Updated on 2022-11-25
Musk told Twitter employees that the company’s paid verification program will remain suspended until he’s confident about stopping “significant impersonations”. It’s not clear how this is going to happen since Twitter Blue doesn’t actually verify someone’s identity. Read more: Twitter won’t restart paid verification until ‘significant impersonations’ stop, Elon Musk says
Updated on 2022-11-24
Now that Twitter is in the private hands of an egomaniac, how could it be controlled? Yoel Roth was the head of trust and safety at Twitter, and quit because he couldn’t deal with Musk. He writes in this op-ed that Twitter’s handling of speech and moderation will come down to the pressures of advertisers, regulators, and, perhaps most alarmingly, the app stores. Read more: I Was the Head of Trust and Safety at Twitter. This Is What Could Become of It.
Updated on 2022-11-22: Far-right figures reinstated on Twitter
Cyberscoop reports on how Twitter (also recently known as $8chan) is silently unbanning all the crazy right-wing figures the former management spent years removing from its platform for abhorrent abuses. Similarly, WaPo reports that the team that hunted foreign influence operations was either fired or decided to quit after Musk took over the site. Probably why advertisers are running for the hills and not even looking back. Read more:
- Beyond Trump, Twitter welcomes back purveyors of far-right disinformation
- Elon Musk’s ‘free speech’ agenda dismantles Twitter’s ability to police content
- I told my team to pause our $750K/month Twitter ads budget last week
Updated on 2022-11-21
Proofpoint witnessed a notable increase in phishing campaigns targeting Twitter user credentials. Many campaigns used lures related to Twitter verification or Twitter Blue. Read more: Threat actors exploiting Twitter changes after Musk takeover, research shows
Twitter is already melting down, as security fears rise
With only a fraction of the staff it had just three weeks ago as a public company, the post-Musk Twitter is already showing signs of decay. Twitter’s new CEO Elon Musk, the world’s richest breaker-and-leaver-of-things, started pulling cables out of the wall, including some of the essential “microservices” he claims only few users actually need, like SMS two-factor authentication (which thousands of users have enabled). Not great when your users are both simultaneously locked out and locked in, unable to log out for fear of losing their access. Things bounced back, briefly, only as fears for the platform’s security and integrity deepen. With few to protect the fort, what could happen in the event of a breach? Lawmakers are sounding the alarm over data security concerns. With no longer a comms department at Twitter, we might not even find out until it’s too late. Read more:
- Here’s How Bad a Twitter Mega-Breach Would Be
- Twitter’s SMS Two-Factor Authentication Is Melting Down
- Senators to FTC: Probe Twitter security, take needed action
- Is it safe to use Twitter? Security fears rise after Elon Musk drives off staff
Proud of my baby https://t.co/mubqPydIGu
— Micah Lee (@micahflee) November 18, 2022
NEW: Employees who have criticized Elon Musk in Twitter’s Slack channels were fired overnight over email.
“We regret to inform you that your employment is terminated immediately,” they’re being told over email. “Your recent behavior has violated company policy.”
— Casey Newton (@CaseyNewton) November 15, 2022
Updated on 2022-11-20: Twitter does its thing
A network of Twitter bot accounts has been blamed for stoking riots and physical clashes between Indian and Pakistani supporters at the end of August in the UK city of Leicester. More than 500 accounts were spotted urging both groups to violence, with some accounts tweeting as much as 500 times per minute. Read more: India-Based Twitter Accounts Fanned UK Unrest, Researchers Say
“After the first instances of fake videos spread on Twitter, a ‘highly orchestrated echo chamber,’ from India kicked into amplify tweets ‘solely blaming Muslims for the events in Leicester,’ the report claimed, which in turned spurred even more violence against Hindus in Leicester.”
Updated on 2022-11-19
It looks like Twitter Ads still work for smaller advertisers, despite all the ruckus. Some reports show no significant performance changes since Elon Musk’s takeover amid a number of bigger advertisers pausing ads “until there’s more certainty.” Read more: Many advertisers still using Twitter despite Musk’s chaos
Updated on 2022-11-18
Twitter working on encrypted DMs
While almost everything else is falling apart at Twitter, the company appears to be working on adding support for encrypted DMs. Probably not the trustworthy feature Musk envisions when there are reports of foreign intelligence agents lurking inside your company.
Twitter is bringing back end-to-end encrypted DMs
— Jane Manchun Wong (@wongmjane) November 16, 2022
Fringe groups love Musk’s Twitter acquisition
A joint report from social media analysis app SMAT and New Zealand NGO Tohatoha found that news of Musk’s formal Twitter acquisition has been met with great joy by various fringe and extremist groups in all of the internet’s darkest corners. Read more:
“From this initial research we can see that racist, conspiracy-driven, anti-democratic groups are very actively discussing and excited about the news of Musk’s takeover. […] Whether this drives them off of the fringe platforms and back into the mainstream remains to be seen, however the mainstreaming and platforming of their malicious campaigns seems to be an inevitable result. That Gab, an extremist friendly platform run by a Christian theocratic ultranationalist infamously known for a wide variety of hate based views, is most fervently discussing the takeover is itself a kind of ‘canary in the coalmine’ for the issues to come.”
Twitter accounts for sale on the dark web
With Twitter slowly becoming a swamp of right-wing, porn, and cryptocurrency spam, threat intel company Cybersixgill says there’s a flourishing underground market for Twitter bots, spam tools, and account hacking services that may play a big role in the platform’s future development and direction. Read more: Twitter has a massive dark web problem
Twitter data suggests most of the people buying Twitter Blue are promoting three things: right wing politics, cryptocurrency, and porn. https://t.co/yiXnqX1gw8
— Adam Smith (@adamndsmith) November 16, 2022
“Now, new data acquired by Cybersixgill appears to confirm that a significant portion of inauthentic Twitter accounts may have been built with tools and services found on the deep and dark web. And the problem is getting worse.”
Updated on 2022-11-17
“We regret to inform you that your employment is terminated effective immediately. Your recent behaviour has violated company policy.” As an employee, criticising Elon on Twitter — or even privately on Slack — will mean losing your job. Read more: Elon’s paranoid purge
I have spent ~6yrs working on Twitter for Android and can say this is wrong. https://t.co/sh30ZxpD0N
— Eric Frohnhoefer @ 🏡 (@EricFrohnhoefer) November 13, 2022
Updated on 2022-11-17: Ad agency GroupM is telling its clients to avoid buying ads on Twitter because it’s “high risk”
GroupM isn’t the first to issue this warning (IPG and Omnicom have done this in recent weeks), but this is Twitter’s biggest spender. It also issued a list of demands, including a “return to baseline NSFW levels”, new executives working on IT security, privacy, trust and safety, and a commitment to content moderation. The prospect of a Twitter bankruptcy looms larger by the day. Read more: Buying ads on Twitter is ‘high-risk’ according to the world’s biggest ad agency
Updated on 2022-11-16
GroupM – one of the largest media buying agencies – has advised their clients not to advertise on Twitter, due to the platform being “high risk” based on the events so far. Another headache for the platform’s new leadership. Read more: Twitter vs Advertisers: World’s largest media buying agency GroupM puts Elon Musk’s Twitter in ‘High Risk’ category
Updated on 2022-11-15: Another Twitter snafu
After Twitter’s bumbler-in-chief Elon Musk said the company would be turning off 80% of its “microservices” because they were just “bloatware,” it appears that one of the “microservices” they turned off was one that supported 2FA. While the service was turned back on, for a few hours on Tuesday, anyone who logged out of Twitter and had 2FA enabled couldn’t log back in. Read more:
Alright, so it looks like 2fa has been shut down. Making some backup codes, but if I get logged out, I may not be able to get back in. Will be posting a How To Reach Me stub and pinning it shortly. This is crazy. pic.twitter.com/vZoShmnkcl
— Ryan Broderick (@broderick) November 14, 2022
Updated on 2022-11-14
After last week’s debacle, Twitter decided to bring back the “official” label to certain accounts to fight impersonation. Seems like a piece of tape on a burst water line, but ah well. Read more: Twitter brings back “official” label after verified impersonator accounts run wild
To combat impersonation, we’ve added an “Official” label to some accounts.
— Twitter Support (@TwitterSupport) November 11, 2022
Updated on 2022-11-13: Twitter’s CISO departs after Musk takeover
Twitter’s security chief Lea Kissner has departed Twitter, the latest in a series of high level executives to depart the social media giant after Elon Musk, the world’s richest ruiner of things, took over the company for $44 billion. @CaseyNewton and The Verge broke news of Kissner’s unexpected (but not unsurprising) departure. Kissner then confirmed the news in a tweet. Yes, bad for Twitter as an ecosystem, but bad for Twitter legally. Let’s not forget Twitter is still under a 2011 consent decree with the FTC, which just fined the company $150 million a few months ago for violating that same decree by using emails and phone numbers intended for two-factor instead for targeted advertising. If Twitter thinks its engineers can just “self-certify” as it claims, it can’t, per @Riana_Crypto tweets: “That’s not how any of this works.” The FTC said in a statement that, “no CEO or company is above the law, and companies must follow our consent decrees.” Always read Techdirt for the deep dive on the potential ramifications. Guess we’ll ultimately have to wait to find out which is more powerful, a billionaire or the U.S. government’s chief consumer regulator. If anyone’s left at Twitter, please keep the lights on for as long as you can… Read more:
- Elon Musk is putting Twitter at risk of billions in fines, warns company lawyer
- Twitter to pay $150 million penalty for allegedly breaking its privacy promises – again
- Twitter admits it used two-factor phone numbers and emails for serving targeted ads
- Does Twitter Have Any Employees Left Who Remember That The Company Is Under A Strict Consent Decree With The FTC?
- Twitter’s content moderation head quits as departures alarm the FTC
Twitter resignations so far today:
– Head of Trust & Safety, Yoel Roth
– Sales Vice President Robin Wheeler
– Head of HR & talent, Kathleen Pacini
– Chief Information Officer Lea Kissner
– Chief Privacy Officer Damien Kieran
– Chief Compliance Officer Marianne Fogarty
— BNO News Live (@BNODesk) November 10, 2022
According to messages shared in Twitter Slack, Twitter’s CISO, chief privacy office, and chief compliance officer all resigned last night.
An employee says it will be up to engineers to “self-certify compliance with FTC requirements and other laws.”
— Casey Newton (@CaseyNewton) November 10, 2022
I've made the hard decision to leave Twitter. I've had the opportunity to work with amazing people and I'm so proud of the privacy, security, and IT teams and the work we've done.
I'm looking forward to figuring out what's next, starting with my reviews for @USENIXSecurity 😁
— Lea Kissner (@LeaKissner) November 10, 2022
(Disclosure: I used to be Twitter’s outside counsel, and I spent some time on loan from my firm to the in-house legal team in 2014. But I have little personal knowledge and no privileged info about their security controls.)
Updated on 2022-11-12: The latest episode of the Twitter and Elon Musk soap opera
Lots of turbulent air where the blue bird is flying…
Season recap: Elon Musk is now calling the shots at Twitter, as you’ve undoubtedly heard. And the exposure both Twitter and Elon are getting out of this is huge.
But is it worth $44B?
This week’s episode highlights: Twitter Blue is available in the US on iOS for $7.99/month, and it includes that elusive blue checkmark.
Also, the gray check mark made its way into the Twitterverse, but it was a short and awkward cameo, kinda like Captain America in Spider-Man: Homecoming.
Yep, the gray check has already been eliminated, and only the blue check remains.
Or so we thought! Just like Palpatine in The Rise of Skywalker, gray check mark is back again.
Another plot twist: The blue tick is meant to signal a verified account, but what’s actually happened is tons of fake accounts signed up to Twitter Blue and are impersonating some of the biggest names on the platform: LeBron James, George W. Bush, Tony Blair, and of course, Elon Musk himself, among countless others.
Not afraid of anything: Meanwhile, Elon’s not afraid of the FTC, or of rocketing past standard data governance and privacy or security processes.
One of Twitter’s lawyers is even telling employees to load up on whistleblower protection if they’re uncomfortable with what’s going on. Wild.
What to expect in the next episode: The fight against fake verified accounts is high on Twitter’s list of priorities. We’ll probably see updates for advertisers, too.
Note: There’s something changing at Twitter every day, and Elon has given us full warning that things will continue at a breakneck pace.
Please note that Twitter will do lots of dumb things in coming months.
We will keep what works & change what doesn’t.
— Elon Musk (@elonmusk) November 9, 2022
We’ll keep you posted on the biggest and most relevant updates that take priority, and we may also bring you this kind of rundown every once in a while.
Because… well, like any soap opera, it’s entertaining, shocking, and awful all at once.
Updated on 2022-11-11
Twitter laid off half of its workforce
Many didn’t even find out through their manager (hey, even the CEO was fired) — they only knew of their firing when they couldn’t log into their company email. Read more: Twitter’s case study of how not to lay people off
“I realise many are angry with me. I own the responsibility for why everyone is in this situation: I grew the company size too quickly. I apologise for that,” wrote Jack Dorsey. But hey, Jack’s problem wasn’t that he grew too quickly. It was that he invited the wolf into the farm.
So after cutting half of the company, Elon decided he couldn’t get things moving and asked some people to come back. Classy guy, isn’t he?
And after rolling out grey check marks for official high-profile accounts, Elon decided it wasn’t so smart after all. He reversed his decision within a day. Twitter didn’t say why (many of its PR staff were laid off, apparently).
Btw, if you really want that blue verification tick, you can pay $8 for it. The downside — people will know that you paid for social validation. L-)
Twitter’s newsletter platform Revue will be one of the products to be killed off by Musk. And that’s a good thing for Substack, which is already telling creators there’s a quick way to port everything over — archives, mailing lists, payments. Everything.
Advertisers are worried about this new phase of Twitter. A number of them, including Volkswagen, Pfizer, and General Mills, have paused their ads as they can’t tell where or how their brands will show up on the platform. “The current situation is unpredictable and chaotic, and bad actors and unsafe behaviours can thrive in such an environment. At this moment, we cannot confidently state that Twitter is a safe place for brands,” wrote Interpublic Group.
Updated on 2022-11-10
Paying for a Blue Tick
We’re all probably sick of hearing about Elon Musk and his recent Twitter purchase, but it is worth looking at the much sought-after blue tick. Not all the details have been announced but users are being asked to pay $8 a month for the blue tick. The initial move is seen by some as one towards a subscription-based and profitable model. How will the push for more revenue affect content creators and content consumers? Will revenue be used to pay popular creators? And more importantly, will consumers pay? Read more: Elon Musk’s Early Twitter Missteps Could Spark a Larger Trend Away from the App
In another episode of “what Elon’s doing at Twitter today,” a Twitter product executive revealed that there will be three types of accounts: official, paid and unlabeled. Sorry fans, but the official type is not for purchase. Read more: Twitter exec says there will soon be three types of accounts: official, paid and unlabeled
Turns out user growth is at an all time high. And if you’re worried about surges in hate speech, Twitter promises that “levels of hate speech remain within historical norms.” Might be time to run campaigns while other advertisers flee… Read more: Twitter tells advertisers that user growth is at ‘all-time highs’ under Elon Musk
How do you get banned on Twitter? Pretend you’re someone else. Elon Musk announced that impersonation is a no-go, unless you make clear it’s a parody account. We’re pretty sure that was always the case, though.
Going forward, any Twitter handles engaging in impersonation without clearly specifying “parody” will be permanently suspended
— Elon Musk (@elonmusk) November 6, 2022
The Interpublic Group of Companies—a global ad giant—is urging brands to pause Twitter ad spend for a week until there’s “more clarity on the platform’s plans for trust and safety.” Read more: Ad giant IPG advises brands to pause Twitter spending after Musk takeover
SCOOP: IPG is recommending client "temporary pause" all current media on Twitter, according to multiple sources.
— Ryan Barwick☕️ (@Ryanbarwick) November 1, 2022
Being a blue check is about to get pricey. One of Elon Musk’s first moves as Twitter CEO is to “upgrade” premium Twitter Blue subscription with a more expensive $20 membership that also verifies users. Interesting move… Read more: Twitter is planning to start charging $20 per month for verification
Updated on 2022-11-09: Elon’s clueless, part #917,663
Elon’s plan to allow users to verify themselves by purchasing a Twitter Blue subscription is not going as planned, with several “users” already running scams or personal attacks on the platform. In the meantime, Twitter’s Chief Information Security Officer, Lea Kissner, has resigned, along with the company’s Head of Trust and Safety Yoel Roth, Chief Compliance Officer Marianne Fogarty, and Chief Privacy Officer Damien Kieran. Rest in pieces, Twitter! Read more: Twitter chief information security officer Lea Kissner departs
It took me less than 25 minutes to set up a fake anonymous Apple ID using a VPN and disposable email, attach a masked debit card to it (with the address being Twitter's HQ), and get a verified account for a prominent figure. Just think what a nation-state or bad actor could do…
— Jack Lawrence (@JackMLawrence) November 9, 2022
El*n M*sk stated imposters, Threat Actors, and trolls, would be deterred by the $8 fee for the checkmark.
In less than 24 hours this has been proven to be false. pic.twitter.com/x59iNx3eOy
— vx-underground (@vxunderground) November 10, 2022
Twitter Blue is going about as well as everyone predicted, and it's an amazing spectacle to watch. Like a train crash filled with glitter. pic.twitter.com/Icb3vru3Ca
— matt ratt (@MisterRatt) November 10, 2022
Updated on 2022-11-07: Twitter implosion
As Twitter slowly implodes under Musk’s dilettante leadership, Mastodon reported that it reached an all-time high of 655,000 active users after an influx of 230,000 new users to the platform last week alone. And since we’re on it, you will be able to find the author of this newsletter on Mastodon here. Read more: Elon Musk’s Twitter faces US midterm elections, his first high-stakes test
Multiple sources and Twitter Blind chats now saying that the company has begun to reach out to some people it laid off yesterday asking them to come back. Whoops! 🥴
— Casey Newton (@CaseyNewton) November 6, 2022
The number of people who switched over to #Mastodon in the last week alone has surpassed 230 thousand, along with many returning to old accounts bumping the network to over 655 thousand active users, highest it's ever been!
Why? 👉 https://t.co/9Ik30hT3xR
— Mastodon (@joinmastodon) November 3, 2022
Updated on 2022-11-06: U.S. considers probe of Musk’s Twitter deal fearing national security
So, that happened. Elon Musk bought Twitter after months of back and forth and several attempts to get out of it. About half of its staff were laid off, the remaining pushed out account verification to anyone who wants it (remember, it was a court case that spurred identity verification on Twitter in the first place). Several problems: the fact that anyone can get verified now just by signing up for the premium features wasn’t built in time for its hasty weekend release, and cybercriminals are already capitalizing on the uncertainty and confusion with non-identity verified accounts by incorporating it into their phishing campaigns. Within hours of the news breaking that verification would be open for all, several phishing campaigns targeting Twitter users began near-immediately. Plus, according to the Washington Post, the U.S. is investigating if it even has the authority to review the deal, which it is considering, given the amount of foreign investment Musk took on (including the Saudis and Qataris) could concern U.S. national security. Read more:
- U.S. exploring whether it has authority to review Musk’s Twitter deal
- Twitter’s verification chaos is now a cybersecurity problem
- As Twitter brings on $8 fee, phishing emails target verified accounts
The chatter around Twitter's plans to charge for verification (still!) presents a cybersecurity challenge. Here’s the latest phishing email I received attempting to lure me into disclosing Twitter credentials and paying up👇👇 pic.twitter.com/O1oyOPg90H
— Nicole Sganga (@NicoleSganga) November 3, 2022
Twitter's ongoing verification chaos is now a cybersecurity problem. It looks like some people (including in our newsroom) are getting crude phishing emails trying to trick people into turning over their Twitter credentials. pic.twitter.com/Nig4nhoXWF
— Zack Whittaker (@zackwhittaker) October 31, 2022
Updated on October 2022
Elon Musk announced that he intends to create a content moderation council “with widely diverse viewpoints” to help regulate Twitter. Will be interesting to see how that works out…
Twitter will be forming a content moderation council with widely diverse viewpoints.
No major content decisions or account reinstatements will happen before that council convenes.
— Elon Musk (@elonmusk) October 28, 2022
So Elon Musk now says he’s going to close the Twitter deal. It wasn’t all that surprising — despite complaining about the number of bots on the platform and trying to worm his way out of the deal, he doesn’t have a choice but to follow through with his legally binding $44 billion offer to buy the company. The last thing he wants is to have this case play out in court, where he’ll be under oath and made to answer all sorts of embarrassing questions about what he knows, or at the very least, reveal more embarrassing text messages. There’s no way a Delaware court would allow the world’s richest man to flout corporate law. Twitter’s board also has its hands tied. Their obligation is to shareholders, and everyone knows there’s no better plan to get Twitter’s flagging share price back to Musk’s $54.20 per share offer. In the end, this fiasco has exposed Twitter for the mess it is — a poorly managed and struggling ad business of tremendous influence… and now in the hands of an egotistical billionaire with irresponsible ideas regarding free speech. We haven’t seen the end of this saga yet. Read more: Musk, Twitter could reach deal to end court battle, close buyout soon – source