Sicurezza

Twitter’s ‘Hacked Materials’ Rule Tries to Thread an Impossible Needle

Twitter for years functioned as an unrestricted mouthpiece for hackers of all stripes, from freewheeling hacktivists like Anonymous to the Kremlin-created cutouts like Guccifer 2.0. But as the company tries to crack down on hackers’ use of its platform to distribute their stolen information, it’s finding that that’s not a simple decision. And now, less than three weeks before Election Day, Twitter has put itself in an impossible position: flip-flopping on its policy while trying to navigate between those who condemn it for enabling data thieves and foreign spies, and those who condemn it for heavy-handed censorship.

On Thursday evening, Twitter’s head of trust and safety, Vijaya Gadde, posted a thread of tweets explaining a new policy on hacked materials, in response to the firestorm of criticism it received—largely from the political right and President Donald Trump—for its decision to block the sharing of a New York Post story based on alleged private data and communications of presidential candidate Joe Biden’s son, Hunter Biden. Gadde wrote that the company was taking a step back on its “Hacked Materials Policy.” The company will now no longer remove tweets that contain or link to hacked content “unless it is directly shared by hackers or those acting in concert with them,” Gadde wrote. Instead, the company will “label Tweets to provide context.”

Despite that new rule, links to the Post article initially remained blocked, because it also violated Twitter’s policy on sharing private personal information, another spokesperson for Twitter posted last night. But Twitter ultimately backed down from that stance too, allowing the story to circulate as it broadly rethought its treatment of posts about hacked information.1 “Why the changes?” Gadde wrote. “We want to address the concerns that there could be many unintended consequences to journalists, whistleblowers, and others in ways that are contrary to Twitter’s purpose of serving the public conversation.”

Rather than solve Twitter’s hacked data dilemma, though, Twitter’s backpedaling on its policy has only highlighted just how stuck it is between impossible options, says Clint Watts, a disinformation-focused senior fellow at the Center for Cyber and Homeland Security at George Washington University and author of the book Messing With the Enemy. And it may also leave Twitter open to exploitation by a well-crafted hack-and-leak operation, just as Russian hackers carried out in 2016.

Read More

“It’s a super difficult problem to thread,” Watts says. “If they didn’t take that down, and it turns out to be a foreign op, and it changes the course of the election, they’re going to be right back testifying in front of Congress, hammered with regulation and fines.” After all, Twitter faced widespread criticism for allowing itself to be exploited ahead of the 2016 election by Kremlin hackers who distributed information stolen from the Democratic National Committee and the Clinton campaign, as well as by disinformation trolls working for the Kremlin-backed Internet Research Agency.

In response to those incidents, Twitter implemented its rule against the “distribution of hacked materials” in 2018, which banned posting hacked content directly or linking to other sites that hosted it. Critics of the policy, however, argued that it also risked blocking legitimate news stories in the public interest if they are based on information released without authorization.

“There’s incredible journalism that starts with hacked materials,” says Lorax B. Horne, editor in chief of the whistle-blowing “leaks” group known as Distributed Denial of Secrets, or DDoSecrets.2 DDoSecrets published a massive collection of internal memos, financial records, and other data stolen from 200-plus police organizations in June, and told WIRED that the information had been given to them by a transparency-focused hacker affiliated with Anonymous. Journalists dug through the material and found revealing stories about police misperceptions of antifa and Homeland Security surveillance practices, including those focused on Black Lives Matter protestors.