Twitter got hacked real good last night. From all appearances it doesn’t appear to be a technical hack, but a social engineering hack of employees with almost limitless access to the platform.
As centralized tech companies have become the norm for political, economic and public health discourse a new threat model has reared it’s head. Centralized systems have centralized admins.
Those centralized admins (the humans) and their related systems are one of the biggest security holes in these systems. Moderators and administrators have a wild amount of power. And that power can be manipulated by manipulating the humans instead of the tech.
I’m sure twitter will come out with some post-mortem statement about how they are securing their admin panels, yadda yadda. But the reality remains that centralized tech will always have centralized admins. This vulnerability is not trivial.
Nuclear superpowers have had this issue and have had to go to incredible lengths to mitigate the threat. Even their procedures seem a bit weak and rely on layers of physical security for the individuals and systems involved (literally people in bunkers).
Moderators at social media companies have been shown to not be the most mentally stable individuals. Tech workers are often easily blackmailed. People are a security threat that is not easily modeled or mitigated at a monolithic platform.
The Obvious Solution
A solution to this problem is pretty obvious. Reduce the power of any single admin. Even in the nuclear bunker, one officer can’t launch the missile. One of the most effective ways to do this is by decentralizing out communications platforms.
For example, government leaders online statements should probably come from a government domain, government IP address and be signed by a public / private key combination. We have plenty of tools to do this type of work. RSS would work just fine and allow a authentication trail that everyone from media outlets to private individuals could use to validate posts.
Of course whitehouse.gov security would still be only as good as the administrators there. But, if the security there is compromised only whitehouse.gov is compromised. A mass pawning of hundreds or thousands of influential information sources becomes non-trivial and near impossible.
This is not just a suggestion for very large organizations but also for smaller ones. My local police department disseminates public safety information on Facebook. When there was a SWAT team on my block, the only way for me to get information was by looking on Facebook.
Having to opt-in to Facebook to get public safety information has it’s own serious issues. But on top of that, what happens if hundreds of police department’s social media accounts are compromised simultaneously and say… announce martial law?
The web is better and more secure when no one person holds the keys.