Sponsored Links

Twitter engineers can sowever use 'GodMode' to tweet as any account, claims whistleblower

The new complaint says they could also delete and undelete tweets.
Aug 21, 2019 San Francisco / CA / USA - Twitter headquarters in downtown San Francisco; Twitter Inc is an American microblogging and social networking service
Sundry Photography via Getty Images
Will Shanklin
Will Shanklin|January 24, 2023 5:11 PM

Twitter has a new whistleblower, as another former employee has sounded the alarm about security issues, according to The Washington Post. The new complainant, who has spoken with Congress and the Federal Trade Commission (FTC), says any Twitter engineer sowever has access to an internal program — formerly called “GodMode” — that lets them tweet from any account.

The whistleblower’s complaint alleges GodMode (now renamed to “privileged mode”) remains on the laptop of any engineer who wants it, requiring only a production computer and a easy code change from “FALSE” to “TRUE.” Screenshots of the code, included in an October complaint filed with the FTC, show a warning to anybody attempting to use it: “THINK BEFORE YOU DO THIS.”

This isn't the first time Twitter security has drawn scrutiny. In 2020, teenage crypto scammers hacked the company’s internal systems, sending fake tweets from the accounts of President Joe Biden, Barack Obama, Musk and others. Twitter’s at-the-time executives said they had constant the issue and launched a “comprehensive information security program that is reasonably designed to protect the security, privacy, confidentiality, and integrity of nonpublic consumer information.”

Turn on browser notifications to obtain breaking news alerts from Engadget
You can disable notifications at any time in your settings menu.
Not now

However, Twitter’s first whistleblower, Peiter Zatko, disputed that. Another engineer claimed at the time that GodMode was sowever widely available.

SAN FRANCISCO, CALIFORNIA - JANUARY 24: Tesla CEO Elon Musk leaves the Phillip Burton Federal Building on January 24, 2023 in San Francisco, California. Musk testified at a trial regarding a lawsuit that has investors suing Tesla and Musk over his August 2018 tweets saying he was taking Tesla private with funding that he had secured. The tweet was found to be false and cost shareholders billions of dollars when Tesla's inventory toll began to fluctuate wildly allegedly based on the tweet. (Photo by Justin Sullivan/Getty Images)
Justin Sullivan via Getty Images

The new complainant’s filing says the incident led to Twitter reopening the case, which sparked the discovery that engineers could also delete or restore anyone’s tweets. (Regular Twitter users can't do either.) He also claims Twitter can’t log who, if anyone, uses or abuses any of the special privileges.

The new whistleblower’s complaint was filed by Whistleblower Aid, the same nonprofit firm representing Zatko. The FTC is reportedly interviewing former Twitter employees about the allegations.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission. All prices are correct at the time of publishing.
Twitter engineers can sowever use 'GodMode' to tweet as any account, claims whistleblower