Whistleblower accuses Twitter of cybersecurity negligence

Whistleblower accuses Twitter of cybersecurity negligence
Peiter Zatk, Twitter’s former head of security, describes willful ignorance by the company’s executives on counting the millions of accounts that are automated ‘spam bots’. (AP)
Short Url
Updated 24 August 2022

Whistleblower accuses Twitter of cybersecurity negligence

Whistleblower accuses Twitter of cybersecurity negligence
  • Peiter Zatko served as Twitter’s security chief until he was fired early this year
  • Better known by his hacker handle ‘Mudge,’ Zatko is a highly respected cybersecurity expert

Twitter’s former head of security alleged that the company misled regulators about its poor cybersecurity defenses and its negligence in attempting to root out fake accounts that spread disinformation, according to a whistleblower complaint filed with US officials.
The revelation could create serious legal and financial problems for the social media platform, which is currently attempting to force Tesla CEO Elon Musk to consummate his $44 billion offer to buy the company. Several members of Congress on Tuesday called on regulators to investigate the claims.
Peiter Zatko, who served as Twitter’s security chief until he was fired early this year, filed the complaints last month with the US Securities and Exchange Commission, the Federal Trade Commission and the Department of Justice. The legal nonprofit Whistleblower Aid, which is working with Zatko, confirmed the authenticity of a redacted copy of the complaint posted online by the Washington Post.
“This was a last resort for him,” said John Tye, the group’s co-founder and chief disclosure officer, in an interview Tuesday. He said Zatko exhausted all attempts to get his concerns resolved inside the company before his firing in January.
Among Zatko’s most serious accusations is that Twitter violated the terms of a 2011 FTC settlement by falsely claiming that it had put stronger measures in place to protect the security and privacy of its users. Zatko also accuses the company of deceptions involving its handling of “spam” or fake accounts, an allegation that is at the core of Musk’s attempt to back out of the Twitter takeover.
Better known by his hacker handle “Mudge,” Zatko is a highly respected cybersecurity expert who first gained prominence in the 1990s and later worked in senior positions at the Pentagon’s Defense Advanced Research Agency and Google.
He joined Twitter at the urging of then-CEO Jack Dorsey in late 2020, the same year the company suffered an embarrassing security breach involving hackers who broke into the Twitter accounts of world leaders, celebrities and tech moguls, including Musk, in an attempt to scam their followers out of bitcoin.
Twitter said in a prepared statement Tuesday that Zatko was fired for “ineffective leadership and poor performance” and said the “allegations and opportunistic timing appear designed to capture attention and inflict harm on Twitter, its customers and its shareholders.” The company called his complaint “a false narrative” that is “riddled with inconsistencies and inaccuracies and lacks important context.”
Zatko’s attorneys, Debra Katz and Alexis Ronickher, said Twitter’s claim about his poor performance is false and that he repeatedly raised concerns about “grossly inadequate information security systems” with top executives and Twitter’s board of directors. The lawyers said that in late 2021, after the board was given “whitewashed” information about those security problems, Zatko escalated his concerns, “clashed” with CEO Parag Agrawal and board member Omid Kordestani and was fired two weeks later.
The 84-page complaint describes a broken corporate culture at Twitter that lacked effective leadership and where Zatko said top executives practiced “deliberate ignorance” of pressing problems. His description of Dorsey’s leadership style is particularly scathing; he described the Twitter founder as “extremely disengaged” during the last months of his tenure as CEO to the point where he would not even speak during meetings on complex issues facing the company.
Zatko said he heard from colleagues that Dorsey would remain silent for “days or weeks.” Dorsey announced he was stepping down as Twitter CEO in November 2021.
The disclosure says Twitter offered no monetary incentives for improving security and platform integrity, although the company did offer $10 million bonuses last year for top executives who could generate short-term user growth.
Among Zatko’s accusations of cybersecurity malpractice: Software and security updates were disabled on more than a third of employees’ computers — unduly exposing them to malware — and it was common for people to install “whatever software they wanted on their work systems.” Such lapses are typically considered cardinal sins in cybersecurity.
Whistleblower Aid said it is legally precluded from sharing Zatko’s statement. The same group worked with former Facebook employee Frances Haugen, who testified to Congress last year after leaking internal documents and accusing the social media giant of choosing profit over safety.
“I wouldn’t say he’s happy about having to become a whistleblower, but he’s resolute in his decision,” Tye said. “And committed to getting to the bottom of this.”
Among the most alarming complaints is Zatko’s allegation that Twitter knowingly allowed the Indian government to place its agents on the company payroll where they had “direct unsupervised access to the company’s systems and user data.”
A 2011 FTC complaint noted that Twitter’s systems were full of highly sensitive data that could allow a hostile government to find precise location data for specific users and target them for violence or arrest. Earlier this month, a former Twitter employee was found guilty after a trial in California of passing along sensitive Twitter user data to royal family members in Saudi Arabia in exchange for bribes.
The complaint said Twitter was also heavily reliant on funding by Chinese entities and that there were concerns within Twitter that the company was providing information to those entities that would enable them to learn the identify and sensitive information of Chinese users who secretly use Twitter, which is officially banned in China.
Zatko also describes willful ignorance by Twitter executives on counting the millions of accounts that are automated “spam bots” or otherwise have no value to advertisers because there is no person behind them. Zatko cited a “damning” 2021 outside report that found Twitter’s tools for tackling bots were neither sufficiently automated or sophisticated and instead relied on humans “not adequately staffed or resourced, to address the misinformation and disinformation problem.”
Alex Spiro, an attorney representing Musk in his effort to back out of his Twitter acquisition deal, said lawyers have issued a subpoena for Zatko. “We found his exit and that of other key employees curious in light of what we have been finding,” Spiro wrote in an email Tuesday. Spiro said Zatko and Musk have not been in contact at any time this year.
Tye said “he’s never met Elon Musk. Doesn’t know Elon Musk. They know people in common.” Asked if mutual friends could have shared information about Twitter’s bot problems with Musk, Tye said Zatko “has not communicated with any other party about his disclosures” since filing the complaints in July.


Peter Smith to depart from MBC Studios

Peter Smith to depart from MBC Studios
Updated 30 January 2023

Peter Smith to depart from MBC Studios

Peter Smith to depart from MBC Studios
  • Smith will stay as adviser to the group

LONDON: Peter Smith, the managing director of MBC Studio, is stepping down from his role, the company announced.

“Peter Smith is stepping aside as managing director of MBC Studios,” said MBC CEO Sam Barnett.

“Pete has made invaluable contributions to the growth of MBC Studios during his four-year tenure, leading the production of numerous flagships, including ‘Rashash,’ ‘Rise of the Witches,’ ‘The Devil’s Promise,’ ‘Slave Market,’ and the launch of MBC’s slate of long-running dramas including ‘Al Mirath’ and ‘West Al Balad.’ 

“On behalf of the group, I would like to express my gratitude to Pete for his hard work and dedication during his tenure.”

The veteran TV executive is stepping down from the role after four successful years during which he assisted in the launch of the production arm of the free-to-air network MBC.

Over this time, the former president of NBCUniversal supervised an expansion in production activity as the company ramped up its investment in Saudi Arabia as part of the Kingdom’s ongoing attempt to support the growth of its film and media industry.

In a statement, Barnett said Smith will continue to act as an adviser to the group, particularly on the production of “Desert Warrior” and the distribution of premium content.

Smith’s successor has not been named yet, but the company said the new managing director will be announced “in due course, in coming days.”

The news comes a few days after the leading media and entertainment group in the Middle East and North Africa region announced a new partnership with next-gen platform Vice Media, which will see the American-Canadian company creating Arabic content exclusively for MBC Group.


Facebook seeks to block $3.7 bln UK mass action over market dominance

Facebook seeks to block $3.7 bln UK mass action over market dominance
Updated 30 January 2023

Facebook seeks to block $3.7 bln UK mass action over market dominance

Facebook seeks to block $3.7 bln UK mass action over market dominance
  • Tech giant claims lawsuit is “entirely without merit,” ignore added “economic value”

LONDON: Facebook on Monday asked a London tribunal to block a collective lawsuit valued at up to 3 billion pounds ($3.7 billion) over allegations the social media giant abused its dominant position to monetise users’ personal data.
Meta Platforms Inc, the parent company of the Facebook group, is facing a mass action brought on behalf of around 45 million Facebook users in Britain.
Legal academic Liza Lovdahl Gormsen, who is bringing the case, said Facebook users were not properly compensated for the value of personal data that they had to provide to use the platform.
Her lawyers said users should get compensation for the economic value they would have received if Facebook was not in a dominant position in the market for social networks.
But Meta said the lawsuit was “entirely without merit” and should not be allowed to proceed. Its lawyers said the claimed losses ignore the “economic value” Facebook provides.
Lovdahl Gormsen’s lawyers on Monday asked the Competition Appeal Tribunal to certify the case under the UK’s collective proceedings regime – which is roughly equivalent to the class action regime in the United States.
A decision to certify collective proceedings will depend on whether the tribunal decides that the individual cases can appropriately be dealt with together, rather than on their merits.
Ronit Kreisberger, representing Lovdahl Gormsen, told the tribunal that “Meta’s data practices violate the prohibition on abusive conduct by dominant firms”.
“There is unquestionably a case for Meta to answer at trial,” Kreisberger argued.
But lawyers representing Meta said the lawsuit wrongly assumes that any “excess profits” it might make equates to a financial loss suffered by individual Facebook users.
This approach “takes no account whatsoever of the significant economic value of the service provided by Facebook”, Marie Demetriou said in court documents.
She said Lovdahl Gormsen’s estimate of potential claimants’ total losses – 3 billion pounds, including interest – is “at the very least wildly inflated”.


Twitter says users will be able to appeal account suspension

Twitter says users will be able to appeal account suspension
Updated 28 January 2023

Twitter says users will be able to appeal account suspension

Twitter says users will be able to appeal account suspension
  • Under the new criteria, Twitter accounts will only be suspended for severe or ongoing and repeat violations of the platform’s policies

BENGALURU, India: Twitter users will be able to appeal account suspensions and be evaluated under the social media platform’s new criteria for reinstatement, starting Feb. 1, the company said on Friday.
Under the new criteria, which follow billionaire Elon Musk’s purchase of the company in October, Twitter accounts will only be suspended for severe or ongoing and repeat violations of the platform’s policies.
Severe policy violations include engaging in illegal content or activity, inciting or threatening violence or harm, and engaging in targeted harassment of other users, among others.
Twitter said that going forward, it will take less severe action, in comparison to account suspension, such as limiting the reach of tweets that violate its policies or asking users to remove tweets before continuing to use the account.
In December, Musk came under fire for suspending accounts of several journalists over a controversy on publishing public data about the billionaire’s plane. He later reinstated the accounts.


Indian students defy ban on BBC’s Modi documentary despite arrests

Indian students defy ban on BBC’s Modi documentary despite arrests
Updated 28 January 2023

Indian students defy ban on BBC’s Modi documentary despite arrests

Indian students defy ban on BBC’s Modi documentary despite arrests
  • Documentary investigates Narendra Modi’s role in the deadly Gujarat riots in 2002
  • Government sees the British broadcaster’s program as ‘manipulation by foreign power’

NEW DELHI: Indian students are defying a ban on a BBC program examining Prime Minister Narendra Modi’s past, despite arrests and attempts by authorities to prevent them from organizing screenings.

The two-part program, “India: The Modi Question,” examines claims about Modi’s role in the 2002 riots in Gujarat that left more than 1,000 dead, most of them Muslims.

Modi was serving as chief minister of the western state when the violence broke out.

The government banned the documentary over the weekend using emergency powers under information technology laws, but students continued to organize screenings across the country.

At least 13 students of Jamia Millia Islamia in New Delhi were detained for 24 hours on Wednesday, after they tried to show the documentary at their campus. 

HIGHLIGHTS

• Documentary investigates Narendra Modi’s role in the deadly Gujarat riots in 2002.

• Government sees the British broadcaster’s program as ‘manipulation by foreign power.’

“We were handed over to the police by the proctor of Jamia Islamia University. On Friday, the Jamia authorities shut down all the facilities for students,” one of the arrested, Azeez Shareef from the Students Federation of India, told Arab News.

“We grew up with a certain idea of India, with secular values and democratic principles, but this government has attacked everything.”

Earlier this week, authorities cut off electricity at Jawaharlal Nehru University when students gathered to screen the documentary.

“We wanted to screen the documentary so that youth can form their own opinion,” said Aishe Ghosh, president of Jawaharlal Nehru Students Union.

“The new generation does not remember what happened in Gujarat in 2002 because they were too young. But when we see today’s reality, it’s important for the young generation to make the link that the same political party that is in power in Delhi was responsible in some form or another in manufacturing a pogrom in the state of Gujarat.”

She added that universities are where students should have “space to debate and discuss and differ.”

As the government ban means the film cannot be streamed or shared on social media — and Twitter and YouTube have complied with a government request to take down links to the documentary — students argue there is no explicit ban on screenings.

“Where is the order to ban the documentary?” said Abhisek Nandan, president of the Student Union of the University of Hyderabad, which has organized a screening and discussion on the first episode of the program.

“The documentary carries the truth about Gujarati riots that journalists and civil society groups have been telling for the last 20 years.”

Modi’s ruling Bharatiya Janata Party sees the British broadcaster’s film as manipulation and an assault on India’s judicial system.

“A foreign power undermining the judicial system of India is not the right thing to do. The entire episode of the Gujarat riot has minutely been scrutinized by all, including the judiciary,” BJP spokesperson Sudhanshu Mittal told Arab News.

In 2013, a court in Gujarat found Modi not directly responsible for the riots. The Supreme Court upheld the ruling in 2022.

“The documentary is an assault on the judicial system of this country. That’s why it is not permitted,” Mittal said.

“The country is right in not allowing manipulation by a foreign power.”

The film could undermine Modi’s reputation at a time when India is chairing the Group of 20 largest economies and will host the G20 summit this year.

“It’s obvious that PM Modi realized that the documentary had the potential to hurt his reputation at a time when he could least afford it,” political analyst Sanjay Kapoor told Arab News.  

“For him, the G20 platform provided him an opportunity to showcase himself as a world leader, and he didn’t want his image to be sullied as someone who was complicit in the Gujarat genocide.”

 

 


Saudi Arabia’s KAICIID launches journalism program for Arabs

Photo/Shutterstock
Photo/Shutterstock
Updated 27 January 2023

Saudi Arabia’s KAICIID launches journalism program for Arabs

Photo/Shutterstock
  • KAICIID’s secretary-general, Dr. Zuhair Alharthi, said that the second edition of the fellowship program was launched following the success achieved in the first edition, which helped journalists combat hate speech and promote a culture of dialogue

RIYADH: The King Abdullah International Centre for Interreligious and Intercultural Dialogue, KAICIID, announced on Thursday the launch of the second edition of its Journalism Fellowship Program for Dialogue in the Arab region.

The program targets a new group of male and female journalists from the Arab region who will receive training on dialogue journalism, conduct professional reports that focus on matters related to interfaith and intercultural dialogue, religious relations, identity, and conflicts.

The aim is to enhance pluralism, diversity, peaceful coexistence, set ethical standards of journalism, and to combat hate speech.

KAICIID’s secretary-general, Dr. Zuhair Alharthi, said that the second edition of the fellowship program was launched following the success achieved in the first edition, which helped journalists combat hate speech and promote a culture of dialogue.

According to the approved schedule for the program, selected candidates will be invited for interviews by late February, with the program to begin online in March followed by on-the-ground training in April.

As per the admission rules to the program, a relevant committee should select between 20 to 25 journalists between the ages of 28 and 40.

They must be working in print, audio, or digital media, and have at least five years of experience in journalism or in other related fields; they must have a professional record in sensitive conflict environments, and they need to be citizens of an Arab country.

Wasim Haddad, the director of programs in the Arab region, said: “This program is one of the main axes within the center’s work strategy in the Arab region, which primarily aims at building social cohesion and promoting the values of dialogue and common citizenship through intensified work and building partnerships with religious leaders, policy makers, the youth, and women as main pillars of change in the region, as it is clear to everyone the leading roles the media can play in this regard.”