/
Navigation
Chronicles
Browse all articles
Explore
Semantic exploration
Research
Entity momentum
Nexus
Correlations & relationships
Story Arc
Topic evolution
Drift Map
Semantic trajectory animation
Posts
Analysis & commentary
Pulse API
Tech news intelligence API
Browse
Entities
Companies, people, products, technologies
Domains
Browse by publication source
Handles
Browse by social media handle
Detection
Concept Search
Semantic similarity search
High Impact Stories
Top coverage by position
Sentiment Analysis
Positive/negative coverage
Anomaly Detection
Unusual coverage patterns
Analysis
Rivalry Report
Compare two entities head-to-head
Semantic Pivots
Narrative discontinuities
Crisis Response
Event recovery patterns
Connected
Search: /
Command: ⌘K
Embeddings: large
TEXXR
TEXXR

Chronicles

The story behind the story

days · browse · Enter similar · o open

Mudge details Twitter's lack of logging, ignoring hackers' ongoing efforts to access its systems, how the FTC let the company “grade its own homework”, and more

A ticking bomb of security vulnerabilities.  Covering up security failures.  Duping regulators and misleading lawmakers.

TechCrunch Zack Whittaker

Related Coverage

Discussion

  • Vox Shirin Ghaffary on x
    The Twitter whistleblower made a convincing case that Twitter is a mess
  • @andresgomezjac Andres Gomez on x
    As the Engineering Manager leading the Client Security team at $TWTR in charge of developing the functionality to shutdown a compromised version in the event of a hack, not even once I heard from Mudge. I also never got a single (cascaded) email in which he comm his priorities. h…
  • @vmbrasseur @vmbrasseur on x
    The thing is, Twitter's mess looks a lot like the mess of just about EVERY OTHER software company w/which I've worked. Is this good? No. Is this normal? Yes. We've all learned to embrace the normalised deviance while wearing our golden handcuffs. https://twitter.com/...
  • @techcrunch @techcrunch on x
    A ticking bomb of security vulnerabilities. Covering up security failures. Duping regulators and misleading lawmakers. These are some of the allegations that Twitter's ex-security head made in testimony to lawmakers today. https://techcrunch.com/...
  • @lorenzofb Lorenzo Franceschi-Bicchierai on x
    .@ChuckGrassley: “I love using Twitter.”
  • @kurtwagner8 Kurt Wagner on x
    One interesting part of this Twitter whistleblower hearing is Senators and Mudge say Twitter is a company that secretly knows a ton about you. Ironically the knock on Twitter's advertising biz for years has been that they don't really know as much about you as they need to
  • @mmasnick Mike Masnick on x
    I don't doubt that foreign intelligence agencies are trying to (and, likely, successful in) placing agents in every big tech company these days and that should be a legit concern. But this quote does not sound like something a real human being says. https://www.vice.com/... https…
  • @kantrowitz Alex Kantrowitz on x
    This is bananas. And pretty believable. https://twitter.com/...
  • @b_fung Brian Fung on x
    WOW. Zatko says he remembers telling someone inside Twitter that there is a foreign agent at the company and was told “Well, since we already have one, what is the problem if we have more?”
  • @samsabin923 Sam Sabin on x
    Grassley is hitting on some of the expected topics, too: - concerns about foreign agents inside the company - allegations that Twitter misled the FTC - additional allegations that Twitter took money from “Chinese entities” - lack of resources to content moderation & so on.
  • @scottnover Scott Nover on x
    Grassley is now complaining about the Chinese government having Twitter accounts and advertising on the platform. “I think that's a very valid concern,” Zatko responds. They both note that China bans Twitter domestically.
  • @corintxt Corin Faife on x
    Moving on, Grassley also highlights cases of foreign agents (Saudi, Chinese, Indian) within Twitter, and the damage they could do with the data Twitter collects. Looks like this could be a big theme of the hearing.
  • @townhallcom @townhallcom on x
    GRASSLEY: Twitter whistleblower testimony indicates that “the FBI notified Twitter of at least one Chinese agent in the company.” https://twitter.com/...
  • @nathanielmott Nathaniel Mott on x
    Now we're told the FBI warned Twitter that an employee was “suspected” of being a Chinese foreign asset. Grassley wants to know if Mudge or anyone else at Twitter was surprised by this revelation.
  • @dianneg Dianne Gallagher on x
    The FBI has warned Twitter it may have at least one Chinese agent on its payroll, according to Sen. Chuck Grassley, summarizing previously undisclosed details of an allegation by Twitter whistleblower Peiter “Mudge” Zatko against his former employer - @b_fung reports
  • @karissabe Karissa Bell on x
    Grassley says that Mudge's disclosure stated that “the FBI notified Twitter of at least one Chinese agent in the company” (I don't think China was named in the original complaint, at least not in the redacted version.)
  • @lorenzofb Lorenzo Franceschi-Bicchierai on x
    .@dotMudge: If you are a foreign agent you have access to all data because Twitter doesn't have a testing environment and all engineers work on live systems.
  • @eamonjavers Eamon Javers on x
    Mudge says a top Twitter sales exec told him Twitter knew it had a problem with Chinese access to Twitter advertising, saying “we're making too much money from these sales. we're not going to stop. we need something that will make the employees more comfortable.”
  • @howardmortman Howard Mortman on x
    Whistleblowers testify to Congress... last four years: * Mudge Zatko - Twitter - Sept. 13, 2022 * Haugen - Facebook - Oct. 5, 2021 * Bright - BARDA - May 14, 2020 * Vindman - Trump impeachment - Nov. 11, 2019 https://twitter.com/...
  • @chancery_daily @chancery_daily on x
    the fact that they are talking about Chinese companies advertising on Twitter and asking Mudge about whether or not that puts Chinese people's lives at risk ... like: you think this is terrible, but have you tried TikTok? 17/
  • @josephfcox Joseph Cox on x
    New: Twitter whistleblower Peiter “Mudge” Zaitko says there was at least one spy from a Chinese intelligence service working at Twitter on the payroll. An exec said “we already have one, what does it matter if we have more? Let's keep growing the office” https://www.vice.com/...
  • @lorenzofb Lorenzo Franceschi-Bicchierai on x
    NEW: .@dotMudge told Senators that Twitter employed “at least” one Chinese intelligence agent. This is probably the most explosive revelation of Mudge's testimony so far. He had previously said India also placed a government agent inside the company. https://www.vice.com/...
  • @ronanfarrow Ronan Farrow on x
    “They didn't care how much it would cost them.” People around Twitter whistleblower Peiter “Mudge” Zatko are being inundated by offers from secret clients paying for dirt on him, as he testifies on the Hill about an alleged security crisis at Twitter. NEW: https://www.newyorker.c…
  • @tonyajoriley Tonya Riley on x
    “There response was if we already have one what does it matter if we have more?” Mudge says an executive commented on the issue of foreign spies.
  • @thauburger Tom Hauburger on x
    As a person in charge of one of the largest recommendation surfaces at $TWTR, I never once heard from Mudge.
  • @yashar Yashar Ali on x
    The Saudi government also had two agents on Twitter's payroll. MBS' chief of staff @Badermasaker recruited these two agents who ended up providing info about dissidents from confidential Twitter data. Despite his role in this, @Badermasaker has been allowed to keep his account. h…
  • @hacks4pancakes Lesley Carhart on x
    I'm loving the snarky replies accusing him of ... totally relatable and mundane embarrassments. 😅🍸(None of which apply to me on a typical day not ending in “y”, of course!) https://twitter.com/...
  • @donie Donie O'Sullivan on x
    As we were digging into Zatko's past before breaking his story we dug into his past — it struck me how people only had good things to say about him. Much to Twitter's chagrin! Worth a read from @RonanFarrow. https://www.newyorker.com/...
  • @tanvi_madan Tanvi Madan on x
    Sen. “Grassley said in...remarks during a whistleblower hearing...'For example, his disclosures indicate that India was able to place at least 2 suspected foreign assets w/in Twitter. His disclosures also note that the FBI notified Twitter of at least 1 Chinese agent in the co.'”…
  • @thedextriarchy Adi Robertson on x
    An attorneys' statement: “Mr. Zatko is hopeful that the Committee's work today has helped educate the public about just how dire the security and privacy situation is at Twitter ... He remains ready, willing and able to be part of the legislative reform that is sorely needed.” ht…
  • @b_fung Brian Fung on x
    Whoa. Twitter has accidentally leaked huge swaths of data on its own employees, including former employees and contractors, affecting as many as 50 MILLION people, Zatko alleges.
  • @qwongsj Queenie Wong on x
    The Twitter whistleblower hearing is a reminder of how much data we willingly share with various platforms and sites.
  • @spacerog @spacerog on x
    I wasn't interviewed this article cause I've been denying all press requests but you can add me to this list. https://www.newyorker.com/...
  • @alexbarinka Alex Barinka on x
    The Twitter whistle-blower hearing is taking a 5 minute break. So far, Zatko said: -Executives focused on profits over security; board took no action - Hard to ID+track foreign agents or inappropriate access to user data
  • @kantrowitz Alex Kantrowitz on x
    Sen. Chuck Grassley says Twitter CEO @paraga refused to attend today's heading with @dotMudge because it would jeopardize its deal with Elon Musk. Interesting.
  • @chancery_daily @chancery_daily on x
    this is the most important takeaway from this hearing, for actual trial purposes. assessing the scope of mudge's possible testimony at trial and it seems like it won't be much in reality 40/ https://twitter.com/...
  • @therecount @therecount on x
    Twitter whistleblower Peiter “Mudge” Zatko testifies before the Senate Judiciary Committee about Twitter's security vulnerabilities: “It is not farfetched to say that an employee inside the company could take over the accounts of all of the senators in this room.” https://twitter…
  • @eamonjavers Eamon Javers on x
    Mudge says he believes “with high confidence” that another Twitter employee was a foreign agent for India. But Twitter had an inability to track what that person was doing. “They simply lacked the fundamental abilities to hunt for foreign agents... and expel them.”
  • @corintxt Corin Faife on x
    When it was suspected that a foreign agent had compromised the platform, lack of logging and other security controls made it very difficult to detect their activities. “We simply lacked the ability to hunt for foreign intelligence agents and expel them on our own,” Mudge says.
  • @da_667 @da_667 on x
    You want to know how I could believe they don't have a dev env? - First off, Mudge isn't an idiot. Good rep goes a long way. - Second, how long has the unfollow bug been a thing? How long have we gotten random twitter outages that couldn't be pinned down?
  • @r0wdy_ @r0wdy_ on x
    this is a good point no staging env doesn't mean they deploy directly to prod without testing but mudge seemed to hint at that, but wasn't very clear https://twitter.com/...
  • @kevincollier Kevin Collier on x
    Mudge — one of the most accomplished and likely the most beloved person in cybersecurity — started his Senate testimony with his mic off. So don't you ever feel self-conscious about doing that on a work call ever again.
  • @ra6bit @ra6bit on x
    Ugg. You can watch Mudge's testimony get misunderstood and turned into clickbaity headlines in real time.
  • @chadpergram Chad Pergram on x
    A) Twitter whistleblower Zatko to Senate cmte: What I did notice when we did know of a person inside acting on behalf of a foreign interest as an unregistered agent, it was extremely difficult to track the people.
  • @scottnover Scott Nover on x
    We have, um, veered from the focus on this hearing and are talking about child porn apparently, something that Mudge doesn't really know about or claim to know about.
  • @reuters @reuters on x
    Zatko referenced a @Reuters story detailing internal clashes between some teams that wanted to maximize the ad revenue opportunity from Chinese advertisers and others who were concerned about doing business inside China amid rising geopolitical tensions https://www.reuters.com/..…
  • @lorenzofb Lorenzo Franceschi-Bicchierai on x
    After Mudge found out, he told an executive: “I am confident that we have a foreign agent.” The executive responded: “Well, since we already have one, what does it matter if we have more? Let's keep growing the office.” https://vice.com/...
  • @igb Ian Brown on x
    I didn't know you could get paid to tell people why @dotMudge sucked at his job. I've just been tweeting about it, for free, like an idiot. https://www.newyorker.com/...
  • @girlsreallyrule Amee Vanderpool on x
    It appears that Elon Musk's “team” was working around the clock to discredit a whistleblower, whose claims had huge ramifications for Musk's bid for Twitter. This is what happens when people have too much money and more money is involved. https://www.newyorker.com/...
  • @tarah Tarah M. Wheeler on x
    Every CISO who's ever been fired for surfacing internal security risks, every security exec who's ever made a hard call and been blamed instead of supported - watch this feed and watch Mudge get to say all the things you didn't get to say. He is BURNING IT DOWN. https://twitter.c…
  • @lauren_feiner Lauren Feiner on x
    Zatko says that during the time he was there, Twitter did not have a staging environment to test updates, so everything was done in a production environment which he said all engineers had access to by default. That gave a large swath of the company broad access to data
  • @kenli729 Kenneth Li on x
    Twitter whistleblower: “key parts of leadership lacked the competency to understand the scope of the problem. But more importantly, their executive incentives led them to prioritize profits over security.”
  • @newyorker @newyorker on x
    After Peiter (Mudge) Zatko filed a whistle-blower disclosure against Twitter, his former coworkers received dozens of requests for information about him—an effort that “seemed incredibly shady,” one said. @ronanfarrow investigates. https://nyer.cm/BQQ47tS
  • @wbaidlaw @wbaidlaw on x
    “Campaigns to source disparaging information under apparently false pretenses is something we've seen when the facts of the disclosure are beyond dispute.” - John Tye, #Whistleblower Aid https://www.newyorker.com/...
  • @rohded David Rohde on x
    “Zatko's sweeping claims, if proven, could aid Elon Musk in his attempt to terminate his $44 billion agreement to acquire Twitter, a legal fight with implications of billions of dollars for investors.” @RonanFarrow⁩ https://www.newyorker.com/...
  • @michaelluo Michael Luo on x
    .⁦@RonanFarrow⁩ looks into strange “paid interview requests” that former colleagues of Peiter (Mudge) Zatko have been receiving. The motivation? Likely greed, as hedge funds and others jockey for an edge. https://www.newyorker.com/...
  • @gregotto Greg Otto on x
    Insane insane insane: The Search for Dirt on the Twitter Whistle-Blower https://www.newyorker.com/... via @NewYorker