Twitter appoints top hacker Peiter Zatko, Aka Mudge, as head of security
The social media giant Twitter, under growing threat of regulation and plagued with serious security breaches, is appointing one of the world’s highest-rated hackers to tackle everything from engineering errors to misinformation.
On Monday, the company appointed Peiter Zatko, widely known for his handling of hacker Mudge, to the new position of chief of security, giving him a broad mandate to recommend changes to structure and practices. Zatko responds to the CEO Jack dorsey and is expected to assume management of key security functions after a 45-60 day review.
In an exclusive interview, Zatko said that he will examine “information security, site integrity, physical security, platform integrity, beginning to touch platform abuse and manipulation and engineering.”
Zatko recently oversaw security at the electronic payments unicorn Stripe. Before that, he worked on special projects in Google and supervised the delivery of grants for projects in cyber security at Pentagon famous Agency for Advanced Defense Research and Projects (DARPA).
Zatko’s colorful career began in the 1990s, when he was simultaneously doing classified work for a government contractor and was among the leaders of the Cult of the Dead Cow, a hacking group known for posting Windows hacking tools to incite Microsoft to improve security.
“I don’t know if anyone can fix From Four astronauts traveling in Elon Musk’s newly designed SpaceX spacecraft docked at the International Space Station Monday night Twittering security, but he would be at the top of my list, “said Dan Kaufman, who supervised Zatko at DARPA and now leads the advanced products group at Google.
Twitter faces numerous security challenges. A year ago, the US government accused two men of spying for Saudi Arabia when they worked on Twitter years earlier, saying they had relayed private information about critics of the kingdom.
In July, a group of young hackers misled employees and gained access to internal tools, which allowed them to change account settings and then tweet from accounts of the then presidential candidate Joe biden, Microsoft founder Bill gates and Tesla director Elon musk.
“This summer’s data breach was an important reminder of how far Twitter must go to develop some of the basic security features necessary to run a service run by adversaries far more skilled than the teens arrested for that incident,” said Alex. Stamos, a former Facebook chief security officer and current Stanford researcher who has helped lead efforts to combat election misinformation.
Stamos, who once worked for Zatko’s security consultancy, called him a great candidate for a company that lacks the financial muscle of Facebook and Google. “They will have to come up with creative solutions to these problems, and if Mudge is famous for anything in security, it’s for being creative.”
Zatko said he was committed to improving public conversations on Twitter. He praised a recent move to increase “friction” by prompting users to comment rather than simply retweet; a next step might be to force people to understand a long conversation before engaging in it, he said.
Zatko said he appreciated Twitter’s openness to unconventional security approaches, such as its proposal to confuse bad actors by manipulating the data they receive from Twitter about how people interact with their posts.
“They are willing to take some risks,” Zatko said of his new employer. “With the challenges of algorithms and algorithmic bias, they don’t sit still waiting for someone else to solve the problem.”