It’s not rocket science why Elon Musk’s takeover of Twitter could be bad for privacy – TechCrunch

Elon Musk has ending weeks of speculation with the news that Twitter has accepted its offer to buy the platform for $54.20 per share, valuing the social media platform at approximately $44 billion.

While Musk’s endless Twitter chase has come to an end, for him at least, the next chapter in the story of Twitter and its hundreds of millions of users has only just begun.

The deal sparked immediate fears that Musk, a self-proclaimed ‘free speech absolutist’, could backtrack on content moderation, potentially undoing years of work that curbed the unfettered spread of hate speech. and misinformation. But experts were equally quick to warn of the potential privacy implications of the $44 billion buyout to make Twitter private, at a time when even employees are unclear about the company’s future.

In Per Musk’s short 78-word statement, one of his many proposed plans for Twitter to raise eyebrows in the industry is to open source the platform’s algorithmic code to make it publicly available. Musk says this change — which Twitter has been mulling over for some time — will help build trust in the platform, which for years has faced a wave of fake news and security incidents, including one that saw hackers hack high-profile Twitter profiles — including Musk’s — to promote a cryptocurrency scam.

But cybersecurity experts worry that Musk’s open-source vision for Twitter could make the platform more vulnerable to attackers.

“The decision to open this code likely means it will be adopted by other social platforms, advertisers and others looking to refine their user targeting,” said Jamie Moles, senior technical director at security firm ExtraHop. , at TechCrunch. “Of course, as with any widely adopted open source code, there are significant security implications. As we have seen with Log4Shell and Spring4Shell, vulnerabilities in widely used open source applications are exponentially more valuable. Open source code can increase transparency for Twitter users, but it can also make Twitter a much bigger target for attackers.

Moles says that if done correctly, Musk’s plan to wage war on so-called spambots, which have been used to spread malware and propagate political ideologies, could yield “new techniques that improve detection and identification of spam, spam messages and other malicious intrusion attempts,” he added. “This could well be a boon to security practitioners everywhere.”

Professor Eerke Boiten, head of the School of Computing and Computing at De Montfort University in the UK, has warned that Twitter’s open-source algorithm could lead malicious actors to ‘game’ the algorithm , which could see people treated differently based on their personal characteristics.

“Think, for example, of the external manipulation of Twitter’s targeted advertising aspects, which is a privacy concern even before it’s played,” Boiten said. “It would also accelerate the arms race for new ways to play and find countermeasures.”

Musk’s short statement left a lot to the imagination. He didn’t say what his plans were to “authenticate all humans.” Some see it as a plan to expand Twitter’s existing user verification system, or plan to introduce a real-name policy that would require users to provide documented proof of their legal name. Digital rights group the Electronic Frontier Foundation has raised concerns about real-name policies over the human rights value of pseudonymous speech, which Musk may not have considered. the ramifications that a lack of anonymity can have on certain groups of people.

“Pseudonymity and anonymity are essential to protect users who may have views, identities or interests that do not align with those in power,” EFF said in a blog post. “For example, policies that require real names on Facebook have been used to evict Native Americans; people using traditional Irish, Indonesian and Scottish names; Catholic clergy; transgender people; drag queens; and sex workers. Political dissidents can be in serious danger if those in power manage to discover their true identity.

The EFF also expressed concern about the continued lack of end-to-end encryption for direct messages from Twitter: “The fears that a new owner of the platform could read these messages are not unfounded”, added the EFF. .

Boiten also thinks cracking down on Musk’s pseudonym would be the most concerning aspect of Musk’s takeover. “Anonymity is in many contexts a prerequisite for privacy. Once Twitter is known to have authenticated its users, oppressive governments can demand authentication credentials from them, jeopardizing many of the subversive uses currently in those countries,” he said. “I wonder how many anonymous Twitter accounts are currently run by Tesla employees – Elon Musk strictly follows his own rules – so whistleblowers or would-be Tesla unionists wouldn’t be safe to authenticate on Twitter.”

In a tweet On Tuesday, Senator Mark Warner, chairman of the Senate Intelligence Committee, said Twitter was “more forward-thinking than many of its competitors in its efforts to combat false, misleading and manipulated content,” and while it said the company has “large room for improvement,” said Warner, who hopes Musk “will work in good faith to keep these necessary reforms in place and prevent a rollback that is harmful to democracy.”

For now, Musk’s takeover bid on Twitter remains subject to shareholder and regulatory approval.

Comments are closed.