Mastodawn

"We’ve confirmed that Irwin has access to user DMs as part of her position. Given the way the company has handled the Twitter Files, multiple former employees told us that DMs are no longer secure, and have discouraged us from using them for any remotely sensitive communication."

https://www.platformer.news/p/another-whistleblower-comes-for-twitter @caseynewton @zoeschiffer

Another whistleblower comes for Twitter

Is the real threat the company's "God Mode" — or its trust and safety team?

Platformer

Drew Harwell Jan 31, 2023

Ella Irwin also explicitly directed Twitter to ban journalists like me. The fact that she has used her access to people's private messages should be a wake-up call to everyone on Twitter, especially journalists; how can you protect sources in a place like that?

https://www.washingtonpost.com/media/2022/12/15/twitter-journalists-suspended-musk/

https://www.bloomberg.com/news/articles/2023-01-27/elon-musk-s-twitter-trust-safety-head-ella-irwin-breaks-rules-for-him

Musk suspends journalists from Twitter, claims ‘assassination’ danger

Many of the journalists, including from The Washington Post and New York Times, had written about dramas surrounding billionaire Elon Musk's takeover of Twitter.

The Washington Post

@drewharwell “Free Speech”

Unixorn Jan 31, 2023

A useful #FeatureRequest for Mastodon would be adding a way of setting up autoreplies to private messages the same way most email systems allow vacation responses. -This way if someone sends a private message to a journalist they could have it would respond with "XXX uses Signal/Whatsapp/Whatever" for private message - please use that instead"

It could also be used as a vacation responder "I'm on vacation, don't expect timely replies until XXX" for non-journalists.

Dawn Tåke 🏳️‍⚧️Jan 31, 2023

@unixorn
You should post that as a request on the GitHub. Its a good idea.

Normal Guy Jan 31, 2023

@drewharwell Talk doesn’t jack to Musk and his people! Leaving the bird site is the only way to punish these despicable people.

aardvark Jan 31, 2023

@normalguy @drewharwell deleted my account. Was hard to commit to but then I did it and deleting the app was a good next step.

Fyzzlefry Feb 2, 2023

@normalguy @drewharwell It's really just parler now, but with more bots.

Bud Gibson Jan 31, 2023

@drewharwell I think people stick with Twitter for the perceived reach. The way the system is currently working though, I think that perception is questionable.

KanaMauna Feb 1, 2023

@BudGibson @drewharwell

Come for the reach, stay for the fascism.

Bud Gibson Feb 1, 2023

@KanaMauna @drewharwell lol

n0body Jan 31, 2023

@drewharwell this incident saddens me not because Twitter's leadership is corrupt but because there's been no response from the journalism community, no united front, and a complete lack of pushback from the editors of affected organizations. The response has been a collective shrug.

John Gordon Jan 31, 2023

@n0body @drewharwell

Yeah when the stress test came American journalism failed. Turns out they are as weak as the rest of us.

Old Man Mike Jan 31, 2023

@n0body @drewharwell the “journalism community” is dead. They’re all PR people now.

Robert Denby Jan 31, 2023

AGAIN? What is it with him and assassinations?! Wouldn't therapy be cheaper than this bullshit?

Ryan Fisher Jan 31, 2023

@Bullix @drewharwell No not again. That's the same article from December.

Jeff Jan 31, 2023

@drewharwell supporting musk is same as early supporters of Hitler

Sirpushalot Jan 31, 2023

@drewharwell Twitter is not safe for journos anymore. LEAVE!

Peter Butler Jan 31, 2023

@drewharwell I find it very remarkable that you are still (it seems) banned from Twitter, yet the site presents your profile as live with no indication you’ve been banned.

And this still affects other reporters too, e.g Steve Hernan.

And no one is reporting on it! And all the other journalists just keep using Twitter!! Bonkers.

Drew Harwell Feb 2, 2023

@peterbutler Yeah. That's right. Other journalists, too.

john r red-horse Feb 2, 2023

@peterbutler
That last part is what I find perplexing.

JR 🏳️‍🌈Jan 31, 2023

@drewharwell I'm still trying to understand why journalists or anyone really is supporting his platform with their presence. If the product is bad, move on to another product even if it was once really good in the past.

Caledonia 🏴󠁧󠁢󠁳󠁣󠁴󠁿Jan 31, 2023

@drewharwell Assassination danger? He’s not important enough to be murdered and have it called an assassination.

Deji Jan 31, 2023

@drewharwell When are all of you legit journalists going to leave the #Dirtybird for good. If you ALL left, so would most of the legit advertisers. If you ALL left and came exclusively to #mastodon you’d have the freedom of the #fediverse without algorithms, political pressure, and a fascist owner. Geez. What’s it gonna take?

Bethany Jan 31, 2023

@drewharwell Musk is a fascist and a Nazi.

eventoedungulate Feb 1, 2023

@drewharwell This is also a compelling case for why big tech cannot be trusted with unencrypted communication. Even if you trust the current owners and leadership, that can change fast, as well as laws can change fast.

Antone Johnson Feb 1, 2023

@drewharwell Not even a journo, but I certainly wouldn't trust them with anything highly sensitive. As always, tools like Signal exist for such purposes. That said, we still have laws.

If Twitter misappropriates people's private DMs (a violation of ECPA/SCA, its Privacy Policy, and likely a bunch of other laws), it should be sued into oblivion in a class action by all whose DMs are stolen, and the evidence handed over to FTC for (yet more) sanctions for (yet another) breach of user privacy.

Tim Kellogg Feb 1, 2023

@drewharwell mastodon has the same problem (admins can see your DMs). as a journalist, you may want to migrate to a smaller instance like journa.host. i hope (maybe?) they give better guarantees on the privacy of your DMs than the average admin

Costantino Pistagna Feb 1, 2023

@drewharwell Couldn’t believe that this is happening for real 😮

Sebastian Jan 31, 2023

@drewharwell @caseynewton @zoeschiffer @Gargron has anyone looked in the privacy policy in regard to this? Is this even legal?

JD Jan 31, 2023

@drewharwell @caseynewton @zoeschiffer anyone who would trust Musk with their info is crazy. He’d sell out any liberal, left leaning person or anarchist or who he deemed Antifa or “woke” to people like Andy Ngo in a second.

The DJ Mr P Jan 31, 2023

@drewharwell @caseynewton @zoeschiffer not to be pedantic but were DMs ever secure? There are so many ways messaging can be insecure and TWITer checks a lot of those boxes.

Aral Balkan Jan 31, 2023

@drewharwell DMs were never secure. The only way DMs could have been secure is if they’d been end-to-end encrypted. They were always insecure but some folks were fine with who had access to them.

It’s similar to building a surveillance state under Obama and then freaking out when Trump gets access to it. Perhaps we have to start thinking about not building such things or accepting them to begin with even if it’s our friends who are running them at the time.

@caseynewton @zoeschiffer

loums Jan 31, 2023

@aral @drewharwell @caseynewton @zoeschiffer In the olden days we'd call a toll free number that would log your phone number, then "they" cross-reference it against a mailing list, identify you...... Isn't today just a natural and unavoidable progression? (Respectfully asked btw)

Dieu Jan 31, 2023

@aral @drewharwell @caseynewton @zoeschiffer a running gag I used in DM conversations was "let's switch to Signal lest we end like Roger Stone".

Anders Thoresson Jan 31, 2023

@aral @drewharwell @caseynewton @zoeschiffer I have educated Swedish reporters on digital source protection for many years, and have repeated this over and over again.

And yet, even in 2023, I see reporters using Twitter (and other social media services) to find sources, offering source protection but no other contact way than DMs.

And this is not about Twitter. This is about understanding tools and choosing the right one.

Anders Thoresson Jan 31, 2023

@aral @drewharwell @caseynewton @zoeschiffer I hate that we are now at the “told you so”-stage.

Aral Balkan Jan 31, 2023

@anders @drewharwell @caseynewton @zoeschiffer A magazine once asked a bunch of us to literally say “I told you so” about surveillance-based tech (or “people farming” as I call it). I told them I’d only do it if I could point out their own hyprocrisy as a company reliant on adtech. The result:

https://thenextweb.com/news/forced-9-privacy-experts-say-told-facebook-hopefully-well-listen-next-time

(I can’t believe that was five years ago.)

We forced 9 privacy experts to say “I told you so” about Facebook – hopefully we’ll listen next time

We should have known that Facebook was abusing our data. Why? Because lots of privacy activists told us so. Since most of them are too good of a human to rub that in our nose, we went ahead and forced them to accept our spoonfed quote. Hope

TNW | Facebook

ares Jan 31, 2023

@aral @anders @drewharwell @caseynewton @zoeschiffer

it's way worse than just direct messages

if you're doing any comms or organizing for antifascist causes, assume your identity is leaked to fascists

assume your email, your phone number, your ip addresses are already doxxed

and it doesn't help to start using a vpn now, because twitter has your history from when you didn't use a vpn

you'd need to create a new account using the vpn, and only disclose phone number and email that aren't linked to you, and only access twitter from the vpn

pre-elmo twitter had a good reputation for defending anon users from fascists, but that's all over now

Aral Balkan Jan 31, 2023

@ares Oh yeah, Twitter’s gone full fascist. I used to call Elon Musk “proto-fascist” (as in “proto-fascist billionaire man-baby”) but I’ve dropped the “proto” recently.

(My point was more on the slippery slope of neoliberalism / surveillance capitalism that builds the infrastructure for fascism. All the fascists have to do then is to move in.)

@anders @drewharwell @caseynewton @zoeschiffer

lightspeed Jan 31, 2023

@aral @drewharwell @caseynewton @zoeschiffer

I was always somewhat amused when people were discussing Mastodon DMs weren't secure a few months/weeks ago, but apparently didn't realize DMs on other platforms weren't necessarily secure either.

Old Man Mike Jan 31, 2023

@drewharwell @caseynewton @zoeschiffer Quelle surprise from fascist social network Twitter

Julia Jan 31, 2023

@drewharwell @caseynewton @zoeschiffer What are users supposed to do if it isn't even possible to delete DMs on twitter? Kind of pointless to stop sharing sensitive data now...

@thalassa @drewharwell @caseynewton @zoeschiffer
Why is it pointless to stop putting additional sensitive data into an insecure system?

Julia Feb 1, 2023

@Landa @drewharwell @caseynewton @zoeschiffer Well I'd say most people have been on twt for years and have likely already shared all the sensitive data they were going to share. And anyone who doesn't trust Musk hopefully stopped sharing data months ago...

hammancheez Jan 31, 2023

@drewharwell @caseynewton @zoeschiffer
Masto Admins can also get to DMs. Just don't use DMs for sensitive stuff anywhere, good rule to follow

Domenick Jan 31, 2023

@drewharwell @caseynewton @zoeschiffer Pretty wild that politicians are still using Twitter. That won't come back to bite them as we get closer to the next election. Probably.

joeziehmer Jan 31, 2023

@drewharwell @caseynewton @zoeschiffer Twitter is imploding and exploding in a technological mirror of the Hindenburg.

Lonewolf Jan 31, 2023

@drewharwell @caseynewton @zoeschiffer nobody wants to assassinate him lol

He just things he's way more important than he is

Ben Crowell Jan 31, 2023

@drewharwell @caseynewton @zoeschiffer The article is paywalled.

Prosaic Jan 31, 2023

@drewharwell @caseynewton @zoeschiffer

No longer?

Never DM anything you would not printed on the front page of the local newspaper.

Bart Veldhuizen 🚀Jan 31, 2023

@drewharwell Paywalled..

newsorpigal Jan 31, 2023

@drewharwell
@caseynewton @zoeschiffer

Twitter DMs were never secure.

Noah Cook Jan 31, 2023

@drewharwell @caseynewton @zoeschiffer

I really do hope that someone at Twitter is bright enough to recognize that there are many info issues that are not classified, but still create liability due to eg PII/PHI, privileged or otherwise confidential information, and plenty of other situations where the law does not, in fact, treat IP and comms as "finders keepers".

Also, there are minor PR issues like the risk of an employee using that info to stalk people.

nkp Jan 31, 2023

@drewharwell @caseynewton @zoeschiffer this sure is an interesting definition of “town square”

Renee DiResta Jan 31, 2023

@drewharwell @caseynewton @zoeschiffer "restoring trust" something something

Renee DiResta Jan 31, 2023

@drewharwell @caseynewton @zoeschiffer my understanding from a couple of the journalists who write the files is that they are getting emails and Slack messages in response to their inquiries. Do you know if that is still going through whoever is now in legal (who should theoretically stop overt abuse?) vs Irwin?

Bruce Jan 31, 2023

@drewharwell @caseynewton @zoeschiffer

Did anyone used to think that they were private? Semi-private, sure, but surely not secret.

Brad Ackerman Jan 31, 2023

@drewharwell @caseynewton @zoeschiffer She doesn't need access for her job so she shouldn't even be able to log in to any computer that could be used to access it. On the gripping hand, she doesn't care about all the FISes with assets on the inside, so you could argue she's consistent.

Tengrain Feb 1, 2023

@drewharwell @caseynewton @zoeschiffer

⬆️ ⬆️ ⬆️ ⬆️ ⬆️

This. Exactly this BirdChan betrayal.