Parts of Twitter’s source code, the underlying computer code on which the social network runs, have been leaked online, according to a legal filing, a rare and significant exposure of intellectual property as the company struggles to reduce technical issues and roll back his trading fortunes under Elon. Musk.
Twitter moved on Friday to remove the leaked code by sending a copyright infringement notice to GitHub, an online collaboration platform for software developers where the code was posted, according to the filing. GitHub complied and removed the code that day. It was unclear how long the leaked code had been online, but it appeared to have been public for at least several months.
Twitter also asked the US District Court for the Northern District of California to order GitHub to identify the person who shared the code and anyone else who downloaded it, according to the filing.
Twitter has launched an investigation into the leak and executives handling the matter have speculated that the person responsible left the San Francisco-based company last year, said two people briefed on the internal investigation. Since Musk bought Twitter in October for $44 billion, about 75 percent of the company’s 7,500 employees have been fired or resigned.
The executives only recently learned of the source code leak, the people briefed on the internal investigation said. One concern is that the code includes security vulnerabilities that could give hackers or other motivated parties the means to extract user data or take down the site, they said.
Inside Elon Musk’s Twitter
- Music licenses: Twitter is said to have explored licensing music rights to three major labels before negotiations stalled after Elon Musk took over the company last year.
- Twitter Finance: Mr Musk said Twitter was on the mend financially after seeing a 50 per cent decline in ad revenue, making one of his first public disclosures about the state of the social media company since he bought the company last year. .
- FTC Investigation: The Federal Trade Commission is stepping up an investigation into Twitter’s data and privacy practices and is seeking testimony from Musk.
- Job cuts: Twitter is said to have laid off at least 200 more workers. The social media platform now has a workforce of fewer than 2,000 employees, up from 7,500 when Elon Musk took over.
The exposed source code adds to the challenges facing Musk’s Twitter. Tech companies often view such code as a closely guarded secret and won’t share it for fear it might give competitors an unfair advantage or reveal security vulnerabilities.
But even as tech companies do their best to protect their code bases, they have become prime targets for opportunists, hackers, and others. Last year, a hacking group managed to stole Microsoft’s source code and other major companies. And in 2020, Anthony Levandowski, a star self-driving car engineer, was sentenced to 18 months in prison for stealing code from Google while preparing to start a new job. (Mr. Levandowski was later pardoned by then-President Donald J. Trump.)
Twitter’s public posting of the code is “concerning,” said Brett Callow, a threat analyst at Emsisoft, a cybersecurity software company. “It makes it a little bit easier and faster to investigate vulnerabilities.”
For Twitter, the leak also adds to growing structural and financial challenges. Musk has been trying to turn the social network around in recent months by cutting costs, testing new features and welcoming previously banned users. But service outages have increased, while advertisers, the company’s main source of revenue, have been reluctant to run ads on the site.
The turmoil has caused financial damage. On Friday, Musk told employees in an email that Twitter was worth about $20 billion, more than 50 percent less than what he paid for it. He said “radical changes” at the company, including layoffs and cost cutting, were necessary to avoid bankruptcy and streamline operations.
“Twitter is rapidly reshaping itself,” Musk wrote in the email seen by The New York Times. He added that the company could be thought of as “a reverse startup” and that he believed Twitter could one day be worth $250 billion.
Musk did not respond to a request for comment on the leaked Twitter code. GitHub declined to comment on the decision to remove the code, but posted Twitter’s removal request on its website.
The leak comes as Musk promised to make part of Twitter’s code public. This month, the billionaire said he would make the code Twitter uses to recommend tweets publicly available by the end of March, so anyone can review it and analyze it for potential flaws. The process could help make Twitter’s code more secure, as people have identified and reported problems with it.
At the same time, Musk worries about the possibility of leaks and theft by disgruntled ex-employees during his mass layoffs. In November, he closed Twitter’s offices and asked employees to stay out while the cuts were made. In recent months, Twitter has also prevented engineers from making changes to the site’s code ahead of layoffs for fear someone would sabotage the platform on their way out.
“One of the best ways to mitigate internal risk is to keep employees happy and that certainly hasn’t been the case at Twitter,” Callow said.
The person who leaked the Twitter source code appeared to have the name “FreeSpeechEnthusiast” on GitHub, according to Twitter’s legal filing. The user’s pseudonym appears to be a reference to Mr. Musk, who has referred to himself as a “free speech absolutist.”
The GitHub profile for the anonymous user shows a single contribution to the platform in early January. The profile remains online.
jack begg contributed research.
