SAN FRANCISCO, Kabar Medsos – Social media giant Twitter TWTR.N Inc, under increased threat of regulation and plagued by serious security breaches, is appointing one of the world’s best-regarded hackers to tackle everything from engineering missteps to misinformation.
The company on Monday named Peiter Zatko, widely known by his hacker handle Mudge, to the new position of head of security, giving him a broad mandate to recommend changes in structure and practices. Zatko answers to CEO Jack Dorsey and is expected to take over management of key security functions after a 45- to 60-day review.
In an exclusive interview, Zatko said he will examine “information security, site integrity, physical security, platform integrity — which starts to touch on abuse and manipulation of the platform — and engineering.”
Zatko most recently oversaw security at the electronic payments unicorn Stripe. Before that, he worked on special projects at Google and oversaw handing out grants for projects on cybersecurity at the Pentagon’s famed Defense Advanced Research and Projects Agency (DARPA).
Zatko’s colorful career began in the 1990s, when he simultaneously conducted classified work for a government contractor and was among the leaders of Cult of the Dead Cow, a hacking group notorious for releasing Windows hacking tools in order to goad Microsoft into improving security. reut.rs/2IxWD3Q
“I don’t know if anyone can fix Twitter’s security, but he’d be at the top of my list,” said Dan Kaufman, who supervised Zatko at DARPA and now leads the advanced products group at Google.
Twitter faces numerous security challenges. A year ago, the U.S. government accused two men of spying for Saudi Arabia when they worked at Twitter years earlier, saying that they passed along private information about the kingdom’s critics. here
In July, a group of young hackers tricked employees and won access to internal tools, which let them change account settings and then tweet from the accounts of then-presidential candidate Joe Biden, Microsoft founder Bill Gates and Tesla Chief Executive Elon Musk. here.
“The data breach this summer was an important reminder of how far Twitter needs to go in building some of the basic security functions necessary to run a service targeted by adversaries much more skilled than the teenagers arrested for that incident,” said Alex Stamos, a former Facebook chief security officer and current Stanford researcher who has helped lead efforts to fight election disinformation.
Stamos, who once worked for Zatko’s security consultancy, called him a great fit for a company lacking the financial muscle of Facebook and Google. “They are going to have to find creative solutions to these problems, and if Mudge is famous for anything in security, it is being creative.”
Zatko said he was committed to improving public conversations on Twitter. He praised a recent move to increase “friction” by prompting users to comment instead of simply retweeting; a next step could be to force people to understand a long conversation before participating in it, he said.
Zatko said he appreciated Twitter’s openness to unconventional security approaches, such as his proposal for confusing bad actors by manipulating the data they receive from Twitter about how people interact with their posts.
“They are willing to take some risks,” Zatko said of his new employer. “With the challenges of algorithms and algorithmic bias, they are not standing by and waiting until someone else solves the problem.”
Hacker Terkenal Peiter Zatko, atau Dikenal Sebagai ‘Mudge’ Diberikan Mandat Sebagai Kepala Keamanan Twitter
SAN FRANCISCO , Kabar Medsos – Raksasa media sosial Twitter TWTR.N Inc, di bawah ancaman regulasi yang meningkat dan diganggu oleh pelanggaran keamanan yang serius, menunjuk salah satu peretas paling terkenal di dunia untuk menangani segala hal mulai dari kesalahan teknik hingga kesalahan informasi.
Perusahaan pada hari Senin bernama Peiter Zatko, yang dikenal luas dengan pegangan peretasnya Mudge, ke posisi baru kepala keamanan, memberinya mandat luas untuk merekomendasikan perubahan dalam struktur dan praktik. Zatko menjawab CEO Jack Dorsey dan diharapkan untuk mengambil alih manajemen fungsi keamanan utama setelah peninjauan 45 hingga 60 hari.
Dalam wawancara eksklusif, Zatko mengatakan dia akan memeriksa “keamanan informasi, integritas situs, keamanan fisik, integritas platform – yang mulai menyentuh penyalahgunaan dan manipulasi platform – serta rekayasa.”
Zatko baru-baru ini mengawasi keamanan pembayaran elektronik unicorn Stripe. Sebelumnya, ia mengerjakan proyek khusus di Google dan mengawasi pemberian hibah untuk proyek keamanan siber di Badan Penelitian dan Proyek Lanjutan Pertahanan (DARPA) Pentagon yang terkenal.
Karier Zatko yang penuh warna dimulai pada 1990-an, ketika dia secara bersamaan melakukan pekerjaan rahasia untuk kontraktor pemerintah dan berada di antara para pemimpin Cult of the Dead Cow, sebuah grup peretas yang terkenal karena merilis alat peretasan Windows untuk mendorong Microsoft agar meningkatkan keamanan. reut.rs/2IxWD3Q
“Saya tidak tahu apakah ada yang bisa memperbaiki keamanan Twitter, tetapi dia akan berada di urutan teratas daftar saya,” kata Dan Kaufman, yang mengawasi Zatko di DARPA dan sekarang memimpin grup produk lanjutan di Google.
Twitter menghadapi banyak tantangan keamanan. Setahun lalu, pemerintah AS menuduh dua pria memata-matai Arab Saudi ketika mereka bekerja di Twitter bertahun-tahun sebelumnya, mengatakan bahwa mereka menyampaikan informasi pribadi tentang kritik kerajaan. sini
Pada bulan Juli, sekelompok peretas muda menipu karyawan dan memenangkan akses ke alat internal, yang memungkinkan mereka mengubah pengaturan akun dan kemudian men-tweet dari akun calon presiden Joe Biden, pendiri Microsoft Bill Gates dan Kepala Eksekutif Tesla Elon Musk. disini .
“Pembobolan data musim panas ini adalah pengingat penting tentang seberapa jauh Twitter perlu membangun beberapa fungsi keamanan dasar yang diperlukan untuk menjalankan layanan yang ditargetkan oleh musuh yang jauh lebih terampil daripada remaja yang ditangkap karena insiden itu,” kata Alex Stamos, seorang mantan kepala petugas keamanan Facebook dan peneliti Stanford saat ini yang telah membantu memimpin upaya memerangi disinformasi pemilu.
Stamos, who once worked for Zatko’s security consultancy, called him a great fit for a company lacking the financial muscle of Facebook and Google. “They are going to have to find creative solutions to these problems, and if Mudge is famous for anything in security, it is being creative.”
Zatko said he was committed to improving public conversations on Twitter. He praised a recent move to increase “friction” by prompting users to comment instead of simply retweeting; a next step could be to force people to understand a long conversation before participating in it, he said.
Zatko said he appreciated Twitter’s openness to unconventional security approaches, such as his proposal for confusing bad actors by manipulating the data they receive from Twitter about how people interact with their posts.
“Mereka bersedia mengambil risiko,” kata Zatko tentang majikan barunya. “Dengan tantangan algoritme dan bias algoritmik, mereka tidak bersiaga dan menunggu hingga orang lain memecahkan masalah.”
