Platformer - Mudge blows the whistle on Twitter
Today’s newsletter is late because Substack was down for an hour so. Sorry! I. On January 21, a moderately surprising headline hit the New York Times: in one of his first official acts as Twitter CEO, Parag Agrawal had fired the company’s chief information security officer, Rinki Sethi, and its head of security, Peiter Zatko. It was the latter firing that surprised; Zatko, who is known within cybersecurity circles as “Mudge,” is a veteran hacker who had previously worked at DARPA, Google, and Stripe. Zatko joined the company in 2020 after being recruited personally by then-CEO Jack Dorsey, after a deeply embarrassing hack in which teenagers temporarily took over the accounts of Barack Obama, Joe Biden, Elon Musk, and other celebrities. Agrawal told employees little about his rationale for firing Zatko and Sethi, saying only that the “nature of this situation” prevented him from saying more, the Times reported. Zatko maintained his public silence for eight months — and then showed up on Tuesday throwing bombs. In an 84-page complaint filed with the Securities and Exchange Commission, the Department of Justice, and the Federal Trade Commission, Zatko alleges severe negligence on the part of Agrawal and other company executives in protecting user data, misleading government officials, and violating a 2011 consent decree with the FTC. In preparing the complaint, Zatko worked with Whistleblower Aid, the same group that assisted Frances Haugen when she blew the whistle on Facebook last year; Whistleblower Aid worked with Zatko to secure prominent coverage of his complaint in CNN and the Washington Post. The Post’s Joseph Menn, Elizabeth Dwoskin and Cat Zakrzewski lay out some of the details:
A few things to say up front: I don’t know Zatko myself, and am only passingly familiar with his work. Some people I know deeply respect and trust him, and many of them tweeted tributes to him today. Other people I know who worked with him had a lesser opinion of his work; these people spent today sending me messages that began with something along the lines of “Here is a story about Mudge that you can’t use.” (A few, though, did tweet their criticisms publicly.) What I took from these conversations is that Zatko is a polarizing figure, and like many coworkers, how you feel about him probably depends a lot on the circumstances under which you worked with him. A second thing to say is that Zatko makes a lot of allegations here. His complaints go on for dozens of pages, and have a kitchen-sink quality reminiscent of a jilted husband suing for custody of a child. These complaints cannot properly be assessed in a single column, even if we did have all the necessary data and supporting exhibits, which we don’t. It will be up to the government agencies who received the complaint, along with Congress, to determine what, if anything, is worth pursuing here legally. Of course, Congress knows red meat when it sees some, and given the never-ending discourses around data, privacy, censorship, Big Tech, and so on, both Republicans and Democrats both leaped to say that they will be taking Zatko extremely seriously. Here’s Zakrzewski again in the Post:
Four more lawmakers say they’ll also be looking into the claims before the story ends. Zatko will reportedly be briefing them this week. II. Now, I just said that we can’t properly evaluate Zatko’s claims with what we know so far. But after talking with some folks at Twitter today, I think we can at least begin to group the more high-profile allegations in terms of what seems plausible and worrisome; what seems plausible and overblown; and what seems likely wrong. Plausible and worrisome. The complaint alleges that about half of Twitter’s employees had access to critical systems that enabled them to make harmful changes or collect sensitive data. Historically that was true, I’m told, but began to change starting around 2018, and now access is more limited and audited more regularly. Notably, even before 2018 all this data access was logged, so if an employee was doing something terrible with Twitter’s code there should have at least been a trail for investigators to follow... Keep reading with a 7-day free trialSubscribe to Platformer to keep reading this post and get 7 days of free access to the full post archives. A subscription gets you:
|
Key phrases
Older messages
How a viral NFT project survived the crypto crash
Friday, August 19, 2022
Loot's Dom Hofmann on outlasting the hype cycle, public-domain video games, and why Creative Commons is the future
Inside Facebook's encryption conundrum
Friday, August 12, 2022
The company is moving quickly to make Messenger more secure — but selling it to average users could prove to be a challenge
Twitter gets its hands dirty
Thursday, August 4, 2022
Two years after closing its PAC, the company has quietly begun giving away money again — starting with the Republican Attorneys General Association
What it's like to make policy at TikTok
Wednesday, August 3, 2022
Former policy manager Marika Tedroff talks nudity, China, and a "very toxic" work culture
🚨 Instagram walks back its changes
Thursday, July 28, 2022
Say goodbye to the full-screen feed, and at least some of those recommendations — for now. Adam Mosseri explains why
You Might Also Like
The problem with VC: Reason #384
Friday, April 26, 2024
We have brunch with HelixNano cofounder Carina Namih, Isomer enters secondaries market and the startups mitigating AI's impact on the climate. View in browser Notion flagship logo final Good
SaaSHub Weekly - Apr 25
Thursday, April 25, 2024
SaaSHub Weekly - Apr 25 Featured and useful products 12 Foot Ladder logo 12 Foot Ladder Prepend 12ft.io/ to the URL of any paywalled page, and we'll try our best to remove the paywall and get you
Editor’s Brief: The Robotics Renaissance
Thursday, April 25, 2024
Why we're entering into an automation supercycle. ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏
Converso, Mood Board AI, For Future, Editor.do, and AI Chat
Thursday, April 25, 2024
Help solve humanity's existential risks with your talent/money/time BetaList BetaList Daily Win a $100 Amazon gift card? Fill out this one-question survey about domain names. Marc Converso AI
Partnering with Dropzone: Automating Security Operations with AI
Thursday, April 25, 2024
Tomasz Tunguz Venture Capitalist If you were forwarded this newsletter, and you'd like to receive it in the future, subscribe here. Partnering with Dropzone: Automating Security Operations with
if I were starting over today…
Thursday, April 25, 2024
Read time: 1 min, 20 sec A lot of people ask me: “Pat, what would you do if you were starting all over today?” Most of the time, I think they're looking for a quick fix. (hint: there's no such
Free ecomm coaching from multi-7-figure founders >
Thursday, April 25, 2024
Sign up for foundr+ to learn more > , Here at Foundr, we believe that taking initiative should ALWAYS be rewarded. That's why YOU, as a summit attendee, will get to join an exclusive 4-week
[SaaS Club] The Long Road to Building a Scalable Enterprise SaaS
Thursday, April 25, 2024
Hey Reader Let's connect on LinkedIn! Follow me to stay in touch! Here's a quick round up of what's been going on at SaaS Club: 🎧 Podcast SightCall: The Long Road to Building a Scalable
📂 Virality can be engineered even if it’s not inherent to the product
Thursday, April 25, 2024
Today's newsletter is proudly supported by Videodeck 🎉 One of the most common questions I've gotten in the last year is: "How do we get started with video marketing?" So I
My #1 regret in life
Thursday, April 25, 2024
This email is from THIS podcast - Spotify - iTunes HAPPY THURSDAY! I'm hosting a private office hour at 12pm CT on April 26th for people on this email list ONLY. If you wanna hang out and ask me