An Technology blog focusing on portable devices. I have a news Blog @ News . I have a Culture, Politic and Religion Blog @ Opinionand my domain is @ Armwood.Com. I have a Jazz Blog @ Jazz. I have a Human Rights Blog @ Law.
Friday, August 26, 2022
Wednesday, August 24, 2022
Tuesday, August 23, 2022
No, James Webb Space Telescope Images Do Not Debunk the Big Bang
No, James Webb Space Telescope Images Do Not Debunk the Big Bang
“The JWST provides an intriguing look at the early universe, but it's not yet rewriting fundamental theories of the cosmos.
How did the universe come to be? The prevailing theory is everything that is began with the Big Bang. In a nutshell, the theory suggests everything, everywhere, all at once suddenly burst to life. The caveat being everything and everywhere prior to the Big Bang is fairly hard to conceptualize.
The Big Bang theory is currently the best model we have for the birth of our universe. Astrophysicists have shown the theory explains, fairly comprehensively, phenomena we've observed in space over decades, like lingering background radiation and elemental abundances. It's a robust framework that gives us a pretty good idea of how the cosmos came into being some 13.8 billion years ago.
But with the flurry of preprint papers and popular science articles about the James Webb Space Telescope's first images, old, erroneous claims that the Big Bang never happened at all have been circulating on social media and in the press in recent weeks. One scientist has claimed that the JWST images are inspiring "panic among cosmologists" -- that is, the scientists who study the origins of the universe.
This is simply not true. The JWST has not provided evidence disproving the Big Bang theory, and cosmologists aren't panicking. Why, then, are we seeing viral social media posts and funky headlines that suggest the Big Bang didn't happen at all?
To answer that question, and show why we should be skeptical of claims like this, we need to understand where the idea came from.
Where did "the Big Bang didn't happen" come from?
It all started with an article at The Institute of Art and Ideas, a British philosophical organization, on Aug. 11. The piece was written by Eric Lerner, who has long argued against the Big Big theory. He even wrote a book titled The Big Bang Never Happened in 1991.
This provocatively headlined article at IAI is also related to an upcoming debate Lerner is participating in, run by the IAI, dubbed "Cosmology and the Big Bust."
Lerner's article gathered steam across social media, being shared widely on Twitter and across Facebook, over the last week. It makes sense why it's caught fire: It's a controversial idea that upends what we think we know about the cosmos. In addition, it's tied to a new piece of technology in the James Webb telescope, which is seeing parts of the universe we've never been able to see before. Including Webb as the news hook here suggests there's new data which overturns a long-standing theory.
Don't get me wrong -- there is new and intriguing data emerging from the JWST. Just not the kind that would undo the Big Bang theory. Most of this new data trickles down to the public in the form of scientific preprints, articles that are yet to undergo peer review and land on repositories like arXiv, or popular press articles.
Lerner's piece uses some of the early JWST studies to attempt to dismiss the Big Bang theory. What's concerning is how it misconstrues early JWST data to suggest that astronomers and cosmologists are worried the well-established theory is incorrect. There are two points early in Lerner's article which show this:
- He points to a preprint with the word "Panic!" in its title, calling it a "candid exclamation."
- He misuses a quote from Allison Kirkpatrick, an astronomer at the University of Kansas.
The first point is just a case of Lerner missing the pun. The full title of the paperis "Panic! At the Disks: First Rest-frame Optical Observations of Galaxy Structure at z>3 with JWST in the SMACS 0723 Field." The first author of that preprint, astronomer Leonardo Ferreira, is clearly riffing on popular 2000s emo band Panic! at the Disco with his title. It's a tongue-in-cheek reference, not a cosmological crisis.
As for the second point, Lerner takes this quote from Allison Kirkpatrick, which comes from a Nature news article published on July 27:
"Right now I find myself lying awake at three in the morning and wondering if everything I've done is wrong."
This cherrypicked quote isn't in direct reference to the Big Bang theory. Rather, Kirkpatrick is reckoning with the first data coming back from the JWST about the early evolution of the universe. It's true there are some puzzles for astronomers to solve here, but, so far, they aren't rewriting the beginning of the universe to do so. Kirkpatrick has stated her quotes were misused and even changed her Twitter name to "Allison the Big Bang happened Kirkpatrick."
"We as scientists have a responsibility to educate the public, and I take that responsibility very seriously," Kirkpatrick told CNET. "Deliberately misleading the public makes it difficult for them to trust real scientists and to know fact from fiction."
In addition, Lerner's article claims that his ideas are being censored by the scientific establishment, and later he also points to his theory being important to develop fusion energy on Earth. It's no coincidence the same paragraph links to LPPFusion, a company run by Lerner aimed at developing clean energy technologies.
Why does this matter?
One of the chief reasons the Big Bang theory stands up is because of the cosmic microwave background. This was discovered in 1964. In short, the CMB is the radiation leftover from the Big Bang, right when the universe began and scientists have been able to "see" it with satellites that can detect that lingering radiation.
So to bolster evidence the Big Bang theory is incorrect, you'd need to explain the CMB another way. Lerner's dismissive of the CMB, and his proposal for the observation has been disproven in the past. If you're interested in further arguments against Lerner's hypotheses and why the claims don't add up, I recommend checking out Brian Keating's recent YouTube video. Keating is a cosmologist at the University of California, San Diego, and dives into a bit more detail about the limits of Lerner's arguments.
It's also important to note Webb is not built to see and undertake new analyses of the CMB itself. The telescope can't "see" that far back in time. However, it will look at an epoch a few hundred million years after the Big Bang. What it finds there will almost certainly reshape our views on the early universe, galaxies and the evolution of the cosmos. But it's disingenuous to claim the early images and study results have contradicted the Big Bang theory.
Kirkpatrick notes JWST's images actually do the opposite. She said they "support the Big Bang model because they show us that early galaxies were different than the galaxies we see today -- they were much smaller!"
Science is about making incremental progress in our understanding, coming to increasingly stronger conclusions based on observations. The observations astrophysicists and cosmologists have made over decades line up with the Big Bang theory. They don't line up anywhere near as neatly if we use Lerner's alternative theory. That's doesn't mean scientists won't find evidence overturning the Big Bang theory. They just might! But, for now, it remains our best theory for explaining what we see.
Scientific theories can -- and should -- be challenged by well-reasoned scientists presenting highly detailed and thoughtful arguments. This is not one of those times. And that means, despite the headlines, the Big Bang did happen.
Updated Aug 22: Added Kirkpatrick's quotes.“
The Washington Post - Breaking news and latest headlines, U.S. news, world news, and video
Former security chief claims Twitter buried ‘egregious deficiencies’
"In an explosive whistleblower complaint obtained by The Washington Post, former Twitter security chief Peiter ‘Mudge’ Zatko alleges the company misled regulators about lax security and spam
Twitter executives deceived federal regulators and the company’s own board of directors about “extreme, egregious deficiencies” in its defenses against hackers, as well as its meager efforts to fight spam, according to an explosive whistleblower complaint from its former security chief.
The complaint from former head of security Peiter Zatko, a widely admired hacker known as “Mudge,” depicts Twitter as a chaotic and rudderless company beset by infighting, unable to properly protect its 238 million daily users including government agencies, heads of state and other influential public figures.
Among the most serious accusations in the complaint, a copy of which was obtained by The Washington Post, is that Twitter violated the terms of an 11-year-old settlement with the Federal Trade Commission by falsely claiming that it had a solid security plan. Zatko’s complaint alleges he had warned colleagues that half the company’s servers were running out-of-date and vulnerable software and that executives withheld dire facts about the number of breaches and lack of protection for user data, instead presenting directors with rosy charts measuring unimportant changes.
The complaint — filed last month with the Securities and Exchange Commission and the Department of Justice, as well as the FTC — says thousands of employees still had wide-ranging and poorly tracked internal access to core company software, a situation that for years had led to embarrassing hacks, including the commandeering of accounts held by such high-profile users as Elon Musk and former presidents Barack Obama and Donald Trump.
In addition, the whistleblower document alleges the company prioritized user growth over reducing spam, though unwanted content made the user experience worse. Executives stood to win individual bonuses of as much as $10 million tied to increases in daily users, the complaint asserts, and nothing explicitly for cutting spam.
[Twitter to pay $150 million fine over deceptively collected data]
Chief Executive Parag Agrawal was “lying” when he tweeted in May that the company was “strongly incentivized to detect and remove as much spam as we possibly can,” the complaint alleges.
In an interview with The Post, Zatko described his decision to go public as an extension of his previous work exposing flaws in specific pieces of software and broader systemic failings in cybersecurity. He was hired at Twitter by former CEO Jack Dorsey in late 2020 after a major hack of the company’s systems.
[Twitter whistleblower won hacker acclaim for exposing software flaws]
“I felt ethically bound. This is not a light step to take,” said Zatko, who was fired by Agrawal in January. He declined to discuss what happened at Twitter, except to stand by the formal complaint. Under SEC whistleblower rules, he is entitled to legal protection against retaliation, as well as potential monetary rewards.
Story continues below advertisement
A redacted version of the 84-page filing went to congressional committees. The Post obtained a copy of the disclosure from a senior Democratic aide on Capitol Hill. Zatko is represented by the nonprofit law firm Whistleblower Aid. The FTC is reviewing the allegations, according to two people familiar with the preliminary inquiry. The Post interviewed more than a dozen current and former employees for this story, many of whom spoke on the condition of anonymity to discuss sensitive information.
“Security and privacy have long been top companywide priorities at Twitter,” said Twitter spokeswoman Rebecca Hahn. She said that Zatko’s allegations appeared to be “riddled with inaccuracies” and that Zatko “now appears to be opportunistically seeking to inflict harm on Twitter, its customers, and its shareholders.” Hahn said that Twitter fired Zatko after 15 months “for poor performance and leadership.”
Hahn added that Twitter has tightened up security extensively since 2020, that its security practices are within industry standards, and that it has specific rules about who can access company systems.
Regarding the allegations about spam and bots, Hahn said Twitter removes more than a million spam accounts every day, adding up to more than 300 million per year. Twitter pointed to its proxy statements noting that growing daily users is the smallest of three factors for earning cash bonuses, along with growing revenue and another financial goal.
Hahn said that Twitter “fully stands by” its SEC filings and approach to fighting spam.
A person familiar with Zatko’s tenure said the company investigated Zatko’s security claims during his time there and concluded they were sensationalistic and without merit. Four people familiar with Twitter’s efforts to fight spam said the company deploys extensive manual and automated tools to both measure the extent of spam across the service and reduce it.
The SEC, DOJ and FTC declined to comment.
Twitter Whistleblower Complaint to SEC
Peiter "Mudge" Zatko, fired as Twitter's head of security in January, filed a complaint with the Securities and Exchange Commission in July, accusing the company of deceiving shareholders and the Federal Trade Commission by hiding how weak its defenses had been against hackers. The Post obtained this redacted version from a Congressional staff.
Twitter's Efforts Against Propaganda
During his first year as Twitter's head of security, Peiter Zatko commissioned an outside firm to examine how the company dealt with government propaganda and other misinformation and to suggest ways to do better. The firm, which sources identified as Alethea Group, produced this report identifying staff shortages and a system formed by lurching from crisis to crisis.
Security Chief's Final Report to Twitter
After terminating Peiter Zatko, Twitter asked him to spell out his concerns with the company's security so that it could investigate. This document, attached as an exhibit to this month's whistleblower complaint, was the result.
The complaint has potential implications for Twitter’s legal battle with Musk, who is trying to get out of a $44 billion contract to buy the social media platform. The deal includes a pledge by Twitter that its shareholder filings are accurate. But Musk contends that Twitter has drastically underestimated the number of bots on its platform, a violation that should allow him to walk away without penalty. The dispute is set to go to trial in Delaware Chancery Court in October.
[New whistleblower allegations could factor into Twitter vs. Musk trial]
Overall, Zatko wrote in a February analysis for the company attached as an exhibit to the SEC complaint, “Twitter is grossly negligent in several areas of information security. If these problems are not corrected, regulators, media and users of the platform will be shocked when they inevitably learn about Twitter’s severe lack of security basics.”
Zatko’s complaint says strong security should have been much more important to Twitter, which holds vast amounts of sensitive personal data about users. Twitter has the email addresses and phone numbers of many public figures, as well as dissidents who communicate over the service at great personal risk.
This month, an ex-Twitter employee was convicted of using his position at the company to spy on Saudi dissidents and government critics, passing their information to a close aide of Crown Prince Mohammed bin Salman in exchange for cash and gifts.
Zatko’s complaint says he believed the Indian government had forced Twitter to put one of its agents on the payroll, with access to user data at a time of intense protests in the country. The complaint said supporting information for that claim has gone to the National Security Division of the Justice Department and the Senate Select Committee on Intelligence. Another person familiar with the matter agreed that the employee was probably an agent.
Senate Intelligence Committee spokeswoman Rachel Cohen said the committee is trying to set up a meeting with Zatko to discuss the complaint in detail.
“Take a tech platform that collects massive amounts of user data, combine it with what appears to be an incredibly weak security infrastructure and infuse it with foreign state actors with an agenda, and you’ve got a recipe for disaster,” Charles E. Grassley (R-Iowa), the top Republican on the Senate Judiciary Committee, said in a statement. His office has had discussions with Zatko about the allegations. “The claims I’ve received from a Twitter whistleblower raise serious national security concerns as well as privacy issues, and they must be investigated further.”
Many government leaders and other trusted voices use Twitter to spread important messages quickly, so a hijacked account could drive panic or violence. In 2013, a captured Associated Press handle falsely tweeted about explosions at the White House, sending the Dow Jones industrial average briefly plunging more than 140 points.
[Former Twitter worker convicted of spying for Saudi Arabia]
After a teenager managed to hijack the verified accounts of Obama, then-candidate Joe Biden, Musk and others in 2020, Twitter’s chief executive at the time, Jack Dorsey, asked Zatko to join him, saying that he could help the world by fixing Twitter’s security and improving the public conversation, Zatko asserts in the complaint.
Like many in technology, Dorsey had admired the hacker’s history as a trailblazer, according to three people familiar with his remarks on the matter. He did not respond to requests for comment. In 1998, Zatko had testified to Congress that the internet was so fragile that he and others could take it down with a half-hour of concentrated effort. He later served as the head of cyber grants at the Defense Advanced Research Projects Agency, the Pentagon innovation unit that had backed the internet’s invention.
But at Twitter Zatko encountered problems more widespread than he realized and leadership that didn’t act on his concerns, according to the complaint.
Twitter’s difficulties with weak security stretches back more than a decade before Zatko’s arrival at the company in November 2020. In a pair of 2009 incidents, hackers gained administrative control of the social network, allowing them to reset passwords and access user data. In the first, beginning around January of that year, hackers sent tweets from the accounts of high-profile users, including Fox News and Obama.
Twitter’s history of security lapses
Regulators to settle allegations that the company violated its 2011 agreement and require the company to start a new information security program.
Twitter has publicly wrestled with security incidents since long before former head of security Peiter Zatko joined the company in 2020. For more than a decade, the company has suffered high-profile breaches and regulatory fallout that have broad implications for politics, media and financial markets.
2009: In a pair of incidents, hackers gained administrative control of the social network, allowing them to reset passwords, access user data and send unauthorized tweets, including from the account of President-elect Barack Obama.
2011: The Federal Trade Commission reaches a settlement with Twitter over the 2009 breaches, and the company enters a 20-year order that requires it to create and maintain a comprehensive security program that is subject to independent audits.
2013: The Dow briefly nose-dives after a hacking collective takes control of the Associated Press’s official account and falsely tweets there were a pair of explosions at the White House that left Obama injured.
2017: A departing Twitter employee briefly deactivates President Donald Trump’s personal account for 11 minutes, prompting serious debate about the damage that could be done when the president’s account is compromised.
2018: Twitter tells its more than 330 million users to change their passwords after it uncovers a bug that left the credentials visible in the company’s internal systems, even though it is best practice to mask them so they can’t be misused.
2019: Twitter announces that it mishandled email addresses and phone numbers collected for security purposes, allowing the data to “inadvertently” be used to target ads.
2022: Regulators fine Twitter $150 million to settle allegations that the company violated its 2011 agreement and require the company to start a new information security program.
Twitter has publicly wrestled with security incidents since long before former head of security Peiter Zatko joined the company in 2020. For more than a decade, the company has suffered high-profile breaches and regulatory fallout that have broad implications for politics, media and financial markets.
Several months later, a hacker was able to guess an employee’s administrative password after gaining access to similar passwords in their personal email account. That hacker was able to reset at least one user’s password and obtain private information about any Twitter user.
The FTC investigated and sued Twitter in a case that led to one of the first big privacy consent orders with a tech company. In a 2011 settlement, Twitter agreed to implement, monitor and adjust security safeguards to protect users.
Yet Twitter continued to suffer high-profile hacks and security violations, including in 2018, when a contract worker briefly took over Trump’s account, and in the 2020 hack, in which a Florida teen tricked Twitter employees and won access to verified accounts. Twitter then said it put additional safeguards in place.
A former FTC official who worked on the case said the agency was badly understaffed at the time, and that the enforcement division had failed to keep a close eye on multiple companies after reaching privacy settlements, including the one with Twitter.
[Florida teen arrested as mastermind of Twitter hack]
This year, the Justice Department accused Twitter of asking users for their phone numbers in the name of increased security, then using the numbers for marketing. Twitter agreed to pay a $150 million fine for allegedly breaking the 2011 order, which barred the company from making misrepresentations about the security of personal data.
The Whistleblower Aid complaint includes allegations that suggest that Twitter’s security practices were even worse than regulators knew.
After Zatko joined the company, he found it had made little progress since the 2011 settlement, the complaint says. The complaint alleges that he was able to reduce the backlog of safety cases, including harassment and threats, from 1 million to 200,000, add staff and push to measure results.
But Zatko saw major gaps in what the company was doing to satisfy its obligations to the FTC, according to the complaint. In Zatko’s interpretation, according to the complaint, the 2011 order required Twitter to implement a Software Development Life Cycle program, a standard process for making sure new code is free of dangerous bugs. The complaint alleges that other employees had been telling the board and the FTC that they were making progress in rolling out that program to Twitter’s systems. But Zatko alleges that he discovered that it had been sent to only a tenth of the company’s projects, and even then treated as optional.
Story continues below advertisement
If Zatko’s allegations are proven, the company could face substantial penalties — potentially in the hundreds of millions of dollars — said David C. Vladeck, who was director of the FTC’s bureau of consumer protection at the time of the settlement.
“If all of that is true, I don’t think there’s any doubt that there are order violations,” Vladeck, who is now a Georgetown Law professor, said in an interview. “It is possible that the kinds of problems that Twitter faced eleven years ago are still running through the company.”
[Why Twitter CEO Jack Dorsey Picked Parag Agrawal to run Twitter]
The complaint also alleges that Zatko warned the board early in his tenure that overlapping outages in the company’s data centers could leave it unable to correctly restart its servers. That could have left the service down for months, oreven have caused all of its data to be lost. That came close to happening in 2021, when an “impending catastrophic” crisis threatened the platform’s survival before engineers were able to save the day, the complaint says, without providing further details.
One current and one former employee recalled that incident, when failures at two Twitter data centers drove concerns that the service could have collapsed for an extended period. “I wondered if the company would exist in a few days,” one of them said.
The current and former employees also agreed with the complaint’s assertion that past reports to various privacy regulators were “misleading at best.”
For example, they said the company implied that it had destroyed all data on users who asked, but the material had spread so widely inside Twitter’s networks, it was impossible to know for sure. The current employee said Twitter had just completed a project, known as Project Eraser, that would ensure the deletion of such data. A person familiar with the matter, who also spoke on the condition of anonymity because of legal issues, said that Twitter had only said the accounts were deactivated and had improved its ability to find and delete the data.
As the head of security, Zatko says he also was in charge of a division that investigated users’ complaints about accounts, which meant that he oversaw the removal of some bots, according to the complaint. Spam bots — computer programs that tweet automatically — have long vexed Twitter. Unlike its social media counterparts, Twitter allows users to program bots to be used on its service: For example, the Twitter account @big_ben_clock is programmed to tweet “Bong Bong Bong” every hour in time with Big Ben in London. Twitter also allows people to create accounts without using their real identities, making it harder for the company to distinguish between authentic, duplicate and automated accounts.
[Musk's question about bots is nothing new for Twitter]
Wall Street has pressed Twitter about bots because the company historically included some automated accounts in its quarterly estimate of daily users — even though those accounts don’t see ads and therefore Twitter can’t earn money off them. In 2019, the company changed how it calculated such numbers to focus on those who can view and potentially click on ads. In every quarterly SEC filing since, Twitter has estimated that fewer than 5 percent of the monetizable daily users are spam and bots.
In the complaint, Zatko alleges he could not get a straight answer when he sought what he viewed as an important data point: the prevalence of spam and bots across all of Twitter, not just among monetizable users.
Zatko cites a “sensitive source” who said Twitter was afraid to determine that number because it “would harm the image and valuation of the company.” He says the company’s tools for detecting spam are far less robust than implied in various statements.
Story continues below advertisement
“Agrawal’s Tweets and Twitter’s previous blog posts misleadingly imply that Twitter employs proactive, sophisticated systems to measure and block spam bots,” the complaint says. “The reality: mostly outdated, unmonitored, simple scripts plus overworked, inefficient, understaffed, and reactive human teams.”
The four people familiar with Twitter’s spam and bot efforts said the engineering and integrity teams run software that samples thousands of tweets per day, and 100 accounts are sampled manually.
Some employees charged with executing the fight agreed that they had been short of staff. One said top executives showed “apathy” toward the issue.
Zatko’s complaint likewise depicts leadership dysfunction, starting with the CEO. Dorsey was largely absent during the pandemic, which made it hard for Zatko to get rulings on who should be in charge of what in areas of overlap and easier for rival executives to avoid collaborating, three current and former employees said.
For example, Zatko would encounter disinformation as part of his mandate to handle complaints, according to the complaint. To that end, he commissioned an outside report that found one of the disinformation teams had unfilled positions, yawning language deficiencies, and a lack of technical tools or the engineers to craft them. The authors said Twitter had no effective means of dealing with consistent spreaders of falsehoods.
Dorsey made little effort to integrate Zatko at the company, according to the three employees as well two others familiar with the process who spoke on the condition of anonymity to describe sensitive dynamics. In 12 months, Zatko could manage only six one-on-one calls, all less than 30 minutes, with his direct boss Dorsey, who also served as CEO of payments company Square, now known as Block, according to the complaint. Zatko allegedly did almost all of the talking, and Dorsey said perhaps 50 words in the entire year to him. “A couple dozen text messages” rounded out their electronic communication, the complaint alleges.
Faced with such inertia, Zatko asserts that he was unable to solve some of the most serious issues, according to the complaint.
Some 30 percent of company laptops blocked automatic software updates carrying security fixes, and thousands of laptops had complete copies of Twitter’s source code, making them a rich target for hackers, it alleges. A successful hacker takeover of one of those machines would have been able to sabotage the product with relative ease, because the engineers pushed out changes without being forced to test them first in a simulated environment, current and former employees said. A person familiar with the matter said Twitter had adequate defenses.
“It’s near-incredible that for something of that scale there would not be a development test environment separate from production and there would not be a more controlled source-code management process,” said Tony Sager, former chief operating officer at the cyberdefense wing of the National Security Agency, the Information Assurance Division. “Almost any attack scenario is fair game and probably easily executed.” Sager is currently senior vice president at the nonprofit Center for Internet Security, where he leads a consensus effort to establish best security practices.
The complaint says that about half of Twitter’s roughly 7,000 full-time employees had wide access to the company’s internal software and that access was not closely monitored, giving them the ability to tap into sensitive data and alter how the service worked. Three current and former employees agreed that these were issues.
Story continues below advertisement
“A best practice is that you should only be authorized to see and access what you need to do your job, and nothing else,” said former U.S. Chief Information Security Officer Gregory Touhill. “If half the company has access to and can make configuration changes to the production environment, that exposes the company and its customers to significant risk.”
The complaint says Dorsey never encouraged anyone to mislead the board about the shortcomings, but that others deliberately left out bad news.
When Dorsey left in November 2021, a difficult situation worsened under Agarwal, who had been responsible for security decisions as chief technology officer before Zatko’s hiring, the complaint says.
An unnamed executive had prepared a presentation for the new CEO’s first full board meeting, according to the complaint. Zatko’s complaint calls the presentation deeply misleading.
The presentation showed that 92 percent of employee computers had security software installed — without mentioning that those installations determined that a third of the machines were insecure, according to the complaint.
Another graphic implied a downward trend in the number of people with overly broad access, based on the small subset of people who had access to the highest administrative powers, known internally as “God mode.” That number was in the hundreds. But the number of people with broad access to core systems, which Zatko had called out as a big problem after joining, had actually grown slightly and remained in the thousands.
The presentation included only a subset of serious intrusions or other security incidents, from a total Zatko estimated as one per week, and it said that the uncontrolled internal access to core systems was responsible for just seven percent of incidents, when Zatko calculated the real proportion as 60 percent.
Zatko stopped the material from being presented at the Dec. 9, 2021 meeting, the complaint said. But over his continued objections, Agrawal let it go to the board’s smaller Risk Committee a week later.
Agrawal didn’t respond to requests for comment.
On Jan. 4, Zatko reported internally that the Risk Committee meeting might have been fraudulent, which triggered an Audit Committee investigation.
Agarwal fired him two weeks later. But Zatko complied with the company’s request to spell out his concerns in writing, even without access to his work email and documents, according to the complaint.
Since Zatko’s departure, Twitter has plunged further into chaos with Musk’s takeover, which the two parties agreed to in May. The stock price has fallen, many employees have quit, and Agrawal has dismissed executives and frozen big projects.
Zatko said he hoped that by bringing new scrutiny and accountability, he could improve the company from the outside.
“I still believe that this is a tremendous platform, and there is huge value and huge risk, and I hope that looking back at this, the world will be a better place, in part because of this.”
About this story
Editing by Christina Passariello and Alexis Sobel Fitts. Copy editing by Adrienne Dunn. Photo editing by Monique Woo. Design and development by Chloe Meister and Yutao Chen. Design editing by Virginia Singarayar. Project management by Courtney Kan and Jay Wang."