Unless you’ve been living under a rock – or only follow sports – you’ve probably heard something about Elon Musk buying twitter.  It was on, it was off, they went to court, then suddenly it was back on, and now the deal has gone through.  Musk owns Twitter.

And it’s been a drunken clownshow ever since.

This piece from Platformer is a good starter.  Among other things:

• Musk fired all of the leadership (CEO, COO, etc.)
• Thousands of staff were let go.
• Those who didn’t faced the worst of the corporate Hunger Games, sometimes overseen by Tesla engineers.
• Then there was a desperate (and by all accounts unsuccessful) attempt to rehire some.
• New features were demanded on 48 hours notice, causing staff to work all weekend, only to be laid off on Monday.
• New feature rollout has been very botched, to say the least, with the platform changing nearly daily.  Meanwhile, the Blue/Red/Gold organization has been shredded, resulting in chaos, as many of the SMEs on Twitter’s home-engineered systems have been shown the door.

Some of this is not unusual in these kinds of acquisitions.  Like many of these deals, Musk borrowed heavily and now is eager to radically slash costs to pay back the massive debt he’s saddled Twitter with.  Unfortunately, Twitter was not exactly a cash cow prior to acquisition.

Depending on your lifestyle, this ranges from “amusing drama” to “a grave threat to the free world” to “a disruption in my life”.  But no matter where you land on that spectrum, you should stand up and take note of news today that all of Twitter’s privacy and security heads have resigned en masse.

Can’t Comply

Included in the resignations are

• Chief Information Officer (CIO).
• Chief Information Security Officer (CISO).  This is the person in organizations who bears ultimate responsibility for information security.  In other words, it’s their job to make sure Twitter doesn’t get hacked.
• Chief Privacy Officer
• Chief Compliance Officer.  Rather important since Twitter faces potentially billions in FTC fines owing to previous compliance issues (including spamming the phone numbers provided for OTP verification!)

As mentioned, Musk already fired the CEO, CFO, Chief Legal Officer, and General Counsel.  The head of trust and safety also resigned earlier.

That’s pretty much everybody at the top who has anything to do with security and privacy and legal compliance.

If you’ve ever had a Twitter account, that should scare you because one of the world’s largest social media networks is about to get hacked, and probably hacked hard.

A Large Torrent Coming Soon

I have no inside knowledge, but the scale of threats that Twitter faces from random hackers, state actors, political operatives (in many countries), criminal networks, terrorists, etc. is massive.  It will not take more than a few missed security advisories or a couple disgruntled engineers deciding to sell some code on the darker side of the web before Twitter is going to blow up, spewing everyone’s personal data all over the web.

Haven’t a number of recent high profile hacks been from developer laptops?  And now Twitter just mass-fired a few thousand people…hope they kept track of all that gear.

Yes, of course, the point of Twitter is tweet publicly so you might think “who cares if my public tweets are made public”.  But consider, there’s also

• Emails, login information, passwords, authentication.  Tons of people use Twitter as an authentication mechanism.  And of course, who’s to say hackers will make it immediately obvious they’re in control.
• Private messages.
• A ton of behavioral data about you.
• Correlations between that secret account you use to post nasty reactions on celebrities’ tweets when you’re drunk at 2am, a thousand other hacks, and your real email.
• And who knows what shenanigans are possible once someone gets inside or subverts the API.

Here’s a fun one: Richard Stallman of GNU fame once had a Twitter account that he used solely so he could comment on various articles on web sites.  He’s since added Twitter to his personal cancelled list, but suppose someone decides to assume that account?  Who cares if rms deleted it, if he ever did – an insider will just restore it.  We might get all sorts of fun rants retracting that whole GNU/Linux thing.

But seriously, cracking open Twitter wide and hard is going to be very ugly.  And once the platform goes down, it’s going to take a long time to recover because a lot of the people who need to recover it have probably been let go.

What You Can Do To Protect Yourself.  Just Kidding.

Unfortunately, this article does not end with a “here’s what you can do to protect yourself”.  You could remove your Twitter account, but it’s not clear that would really protect you.  Stopping use of any Twitter authorizations is probably wise.  If you were a low-volume user like me, well…

• Author
• Recent Posts

raindog308

Dread Lord of LowEnd Content at LowEndBox

I'm raindog308, techno polymath and long-time LowEndTalk community Administrator. My technical interests include all things Unix, perl, python, golang, shell scripting, vintage operating systems such as MVS, and relational database systems such as Oracle, PostgreSQL, and MySQL.

I also enjoy using LEBs! I have an empire of little guys for VPNs, larger guys for apps, and big guys for databases and storage. When I'm not in front a screen I'm into German Shepherd dogs, quality knives, target shooting, theology, tabletop roleplaying games, and forest hiking.

I enjoy writing technical articles here on LowEndBox to help people get more out of their systems. You can find me on LowEndTalk @raindog308

Latest posts by raindog308 (see all)

• NSD Tutorial Updated for 2024: Now With Zone Transfers! - April 19, 2024
• cPanel VPS Licenses for Only $4.00/Month!Dedicated for Only $4.50/Month!But There’s One Important Detail… - April 18, 2024
• Gloo.top – a Cool LowEndTalk Member Link Shortener You Should Check Out! - April 18, 2024