"Ginger, get the popcorn!"
<EOM>
Twitter's former head of security Peiter "Mudge" Zatko on Tuesday told the US Senate Judiciary Committee that the social media company's lax data handling and inability to present problems to its board of directors threaten the privacy, security, and democracy for Americans. Zatko appeared before Senate lawmakers to testify …
I don't understand why having potentially foreign agents in Twitter is a matter of National Security. Twitter deals with public informations, which visible are visible by World + Dog. There's a threat against users who may be tracked because of their opinion, but where is the danger for the USofA?
Code pushed directly in production without going through a test environment? That would be the first time that it happens in a company! /s
It's good to know that the CNIL, an independent body, is feared because it does a good job. It should be the same in all democratic countries.
== Bring us Dabbsy back! ==
They could possible decide which informations are published and which are not.. Also they could artificially increase view, thereb creating a buzz on elements that they deem important.
Then they have access to user accounts, whats to stop them publishing on behalf of someone else.
There are probably undreds of reasons political reasons that go far beyond oour understanding,
Ne'er do wells (or more specifically, politically active people that certain countries DEEM to be ne'er do wells) might well be using twitter DMs to exchange "spicy" messages while their public feeds remain clean. It can also do very well to map the social network of certain individuals. Having access to meta-data from tweets probably helps tremendously in keeping track of daily habits/routines of a person, where they are, whom they associate with, what they look at, etc. Most of the data that "social" networks gather and sell is explicitly not the content of their website that Joe/Jane Public engages with. The content is just the feed trough to attract the livestock to the barn.
They aren't mates. If you put two narcissists, like Trump and Musk, in a room... It's like a nature film where two elk are butting heads trying to establish dominance. They both feel like they must be the center of attention at all times, so narcissists tend not to get along with other narcissists.
Let's hope Musk buys twitter, kills it, and facebook is somehow also destroyed in the fallout.
With no replacement for either, preferably. What happens to Musk after that may not matter so much. Destroying 2 of the largest and most toxic social media companies might even put him in the running for some awards.
> "We're going to create a system more like Europe, a regulatory environment with teeth,"
If the only thing that comes out of this Twitter spectacle is this, then it will all have been worth it. Regulator agencies must have true enforcement capabilities. If all they can do is slap on wrists, then the regulator is just an illusion, something concocted to trick voters into thinking there is proper regulation.
sorry that made me laugh. From what I see, regulators only take fines/bribes/taxes for criminal activity including negligence. If it gets fixed is not so important (to them). SNAFU.
When's the last time any executive of a data breach went to jail? billions in fines/bribes keeps "the system" working, same as it ever was.
When I was pushing to divert dev resources into Y2K remediation the final button that worked was a meeting with board level execs (all in their 50's) warning them that their pensionable service could be decremented rather than increased if we did not fix the issue. I'd been fighting that battle publishing internal papers etc for 18 months and getting nowhere, the potential impact on their personal finances suddenly opened the door.
And before anyone starts telling me that y2k was a myth we had to divert 30% of all development resources to mitigate this, this included re-engineering 20 year old bespoke systems to accept 4 digit years with the associated changes to all feeder systems. Of the 600+ applications affected very few didn't require at least a minor upgrade to remediate the issue.
... this guy bagged more than seven millions and went on trashing the company - didn't they ask some kind of NDA for that money?
I understand that running the company form Polynesia could be quite difficult.... yet this looks to be basic stuff for companies.
NDAs are.... tricky, legally speaking. It might well be that revealing these things is deemed to be "in the public interest" and that this means the NDA cannot be enforced. Similarly if he's called in court and told to speak on these subjects he might have to bite his tongue on anything unless explicitly asked, but if asked he cannot then rely on the NDA to keep quiet, the court overrules the NDA.
There's plenty of cases that have actually gone to court to show that NDAs are basically unenforceable in all but the most blatant cases, but the problem is few of these cases go all the way through the courts to set a precedent because companies that use NDAs usually have the means to stretch cases out to such an extend that people settle out of court (or basically give up) because they've been financially bled dry.
Are NDA enforceable? I don't think so. Most "agreement" out of courts imply some sorts of them, in exchange for the money. Sure, probably a court could overrule them if needed - but he started to talk before any court summoned him.
I'm not defending Twitter - but I found strange they were ready to pay seven millions without anything in exchange. If they didn't, it really look a company that doesn't know what it's doing. And if asked the money and then started to talk, well, it's not really am ethical behaviour. So after all he was a good fit for Twitter.
If I'm going to denounce a company, I don't wait to be fired, nor I ask millions to leave. That said, what he's saying about Twitter can be wholly true. But he could find himself in an awkward position, if he looks someone determined to exploit the situation.
" I found strange they were ready to pay seven millions without anything in exchange."
My presumption is he's contractually entitled to that amount, and that if they don't pay, he'd sue and get the money. And because he's legally entitled to it, there's no way they can force an NDA on him.
But, as pointed out, an NDA is just another form of contract. Break it and you get sued for whatever remedies are set out in it. Being compelled to testily would be a valid defence - as would whistleblower statutes.
And if so it is also strange that the same contract has no provisions about keeping quiet about company businesses when you leave - which are quite common when you are in top spots. If Twitter didn't it, they really look like a bunch of morons.
Or do you mean contracts are valid only when advantageous to you, but not vice-versa? Of course nobody forces you to sign a contract you deem "unethical". Then if your "ethics" can be bought, it doesn't shine a good light on you when suddenly you feel the need to tell everything - but just after having been fired and bagged the money. You can just become a witness that could not be believed enough. That's the risk.
NDAs are usually enforced by the simple threat of being taken to court if you breach them. Even if no penalties will ever come of it payable to the company, them suing you in court is going to cost you more than a pretty penny (especially in the US) and they'll just keep it going until they have the shirt of your back. The threat of this happening, justified or not, is what companies use to get people to hold their tongue.
Any revelations Zatko has, whether true or false, have very little bearing on whether Musk will be forced to buy Twitter. IANAL, but these guys are - https://lawprofessors.typepad.com/business_law/2022/08/i-guess-im-writing-about-twitter-again.html is a good summary.
Musk is contractually barred from claiming fraud due to statements outside the merger agreement. He can’t claim fraud based on blog posts, Twitter executives’ tweets, statements to market analysts, or any materials of that nature. He can, however, claim fraud due to statements in the merger agreement itself.
The merger agreement gives him almost no wiggle room to get out of this deal.
Funny how he never knew that the site was insecure and full of garbage before he accepted a job there, when the entire rest of the world knew, but happily collected a lot of money from them in salary and payoff, only to raise his not very new "concerns" once his bank account was well stuffed and he was out of the door.
Any basic regulatory audit would have caught the things he's "revealed", but the politicians he's blabbed to have been obsessed with deregulation and letting companies do whatever the hell they want. The fact that other governments have exploited this with foul consequences has now finally penetrated the skulls of the well lobbied politicians, whose job it always was in the first place to protect democracy and national security. But they were happily using it to skew their own democracy so they didn't pay enough attention to the fact that other governments could easily play the game too. Maybe they should stop outsourcing responsibility for serious matters to amoral tech bros and do more than accepting big donations from these companies lobbyists.
"...but happily collected a lot of money from them in salary and payoff, only to raise his not very new "concerns" once his bank account was well stuffed..."
I imagine he could have earnt equivalent sums elsewhere.
And I imagine he thought the executives wanted to fix the problems, and wanted his expertise to help with that. Whereas, in the end, it turned out he was hired as a fig-leaf.
Republicans get to claim they were holding "big tech" to account, and especially getting to rake Twitter over the coals a bit after banning their demagogue. Democrats get to claim that they support whistleblowers and it helps distract from inflation in the upcoming election season.
Meanwhile, now that the cameras are off and people's attention has been directed elsewhere, there will be no follow up of any kind on any of these issues. Unless we count Elon Musk's increasingly pathetic and desperate attempts to get out of buying the company when he signed an "as-is, no warranty express or implied" agreement.
I pretty much agree, but I see twitter as nothing more than a liability, a sinking ship waiting for a new caption to go down with it.
As is, is one thing, criminal neglect that was intentionally hidden is another.
Reminds me of bad used car sales, selling cars with steel wool in the muffler to prevent them from smoking, while the engine was really trash. As Is, shouldn't allow criminal dishonestly a pass.