1 Burst results for "Lily Hay Newman"
"lily hay newman" Discussed on Gadget Lab Podcast
"Lauren. Mike. Lauren, have you tried to download your Twitter archive yet? No. Because in the words of the poet, Mary Oliver, when the time comes to let it go, you just have to let it go. You just have to tweet like your life depends on it, hold it close to you and then let it go. Okay. I had this thought recently when I was at Blackwater pond. Really? You went to Blackwater. I was, I was actually there. But no, I guess if I'm being truthful as a journalist and as a professional keeper of the historical record, I probably should download my archive. Have you done it yet? Not in years now. Have you deleted all of your super secret DMs on Twitter? I've deleted some of them, but I'm not sure that I actually deleted them. Okay, we need to talk about this. Let's do it. Hi, everyone. Welcome to gadget lab. I am Michael calorie I'm a senior editor at wired. And I'm Lauren good. I'm a senior writer at wired. And we are also joined by wired security writer lily hay Newman. Hi lily. Welcome back. Hello. Thanks for having me. As always, it's a pleasure to have you here. So look, we know we have been talking about Twitter a lot on the show recently and sure we are journalists and journalists are obsessed with Twitter, but for today's show, we want to talk about Twitter one more time, but specifically because Twitter is currently suffering some security issues that have wide implications. Since the new boss over there, Elon Musk laid off roughly 3700 employees two weeks ago, many people have been keeping close watch over Twitter to see what kind of chaos might erupt. Security professionals and data privacy wonks are watching and they're probably sighing a lot. But hackers and attackers and scammers are circling the platform as well. Lily, it is always fun to have you on the show. Even if when you're here, we always end up talking about these doom and havoc situations. But I guess the first question about the security situation at Twitter we have to ask you is this. What is going on inside the company that we know? With the recent layoffs and resignations, how stretched is Twitter's security staff? Yes, this is an important question and there isn't a ton that we know super specifically, but first of all, half of the workforce was laid off. We just know that broadly. We know that Elon Musk currently is actually encouraging even more people to leave if they're not willing to commit to like a super intense work all the time approach they have until today I believe Thursday to consent to mega death Twitter or something. And when we've also seen Musk conduct public firings via tweets just in recent days and two and a half weeks ago or so at the beginning of this whole regime change, we saw Musk broadly fire many executives of the company or have them step down, including some who work on privacy and trust and identity issues. Within the company. So just all of that paints a picture of an internal situation where they're just aren't probably going to be enough warm bodies to do everything that was happening a month ago. And for security, that's always a big issue because security is all about monitoring. It's all about constant vigilance, always improving, always investing more. So this is just a climate that is not going to be conducive to strong cybersecurity defenses broadly. So we know there have been a lot of layoffs. We know that in the missive he sent out earlier this week where he said, if you're not hardcore, don't bother working here. He also says that engineering would be the primary focus with design and product management taking a backseat within that engineering structure we just don't know how many people are going to be focused specifically on security. Is that correct? Right. And certainly, you know, I don't at least have a sense in the new world order, anything about team structures or things like that of how many resources and how many people are going to be dedicated to those things. And keep in mind that IT is also a highly intersecting department with security in any organization and things can be structured differently at different places, but just running an organization's devices and servers correctly is a security issue inherently. And speaking of that, we've already seen some things break down from the outside, right? Earlier this week, there was a an issue with the SMS two factor authentication system on Twitter. Yeah, you know, I did a story about how users were reporting that they couldn't receive authentication codes for logging in or for things like downloading their Twitter archive, they couldn't receive those codes via SMS. And when we tested it internally at wired, not everyone was having the problem, but some of us were and in one case, someone received a code on a delay. They got the SMS text message many hours later, which was strange. The Twitter comms department is currently either nonexistent or much reduced. So there isn't a good way to get official comment right now about these types of things. So we don't even have a clear sense of how those texts get sent or used to be sent or is it an integration with a third party service as is often the case where another company will provide the SMS infrastructure or is it something Twitter does in-house? Who knows? And I also took one for the team, meaning all of you listeners and wired readers out there and tweeted at Musk directly to I was going to ask if you had done this yet, okay? Yeah. And I'm clearly still on the podcast to tell the tale, so I'm doing all right. Thanks for checking in.