Struggling social media giant Twitter, under increased danger of law and plagued by serious safety breaches, is appointing one of the world’s most highly regarded hackers to tackle everything from technology missteps to misinformation.
The company on Monday called Peiter Zatko, widely known by his hacker handle Mudge, to the new position of head of security, giving him a broad mandate to recommend changes in practices and structure. Zatko answers to CEO Jack Dorsey and is expected to take over management of key security functions following a 45- to 60-day review.
In an exclusive interview, Zatko said he will examine “information security, site integrity, physical security, platform integrity — which starts to touch on abuse and manipulation of the platform — and engineering.”
Zatko most recently scrutinized safety in the electronic payments unicorn Stripe. Before that, he worked on special projects at Google and mimicked handing out licenses for projects on cybersecurity at the Pentagon’s famed Defense Advanced Research and Projects Agency (DARPA).
Zatko’s brilliant career began in the 1990s, when he simultaneously conducted classified work for a government contractor and has been one of the leaders of Cult of the Dead Cow, a hacking group notorious for releasing Windows hacking tools in order to goad Microsoft into enhancing security.
“I don’t know if anyone can fix Twitter’s security, but he’d be at the top of my list,” said Dan Kaufman, who supervised Zatko in DARPA and now leads the innovative products group at Google.
Twitter faces numerous safety challenges. One year before, the US government accused two men of spying for Saudi Arabia if they worked at Twitter years earlier, saying that they passed along private information about the kingdom’s critics.
In July, a group of young hackers tricked workers and won access to inner resources, which let them change account preferences then tweet from the accounts of then-presidential candidate Joe Biden, Microsoft founder Bill Gates and Tesla CEO Elon Musk.
“The data breach this summer was an important reminder of how far Twitter needs to go in building some of the basic security functions necessary to run a service targeted by adversaries much more skilled than the teenagers arrested for that incident,” explained Alex Stamos, a former Facebook chief security officer and current Stanford researcher who has helped lead efforts to fight election disinformation.
Stamos, who once worked for Zatko’s safety consultancy, called him a great match for a company lacking the financial muscle of Facebook and Google. “They are going to have to find creative solutions to these problems, and if Mudge is famous for anything in security, it is being creative.”
Zatko said he was dedicated to improving public conversations on Twitter. He commended a recent move to raise “friction” by alerting users to comment instead of simply retweeting; a next step could be to induce folks to comprehend a long conversation before participating in it,” he said.
Zatko said he appreciated Twitter’s willingness to unconventional security approaches, such as his proposal for perplexing awful actors by manipulating the data that they receive from Twitter about the way people interact with their articles.
“They are willing to take some risks,” Zatko said of the new employer.
The team at Platform Executive hope you have enjoyed this news article. Initial reporting via our official content partners at Thomson Reuters. Reporting by Joseph Menn in San Francisco. Editing by Jonathan Weber and Richard Pullin.
Stay on top of the latest developments across the platform economy and gain access to our problem-solving tools, proprietary databases and content sets by becoming a premium member. Subscription plans start at under $7 per month.