Avid Halaby Profile picture
Dec 12, 2022 17 tweets 7 min read Read on X
The stuff uncovered in the Twitter whistleblower report is much crazier than anything in the "Twitter files" but it's much less politically/tribally salient so it got no attention. Going to do a thread on some of the craziest things, in no particular order.
Twitter didn't monitor employee computers at all, it was not uncommon for employees to install spyware on work devices Image
Twitter does not have separate development, test, staging, and production environments. At least 5,000 employees had privileged access to production systems. ImageImage
In 2020, Twitter had security incidents serious enough they had to be reported to the federal government on an almost weekly basis. Meanwhile, Parag Agarwal was lying about how secure Twitter was. Image
On 1/6, Mudge (the whistleblower) wanted to take action to prevent potential sabotage by a rogue employee. He learned it was not possible for Twitter to secure its production environment. Image
Mudge realized that a data center failure could potentially cause the permanent loss of all of Twitter's data. He shared this fact with senior leadership, who instructed him not to put it in writing for the Board. ImageImageImage
A few months later, that exact eventuality almost came true, and only herculean effort by Twitter engineers prevented "permanent, irreparable failure." ImageImage
Twitter had no software development lifecycle, and misled both the FTC and its Board about this fact for a decade. Image
Mudge informed Agrawal that there were thousands of failed login attempts to Twitter's engineering system every day. Agrawal did nothing. Image
Twitter did not keep backups of employee computers. They used to, but then the system broke, was never fixed, and execs decided this was good because it meant they couldn't comply with regulators. Image
"Every new employee has access to data they do not need to have access to." Image
Twitter is probably still vulnerable to Log4j to this day, lol. Image
Twitter does not have licenses for the machine learning models it uses in its most basic products. Image
Twitter knowingly allowed itself to be infiltrated by, or otherwise a tool of, many governments. ImageImage
After Agrawal became CEO, he wanted to present materially misleading information to the Board, overriding Mudge's objections. Other employees raised similar objections. Ultimately it seems the material was shared anyway, and Mudge described the presentation to the Board as fraud. ImageImageImage
Internal review after the meeting confirmed this assessment. Mudge began working on a report to correct the record with the Board. As his report neared completion, he was fired. ImageImageImage
That's all I have the energy for tonight, I highly recommend reading the full report. PDF here: s3.documentcloud.org/documents/2218…

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Avid Halaby

Avid Halaby Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

:(