The social media platform Twitter, which is under increasing threat from regulation and suffers from serious security breaches, has appointed one of the world’s best hackers to tackle everything from engineering errors to misinformation.
The platform has employed Peiter Zatko, widely known as Mudge, as the head of security, giving him a broad mandate to recommend changes to structure and practices.
In an exclusive interview, Zatco said he will examine information security, site integrity, physical security and platform integrity.
Zatco recently supervised security at the financial services company Stripe, previously worked on special projects at Google, and oversaw the distribution of grants for cybersecurity projects at the Pentagon’s iconic Defense Research and Projects Agency, DARPA.
Zatco’s career began in the 1990s, and was among the leaders of a hacking group famous for releasing Windows hacking tools to urge Microsoft to improve security.
Twitter faces several security challenges, as a group of hackers deceived employees in July and gained access to internal tools.
This allowed the hackers to change the account and Twitter settings from the accounts of then-presidential candidate (Joe Biden), Microsoft founder (Bill Gates), and Tesla CEO (Elon Musk).
“Zatco is well suited for a company that lacks the financial strength of Facebook and Google,” said Alex Stamos, a former Facebook chief security officer and current Stanford University researcher who helped lead the effort to combat electoral disinformation.
He added: Twitter has to find creative solutions to these problems, and Zatco is known in the security field for creative solutions.
Zatko said he is committed to improving public conversations on Twitter, and praised the latest step to increase engagement by prompting users to comment rather than simply retweet.
The next step, he explained, might be forcing people to understand the long conversation before participating in it.
Zatko said he appreciates Twitter’s openness to unconventional security methods, such as its suggestion to confuse bad actors by manipulating the data they receive from Twitter about how people interact with posts.