Twitter’s former security chief has come forward with a whistleblower complaint decrying the company’s mismanagement of security issues, and offering some cover to Elon Musk in the billionaire’s effort to get out of his acquisition deal in the process.
The 84-page report was filed by Peiter Zatko – professionally known under the hacker alias “Mudge” – with the Securities and Exchange Commission, the Department of Justice, and the Federal Trade Commission. It covers a range of issues, from poor server upkeep to vulnerable internal software access measures, but is broadly aimed at demonstrating that Twitter violated an 11-year-old settlement with the FTC in which it had promised it had a strong security plan.
About 11 of the filing’s 84 pages are dedicated to the issue of bots operating on Twitter’s social media platform.
Mudge argues that Twitter’s executives are disincentivized from tackling the bot issue, largely because of their focus on “monetizable Daily Active Users”, or “mDAUs”. The metric is important in persuading advertizers to buy ad space on the platform, and Mudge says that Twitter executives artificially inflated it by avoiding counting the number of spam bots on the platform, and potentially including spam bots in its counts of mDAUs.
Mudge asserts that executives stood to make as much as $10 million in collective bonuses based on raising the platform’s number of daily users.
It’s an argument that will be music to the ears of Elon Musk, who has been trying to back out of his agreement to acquire Twitter for $54.20 per share since a dramatic downturn in the markets occurred shortly after he made it. Musk has claimed that Twitter misled him about the number of spam bots active on its platform, and Mudge’s analysis would seem to validate his argument.
It also helps to illustrate the wisdom in Musk’s earlier proposal, when he was still keen on the acquisition, of taking measures to “authenticate all humans” on the social media platform in an effort to eliminate spam bot accounts. FaceTec, a leading company in selfie-based biometric identity verification, pitched its software for just such a purpose shortly thereafter. Indeed, its biometric technology is already playing a critical role in Humanode, a new blockchain platform that is premised on ensuring that each of its users is a unique individual.
For Twitter’s part, a spokesperson asserted that Mudge was fired after 15 month “for poor performance and leadership,” and anonymous source told The Washington Post that an internal investigation of Mudge’s claims during his tenure found them to be without merit.