right?”

Zatko responded: “Yes, sir. They would have access to the production environment. If they spent the time to meander around and look around, they would find that they could access these large flows of data.

Hawley asked:

“including geolocation data, did you testify to that earlier today?”

Zatko said: “I know that Twitter has IP locations and that they do use geolocation services based upon IP addresses.”

Hawley remarked:

“Wow, 4,000 employees with access to that data. That’s extraordinary. So those employees would be in a position than if they wanted to, to get this information and docs Twitter users. Is that fair to say?”

Zatko responded: “That is a concern of mine, sir, yes.”

Watch the full exchange below:

2. Indian government agents may be working at Twitter

Sen. Dianne Feinstein (D-CA) asked Zatko:

“So, can you describe the types of efforts you’ve seen by foreign governments to infiltrate control, exploit, or surveil Twitter and its users and share what steps Twitter and regulators should have taken to protect against these attacks.”

To which Zatko responded: “Yes, ma’am. Thank you. One of the disturbing things that I saw based upon being 10 years behind where I would expect a modern tech company to be was a lack of an ability to internally look for and identify inappropriate access within their own systems.”

He added: “Other than the person who I believed with high confidence to be a foreign agent placed in a position from India,  it was only going to be from an outside agency or somebody alerting Twitter that somebody already existed, that they would find the person what I did notice when we did know of a person inside acting on behalf of a foreign interest as an unregistered agent.”

READ ALSO: Saudi Woman Sentenced to 34 Years in Prison for Twitter Activity

Zatko stated that Twitter was unable to keep track of possible foreign agents, stating: “They simply lacked the fundamental abilities to hunt for foreign intelligence agencies and expel them on their own.”

Watch the full clip below:

3. Twitter employees can access a user’s phone number, address, and the location at any time

Zatko revealed just how much information Twitter can collect on its users, and it appears to be much more than was previously understood.

Zatko told the story of a Twitter executive that was being harassed by a Twitter user and requested extra information on the potential harasser. Zatko stated:

A user on Twitter was harassing some members of the executive team and some members of the board. And as an example, this person, the CTO came to me and said Mudge [Zatko’s hacker handle], you know, is this a real viable threat? Do I need to be worried? You know, who is this person? And it took me maybe 30 minutes to reach out to an employee and say, what do we know about this person?

And then it only took that person, maybe 10 minutes to get back to me and say, here’s who they are. This is the address where they live. This is where they are physically at this moment. They’re on their phone. We know their phone number. We also know all of the other accounts that they’ve tried to set up on the system and hide, and we know who they are on the other social media platforms as well.

Watch the full clip below:

4. Twitter employees can tweet from any Twitter account

When asked about his previous statements that Twitter engineers could tweet as anybody, Zatko stated: “That meant a Twitter engineer understanding how the running systems and the data flows were operating, could then access and inject or put forward information. As I mentioned in my oral statement as any of the senators sitting here today.”

Senator Hawley asked Zatko if he had ever seen this happen in practice, to which he responded: “No, not directly.” He was asked if he had any reason to believe it has ever happened, to which he responded:

The number of cases that were reported to me by individual engineers saying, “Hey, we found this, I’m gonna try and have somebody fix it,” where that was the exact problem and we wouldn’t know if it had happened in the past, yes, I am concerned.

Watch the full clip below:


About Author
Get Local and International News, Entertainment, Scholarships, and other updates daily from Nigeria and around the world.

Be the first to comment

Leave a Reply

Your email address will not be published.