Here’s a dilemma: The guy (“Hacker Croll”) who claims to have accessed hundreds of confidential corporate and personal documents of Twitter and Twitter employees, is releasing those documents publicly and sent them to us earlier today. The zip file contained 310 documents, ranging from executive meeting notes, partner agreements and financial projections to the meal preferences, calendars and phone logs of various Twitter employees.
We’ve spent most of the evening reading these documents. The vast majority of them are somewhat embarrassing to various individuals, but not otherwise interesting. An example – there are a number of documents showing the names of people who interviewed at Twitter for various senior level positions so publishing their names would obviously be distressing for them. Most of these people remain in their current jobs. Some documents show floorplans and security passcodes to get into the Twitter offices. We’re not going to post any of those documents.
But we are going to release some of the documents showing financial projections, product plans and notes from executive strategy meetings. We’re also going to post the original pitch document for the Twitter TV show that hit the news in May, mostly because it’s awesome.
There is clearly an ethical line here that we don’t want to cross, and the vast majority of these documents aren’t going to be published, at least by us. But a few of the documents have so much news value that we think it’s appropriate to publish them.
More posts coming soon.
Update: Our Reaction To Your Reactions To the Twitter Confidential Documents Post
Update 2: Final Tweet: The Twitter Reality TV Show Pitch
Update 3: Twitter’s Financial Forecast Shows First Revenue In Q3, 1 billion users in 2013
Update 4: Twitter’s Internal Strategy Laid Bare: To Be “The Pulse Of The Planet”
Why?
Because this violates your rights to privacy. Nobody needs to know too much about you without your permission. This is an ongoing issue which relates back to how much about you/your identity is exposed on the Web – are you aware? and do you have control to manage these data about you.
- Darren at AdExcel dot Com
Exactly. Say, as a twitter employee, this violates my right to privacy and exposes things about me and my identity to the web without my control.
Hmm.
yeah we’re not going to post any of that stuff.
Good ethical decision Michael. Just tell me this, why was Twitter so slack about these documents and why did that guy want to release them? How did he managed to collect all these documents?
They were hacked, it was slackness, you can’t cover _all_ security holes, there’s always one just waiting to be found. You’ve just gotta hope its you/your employee and not someone else.
His reason? My guess, fame.
http://www.techcrunch.com/2009/07/14/twitters-ev-confirms-hacker-targeted-personal-accounts-attack-was-highly-distressing/
This is an asshole move. If these documents were obtained illegally (and it sounds like they were) by “Hacker Croll,” you have no right to publish them. One can only imagine the hissy fit you would throw if someone did this to TechCrunch.
That’s commendable but there’s still an appearance of a lapse in ethics here.
“…documents showing financial projections, product plans and notes from executive strategy meeting…s”
Really? We’ll have to see what exactly gets published and if it’s worthy of all this hoopla.
Nevertheless, this is just bad karma for a great blog which has become an integral part of the start-up community in the Valley and beyond.
Got sleaze?
You have to wonder. With all the publicity over twitter in the media, and the TV show, this could be their sex tape. How do we know for sure this was not intentional?
With all the Twitter-haters that comment on TC, you’d think that they’d be more open to the idea of releasing such documents…..
The difference between publishing documents or information that was obtained by means of a “whistleblower” inside a corporation and that obtained through the theft of proprietary data is the difference between civil and criminal courts.
I find it hard to believe that you fail to see the difference.
Posting even a single word from those files could not possibly be any more unethical. If some hacker happens to email me the checking account number and pin of some unsuspecting individual, I can’t hide behind some veiled 1st amendment BS if I were to publish that info to the world. I would be just as guilty.
This is information that you obtained not through research but through a hacker leaking the information. You shouldn’t be posting any of this information online.
Poor show Arrington, poor show.
I am not a Twitter user. As I understand it Twitter is a business that publishes information supplied by users but as yet it has not said how it will make money. Is it not in the public interest to publish details of how it will make money, if you have that information? I don’t understand why anyone using this service has not first asked how the business makes money. Any business should tell you how it makes money or plans to make money so consumers are protected, and if Twitter has kept it secret, it is in the public interest to publish it, in my view.
which is why Mike already said only few things would be posted!
still .. nothing should be posted by no one without Twitter’s permission. Poor decision techcrunch, you guys should know better.
I agree with Rama. Feels kinda shady.
lol. if we only posted things that companies gave us permission to post this would be a press release site and none of you would be here. News is stuff someone doesn’t want you to write. The rest is advertising.
Michael, life is not that simple and I bet you’ll receive a few more reactions along the way by people who feel that you’re like a guy “fencing” I’ll gotten goods. Most of us have come from your Twitter feed tweet to read this news of yours and while I may be curious what this is all about, I can’t help see the irony in you posting this news on Twitter’s site to increase viewership here. A lot of this is rubber necking at the accident at the side of the road by a company that’s pretty good to people so far. I suddenly feel pretty bad for Twitter and see you more as part of the situation that’s screwing them.
but TC *IS* a press-release site…
TC should not publish any of the information they have received which was collected in a clearly illegal manner.
I am sorry but I think it is morally corrupt to receive confidential information, which was hacked from another company, “..spend most of the evening reading these documents”, then try and find a patch of moral high ground by saying “We’re not going to post [some] of those documents”, but some of the financial projections are fair game. You are basically condoning the hack by your actions.
Had it been me in Twitters position, I would explore every legal avenue to get back at you.
Curious to know how TC management and employees would feel if it had been them that had their personal information “stolen” and others in the industry were talking about publishing some of it.
Michael said…
if we only posted things that companies gave us permission to post this would be a press release site and none of you would be here.
Michael, what you intend to do, makes you a hypocrite. Someone just handed to you stolen private properties that belong to someone else (Twitter). You should return the property to the rightful owners and perhaps request or seek their permissions (with no coercion) to publish only certain things that TC is interested in, but such info won’t be damaging to running their business. Again, if they decline, you should respect that decision.
A couple of weeks ago or so, you interviewed a top-notch anti-trust lawyer and since you’re a cheerleader for the use of anti-trust laws against private businesses, you seemed to be OK when the government robbed someone else’s properties via the anti-trust laws, but not when a private citizen stole those properties off another private citizen and handed them to you?
Return those stolen properties back, man!
Double standard & hypocrite? I bet ya?
There is no “right to privacy” — at least not in the US. Read the Constitution.
Even if there were an assumed right to privacy it is a right against invasion of privacy by the government, not other private individuals.
Maybe not in the US Constitution but it is in te Universal Declaration of human Rights
http://en.wikipedia.org/wiki/Universal_Declaration_of_Human_Rights
I’m all for the right to privacy…
But I think, given US history, it might be a little naive to expect the US to start respecting international agreements now.
Nice try, but even that document is referring to rights of individuals against nations, governments, and other ruling bodies… not private citizens against private citizens.
Civil Law is what protects individuals against individuals. And neither the US Constitution nor the Universal Declaration of Human Rights claims to govern civil law.
You have the right to protect your privacy. But, if you’re an idiot and leave your laptop at the airport with thousands of private documents; well, no one violated your privacy except you. We all know there are unsavory characters in the world. It is an individual’s responsibility to accept personal responsibility for his private life, private information, and private feelings.
Once you open any of those up intentionally or unintentionally you must accept the consequences.
As soon as we start giving rights to protect ‘Stupid’ we risk sacrificing other privileges we have.
Finding a laptop, thumbdrive, or a fully-stocked hard-drive is not a violation of privacy. Having an authority figure confiscate it to divulge and disseminate the contents is a different matter altogether.
But, that’s not what we’re talking about here, is it?
Human rights?
this is the real world
but you still have a reasonable expectation of privacy or something …
just another marketing stunt from Twitter and Techcrunch, promoting Twitter TV.. we are not that stupid!
u r absolutely right Darren
Because they can, because they can..
Because techcrunch is a NEWS site, and this is NEWS?
Because the theft of documents from “the cloud” could potentially destroy the reputation of “the cloud” and thereby stunt the growth of an important new computing idiom?
Because these companies need to start taking data security seriously, when they have confidential information of tens of millions of users?
Because no-one can stop them?
Because the documents are now public domain?
Because the documents are public interest? (i’m the public, and I’m interested)
now some questions for you: Why not? Who’s concept of “wrong” should we all follow? How far would journalism have got, and how honest would our politicians be, if journalists didn’t publish against the wishes of the source?
And if Twitter was your company? You would state all of that?
You obviously do not understand the meaning of public domain. Just because someone legally or illegally posts something on the internet does not put that document in the public domain.
Being interested is not the same as the public interest. The Pentagon Papers were in the public interest because it showed the government lied to us about Vietnam. The public interest overrode the Pentagon’s and Nixon Administration’s wishes to keep it under wraps.
Try to be a bit more informed before making such assertions.
What about UFO’s Eric? The public’s interest overrides our government’s wishes but they still keep the truth from us. So I guess it’s still their choice about what’s public interest isn’t it?
An interested public is not the same as the public interest
I’ll only reply to your comment- Basically, Twitter is direct philanthropy for us at this stage- employing a lot of devs, not charging, etc. It’s in the public’s interest that these guys continue to grow without being hassled and left to grow. The hacker will continue to leak this all out until it’s all published with or without Mashable, so it’s a dilemma. I wonder what makes them feel so obliged to an interested public? I mean yeah, it’s good stuff, but they could have cashed in a huge advantage with Twitter by not being the one to break this, I guess. They were somewhat prudent in the filtering of it all. I’d be sweating bullets if I’d interviewed there and still had my unvested IPO shares, for sure…
someone else will publish it if tc doesnt. it doesnt matter morons
This is the worst statement you could have made. It doesn’t matter what others may or may not do. It only matters what you would consider to be ethical, i. e. morally right. That is Kant’s Categorical Imperative.
Obviously, ethical sound actions are not what journalism is about, from your perspective. So how on earth can you make out the right as a journalist to discover injustice and bad behaviour when you are not adhering to ethical behaviours yourself? You are opening up to loosing all credibility and that is all the reason why people read the output in the first place.
Maybe TC aren’t Kantians but Utilitarians. It’s not like Kant came and all matters on moral philosophy were settled forever.
And to be nitpicky Kant’s morality is not relativist, i.e. it’s not about what you consider to be morally right. The categorical imperative claims to render universal moral laws that are binding on all rational beings.
Kant is a moral absolutist. Hence the usage of the word “categorical” in accompanying imperative. And any person citing Kant in a discussion relating to the leaking of documents is extremely misguided. Kant should be quoted only in dark rooms in the underbellies of universities when there is nothing left to say about anything else, and even then it should be done with the greatest resistance. Voluntary Kanting is offensive and unscrupulous.
Keep up the bleating sheeple.
Well yes, there are other unscrupulous sites around. I suppose by collating all the unscrupulosity into one place, that’s one place I don’t have to read any more.
And no, just because someone sends “a zip file of 300+ documents” that doesn’t imply *any* of them *have* to be published at all. Smells way too underhand and fishy all at once.
you idiot anonymous, at least clear your twitter username when commenting.
Lolz his blog is supposed to be anonymous ..but not Twitter ..#Fail
Do’h! I caught that too. *snicker*
i didnt know that this blackmailing concept still applies . some people r simply put “unconcious” to use the term like Esther Harding and Jung used it. when they grow up ( not old ) they rediscover that there are better things to do than playing God with other peoples sensitive data. what happened to “mind your own business?”
right dear..it shud b
because they have it and they can publish it!
For the lulz!
Why, you ask?
Because it’s time to let society know that:
WE SHOULDN’T PUT OUR ENTIRE LIVES IN DATABASES !!!
Nothing connected to the net is secure.
And if you combine all those datasets of your person that are out there, you’ll get a very detailed file.
Example: In a few years or months, it will be easy to instantly get the complete name of all actors in adult movies by face recognition tech combined with (for example) Facebook pics (or whatever).
I think it is a bit late for that… all of our lives are in databases.
Did TechCrunch pay for this information?
I’m hoping that there is a law enforcement investigation of this activity.
Twitter may have had very poor security practices, but gaining unauthorized access to computer systems is a violation of the law and any part of the law that can be used to deter this sort of behavior in the future should be used. That includes investigation of accomplices.
Lets not beat about the bush – this information was stolen. It is also a breach of Twitter and employee privacy as well as continues the long standing debate on cloud and web based security. I can though also understand the news worthiness of this data breach. All I can say at this point is “ask yourself, would you like it if someone stole your personal and financial information and published it for all the world to see?” I know what the answer would be.
Your legitimizing the illegal and unethical actions of this person by publishing this information. Bad move TechCrunch. Very poor decision.
I agree with Brad White…move on Mike and leave Twitter alone and let them try running a start up the city. Not cool at all. This will be black eye for Techcrunch. Let some other fools and other websites that have access to the same info do it but don’t join the rat race and have some class. i agree with Brad all the way. People jobs at Twitter might be at stake.
I agree. It seems that this hacker has decided that these documents will end up on the internet one way or another, but by facilitating that process you’re essentially becoming an accomplice in the laundering of stolen information. This betrays the trust of the companies that you cover and the readers who follow you, all in return for an easy scoop. Shame on you, TechCrunch.
Mike is guaranteed to get slapped with a lawsuit from Twitter if this happens, and I can’t say it won’t be fun to watch in court. Go for it, Mike.
This isn’t “news”. If Twitter was selling arms to a third-world dictator, that would be one thing. These are just stolen goods.
Totally agree that publishing ANY of this information crosses the line.
TC didn’t hack anything they just received docs there is no law preventing them from publishing. And I think they should they are a news site after all.
Whoa!! If twitter guys cant even protect their own data, on what basis should we trust them with our data n tweets??
It wasnt their twitter accounts that were hacked. Other services were, just that twitter employees were targeted.
Not a good look. I understand your position, eitherway you lose. We expect unbiased news, but I also understand the need to have the respect of fellow entreprenuers and readers. I think the best thing you could have done, was not mention it at all. Its really lose lose at this point.
right marcs
dis is absolutely right wht u r saying
What is private about your tweets?
Nice post Michael. This is definitely a valid issue that has been ongoing and has not been focus on. The problem is that more people are becomng more open with their information but they are not educated/being aware of the consequences. There should some guidelines set in place to provide precautions.
- Darren at AdExcel dot Com
That’s a pretty bold move Mr. Arrington. While I’m sure the folks at Twitter will be upset, if you don’t publish the documents, I’m sure someone else will.
Someone most certainly will, and it will be big news. I wouldn’t be surprised if this gets on mainstream news, what with their obsession lately with Twitter.
However, while I do support a news site’s decision to post damaging but important information obtained by legitimate means, such as anonymous interviews, I think your decision to publish this provides serious incentive for hackers to attack other companies.
TechCrunch, the geek version of a tabloid magazine.
Its sure getting there… LOL
Not fast enough if you ask me. WHy should the pretty people have all the fun?
Uh, not so much. Tabloids make garbage up. Taking real documents and publishing them doesn’t make you a tabloid.
People here are always bitching about how this blog is a whore for companies that pay to advertise or a whore for companies who have the “right” venture capital, or a whore for Jason Calacanis (an inane claim, btw). So, when Techcrunch finally decides to do nitty, gritty, down and dirty, real investigative journalism, people BITCH even louder?
The Techcrunch audience is impossible to please.
You think this constitutes investigative journalism?
I’m pretty sure investigative journalism involves actually investigating. This is republishing information somebody *else* investig—wait, no, that’s information somebody else *stole.*
I do not think you should do that. I really don’t. These are are company documents, most likely ‘taken’ without their consent. Wouldn’t you also like it if stolen property is returned to you? Seriously. Honor, man! Honor.
What about their journalistic duty to publish relevant news. I think not publishing them would be dishonorable.
Wow
I believe this is called “falling from the cloud”. And a big reason my emails are stored locally like the good old days.
+1
++ and… don’t write anything on the internet that you dun want others to know and delete/deny anything your friends post and tag that you don’t want others to know.
It’s a very dangerous world here in the internet.
I store emails locally too!
Don’t use phone either, or write anything on paper
Stored locally?
So you run your own email server(s) and only send emails to other mailboxes on your own private LAN?
Right.
That’s exactly what I was thinking.
Tools.
I bet they are hitting the vodka about now.
the original security hole seems to be Google, via Google Apps for your Domain. Some passwords were guessed and things started to fall apart from there. Most (or all) of these documents were downloaded from Google’s servers.
Then don’t go after Twitter for gods sake. Go after Google Doc and Google Apps. Leave EV alone before he loses his job b/c of some wise ass hacker.
The scenario described would be Twitter’s fault, not Google’s. Everyone knows passwords can be guessed through brute force. If you’re a site as big as Twitter, you just don’t allow public interfaces to sensitive data that involved password authentication at all. There’s absolutely no way this is Google’s fault. They didn’t choose the password or put the documents there.
That’s it! This is a plot to discredit Twitter and Google all in one fell swoop by Ballmer. (How’s that for paranoid?)
I don’t think the newsworthiness of these documents outweighs the owner’s rights to keep this information confidential. I wonder if the SEC might be moved to look at TechCrunch for insider trading violations if there is information about their plans for certain business activities in the future?
Don’t think Ballmer wants to discredit a company he’s probably trying to buy–Twitter.
What is newsworthy is that the documents were stolen, not what they contain. Printing how they were obatined is news, printing the contents of the documents is tabloid trash.
Would you want document published if stolen from TechCrunch? This is not cool.
no, I would not.
Wait?! What?! Really?! Maybe I am misreading this but you wouldn’t want documents released that were stolen from TechCrunch, but you are gleefully releasing these *stolen* documents from another company?
Leo Laporte hasn’t been more right in his opinion of you.
I followed TechCrunch for ‘news’, it’s just trash tabloid stuff now. Not that you could give a da** but if these documents go out on TC I am unfollowing and un-RSSing it all.
Bye.
did you just self-censor the word “damn”?
Your nick is amazingly appropriate.
What has “twitter” or “michael” liking their documents published got anything to do with the decision to publish them, if they were acquired without their approval in the first place.
I mean, pay attention: Michael answered truthfully. I don’t believe he, or anyone, believes Twitter would want their documents published without their consent. The whole argument and post deal precisely with the fact that some of them might see the light of day (directly or “paraphrased”) without them wanting it.
You wouldn’t read this because you’re unsubscribing (god, how tired I am of this ridiculous threat).
This is hypocrisy, and a colossal dick move.
Your scoop here is that Twitter’s private information was hacked illegally. You can report that without any ethical question marks at all.
Benefiting from the spoils of that illegal act, on the other hand, is abominable.
I’d even say that reading those files was crossing the line and you should have notified Twitter and the authorities after skimming to verify that the material was authentic.
Regardless, while reading, if you found evidence of illegal or unethical actions or plans by Twitter, then I guess you could justify publication by being in the public interest — look at the UK’s MP expenses scandal for such an example — but your opportunistic fishing trip is just plain wrong.
@arrington, you disgust me.
Which is probably why the key to Mikes city isn’t protected only by the name of the street he grew up on.
Interesting! I did a reference for an engineering technologist who interviewed at twitter as a app security guy just few weeks ago. They asked him about cloud security, gears and security, and amazon aws security, hosted document encryption etc. Wonder how long has twitter been aware?
This really brings interesting question about if one can trust google as a the safe thing to have. May be we are not ready for the enterprise class..
Isn’t publishing stolen confidential information a violation of some Trade Secrets law?
http://nsi.org/Library/Espionage/usta.htm
You can bet they’ve consulted lawyers before moving forward with any posts though..
The esteemed Mr. Arrington *is* a lawyer. Or at least he used to be.
Since it’s been publicly disclosed, it’s publishable.
Better luck next time, trade secrets.
Well I would say this is “Highly Distressing” …..
You shouldn’t publish any of these documents… You shouldn’t even have posted this blog post.
I think it’s unethical. The documents were acquired illegally and they’re confidential. You should have just ignored them, no matter how much “news value” is in them.
I’m very disappointed. Try to put yourself in their shoes for one moment… You should just let it go.
If it becomes public somewhere else anyway, so be it, but don’t get involved.
did you write a letter to the WSJ when they posted the peanut butter manifesto?
http://online.wsj.com/public/article/SB116379821933826657-0mbjXoHnQwDMFH_PVeb_jqe3Chk_20061125.html
The New York Times wouldn’t have take the time to worry about what the right thing to do is. A quick call to their lawyer and they would have then posted everything they could legally. We’ve gone way beyond that, including having discussions with Twitter earlier this evening.
So what your saying is twitter realizes they can spin this as googles fault… and use it for marketing purposes..
Seriously… just look at the posts.. first it was gov’t has access to twitters feed.. then it was a hacker sent TC twitter files.. then TC does a post about it before they release things.. Mike tells you that he has talked to twitter…
It is beautiful marketing by TC and twitter..
“hey lets have our highly confidential, internal documents ‘hacked’ to market our service to many more people.”
marketing? give me a f’ing break.
3 posts now… and how many comments… you just have to know how to spin it.. it has played perfectly..
But, Michael, if someone hands you company secrets/interna containing material that is not of interest to the public (thus protecting the public from harm, for example), why would you want to become part of that? – Did Twitter tell you, please just go ahead, publish those documents which are OURS?
because it is newsworthy.
Well, there it is. The worst answer on the entire planet.
newsworthy or gossip?
Michael, if it were newsworthy, you should have simply reported whatever news was contained in these files. Carping about secret documents and potential embarrassment to as-yet-unnamed people is not news, it is at best gossip.
The old quote about new being what someone does not want you to know is just that — a glib quote, not something to base all your journalistic decisions upon. Unless any of this information is genuinely in the public interest, you should not publish another word of it.
I’m late to the game on this one, but this is a very grey area about stuff that is more than likely newsworthy. I do sincerely appreciate you letting the audience know your thinking process about it.
The fact that there is a security breach is newsworthy. The contents gained from that breach are either gossip or evidence in a criminal investigation. Either way, they’re not news.
Just because somebody would do it, it doesn’t make it ok.
You report about startups, you organize events for startups and entrepreneurs and many people (myself included) see TC as part of the community, and as such there is a certain level of trust and credibility. Unlike the WSJ, NYT et al, where all they care is audience, publicity, money.
I see it as a sort of a betrayal. Not that you have to hide or cover anything up, but at the very least you have to think about it as if it had happened to you. What would you want them to do? It doesn’t belong to you and it isn’t in the public’s interest to know… and, in all honesty, you shouldn’t even have read it. You have to do what is right, which is to ignore it.
The bottom line is that these documents are confidential to Twitter. Funny or not, embarrassing or not, it’s NOT anybody’s business. So, regardless on how it came to you, you should had ignored it.
At the end of the day, it’s your call. At least you’ve been having doubts about it, so that’s a good sign, but you’re taking steps in the wrong direction.
-fc
Interesting coming from someone using this post to drive traffic to his own site. How’s your poll coming by the way?
Well, the poll was removed from here, and I don’t really need to drive traffic to my site. Look it up on Compete. (You know the name) It’s doing quite well, thanks.
I would… but I don’t remember it anymore. Ahhhh, this is beneath me. I refuse to get into a tit for tat with someone named Felipe.
Ok, Dante… Don’t worry about it. You’ll get there some day too. Keep trying!
Felipe, I totally agree…just because the hacker was unethical, there’s no need for TC to follow in his footsteps.
Obviously the breach is newsworthy – and if anyone should be slammed for it, it should probably be the person who chose the account password, and perhaps even the person who decided sensitive documents like this should be stored online – but the actual documents themselves are stolen property and should be treated as such.
Would you cycle around on your neighbours bike if someone stole it and gave it to you? It really is that simple.
Arrington asks: “did you write a letter to the WSJ when they posted the peanut butter manifesto?”
That wasn’t a stolen document. That was a “leaked” document from a trusted source who was sent the memo.
See the difference?
lol. if we only posted things that companies gave us permission to post this would be a press release site and none of you would be here. News is stuff someone doesn’t want you to write. The rest is advertising.
don’t journalists at news orgs do the hard work of seeking out facts honestly with integrity? not resisting the temptation to print out facts acquired through theft instead of your own labor is not the same thing.
I disagree. Twitter is a tech company, this is a tech publication. I understand the moral high ground, and honor can still be maintained by not publishing anything that may threaten the security of Ev and those whose accounts were breached… but publishing things like the idea for the TV show, Projected growth etc. still lies within moral boundaries. Where would Governor Sanford be if Gina Smith hadn’t stumbled upon those emails and went public? Still fucking his mistress (and the people of south carolina). Publish it Mike…
yeah. i mean, i’m looking at the security codes to get into Twitter’s building. I’m not going to publish that. And Twitter now has the full set of documents in their possession and can take steps to protect themselves. Meanwhile, I’m going to post some notes from a product meeting. I’m pretty sure everyone is going to be ok.
security codes to get into Twitter´s building can easily be changed.
strategic info don´t.
but I´m sure you handled everything with them and that we are being part of a huge circus…
http://www.zataz.com/forum/index.php?showtopic=10005
“I just learned that Twitter has contacted the FBI so i decided to delete all my posts.”
I googled these images from the admin panel
img244.imageshack.us/img244/308/twitter03.png
img244.imageshack.us/img244/308/twitter03.png
img244.imageshack.us/img244/twitter03.png/1/w1680.png
img244.imageshack.us/img244/308/twitter03.png
This dude originally posted this on April 29th, so this happened well over 2 months ago. Why are you guys posting about it “now”?
This is very depricated news.
Um, because they were emailed the documents today? You know, like it says in the article that you’re commenting on.
Even the Twitter blog post about it was from April 30th
http://blog.twitter.com/2009/04/unauthorized-access-update-on-security.html
This is way old.
I think that is in reference to the admin screenshots, this is something very different.
If what TC is saying is true, it means that the Twitter blog post about it was a total lie.
no, it was a different event.
this is new. some of the documents are dated from June.
Wow, they didn’t close the hole after a month of access from the same guy after they sent the FBI after him?
They suck. Like REALLY bad. I bet they’d get fired from my work place the same day.
I wouldn’t assume that. I’m not sure.
It’s obvious that he got this from the employee’s Yahoo email account and not Twitter after the initial attack, BUT
most all tech companies in California will NOT email internal documentation to a free Yahoo or Gmail email account.
Typically they will run an exchange server behind the company firewall and email reports and company email in the company network or remotely through an IPSec tunnel.
A big tech startup emailing company jewels(documents) to freemail accounts instead of having the sysadmin set up a proper email account for the first.last.employee@twitter.com is negligence.
It’s clear that even after nearly 3 years, they have no employee handbook or policies set up.
Suckage. I bet everybody there wears flip flops.
Well that’s what you get Flippy floppies.
I bet it wreaks of sun tan lotion over there.
Cool, look forward to seeing the Twitter TV show thing. Twitter has huge ramifactions for online video, particularly live online video.
I predict this will be the beginning of the end of TechCrunch.
Naaa… the beginning of the beginning. They hold in their possession possible answers for one of the biggest questions in tech… how will they monetize.
That would be interesting…
Trying to imagine the shitstorm you would cause if someone did that to you
Is this a practical joke? If it isn’t then it’s either a satircal take on the UK Telegraph’s exposure of MP’s expenses or a warning signal to startups who’ve got their heads stuck in the ‘cloud’ mumbling gibberish about ‘transparency’. In any case I cannot see that it’s in the public interest to release this material other than for the sensationalist effect that you already suggest. I expect Twitter to sue for damages.
Yeah, yeah, loss of revenue…
:grabs popcorn:
this could potentially be as uncomfortable as when I saw Bruno.
IANAL, but aren’t essentially willfully participating in a criminal act? If I *know* the stereo/tv/whatever I’m being sold was stolen, I’m an accessory to the crime, no?
No, typically any information, even if obtained illegally by a third party, is admissible in a court of law. Similarly I would think that if you are passed illegally-obtained information, you are not under obligation to withhold it from the public, with some exceptions.
Not illegal, but tortious. Tippees who receive information in violation of a fiduciary duty can have a surprising degree of legal liability. They are so going to get sued for this.
Must be a slow news week. Publishing stolen confidential documents just for the sake of doing it or because one of the docs is “awesome”? Pathetic. Sorry, but it is. You’re not breaking the Watergate scandal here, Michael – there’s nothing in the public interest that justifies publishing these documents.
really? THIS story got a “slow news week” comment from someone? Maybe you’re annoyed with twitter stories, but they are the hottest startup out there. Documents like these are a huge story and winner. Daniel, go moonwalk into oblivion for me.
Mike, can you just start limiting techcrunch comments?
Wow, someone has a real stick up their ass tonight. Moonwalk into oblivion? Just because I disagree with the frivolous publication of confidential, stolen documents?
Yes, please Michael, start limiting comments.
It’s called “journalism”, Daniel. You stupid bint.
If a bunch of secret documents fall into your lap and you run a news business, then you would publish those. Otherwise you wouldn’t be running a news business for very long.
Did you just say bint? Great word.
That’s not journalism, it’s opportunism coupled with greed. As Arrington said himself, if it was TC documents that were STOLEN, he wouldn’t want them published. There is no news here.
And what’s with the personal insults? Can you people not disagree with someone without getting personal?
Arrington is twitter’s biggest cheerleader. This is probably a PR stunt.
BINGO!
Thanks!
Though this is embarrassing and its one of those things that scares people as the the fear of personal data being compromised is genuine. and I agree that the docs should not be published at least by TC.
I’m sure the documents you’re going to release are interesting to say the least, but shouldn’t you stick way behind the ethical line on this issue?
On a, possibly, blue-eyed note… but don’t you (like I) use Twitter also to drive traffic to your blog/site? Don’t you (like I) pay zero for that service? Why on Earth would you want to collaborate with someone who stole from them? Why would you even consider doing so? If those documents don’t contain any evil scheme to do the public in, so to say, forget it, send it to the Twitter people, and get on with REPORTING!
You’re gonna post about this instead of how awesome launchly is? Bah! That said, I’m with the others… *grabs some popcorn to watch*
There is something to be said for taking the position that (a) We (techcrunch) received these documents and we could have broken the story, but (b) We chose not to. That way, you get the bragging rights to have been first to publish, without actually stepping into the muck that is sure to surround this when its published later by somebody else.
again, we’re not posting the vast majority of these files, and nothing that has to do with personal information. I think once you see what we post you’ll see how we made our decision.
The funny thing is that the personal stuff would probably create far more page views and would be less of a legal issue. But we’re making the decision based on our own ethical compass, not (mostly) the advice of our lawyers.
It is STOLEN material, Michael! What on Earth are you on about… ‘ethical compass’?! What kind of ethics you subscribe to that allow for publishing stolen material, NOT of proper interest to the general public – but harmful to the one they were STOLEN from?
Sorry, Derek, but who the hell are *you* to decide what’s of interest to the general public?
Publish the documents, TC. Publish them all!
Very simple: Private and/or confidential information that does not concern the public (e.g. because it relates to an elected official, some shady scheme and/or product fault that would harm the public, and/or the interests of a stock holder’s concern, etc.) is no-one’s business.
@ Derek… riiiiiiight, so Governor Sanford leaving his state to fuck some chick from Argentina is no one’s business? Gina Smith broke that story from leaked emails buddy…that were private, and confidential (and inspirationally romantic)…
WewewewewweWait. Did you just say people shouldn’t learn about products that could potentially harm them because it doesn’t concern the public? Or was that a typo?
Derek described a short list of some types of documents that DO “concern the public”. Dante … try not to work so hard for your misunderstandings, and Michael, it wasn’t a typo, merely a misreading on your part.
And FWIW, I, and many commentors, can easily see the difference between a document that was leaked in the public interest by investigators or staffers who hoped to reveal dangerous or criminal activities, and one that was stolen by a hacker who had no idea what he would find, and who grabbed low-hanging fruit wholesale just for the sake of doing it.
If some staffer releases memos that indicate breach of the public trust, that is one thing. It does raise ethical questions, but not related to whether the documents SHOULD have been brought to light.
But for a criminal to hack into a (albeit poorly) protected computer system (violating USC Title 18, among others) and then to pass the documents on to a “journalist” to have said “journalist” describe the documents to the Internet audience and threaten to release some of them, just for the heck of it, well, that’s a whole different story that does not speak well of the “journalist”.
Fortunately, “journalists” have no obligation to report the truth or to behave ethically under any circumstances, so Arrington can publish whatever he and his publisher want, as long as he is willing to accept the new “less-than-trustworthy” label that has already been slapped on his forehead. In this age of readily-searchable decisions, he’ll be carrying that label for quite a while.
@Stupidscript
I’d view TC as untrustworthy if they didn’t publish a significant news story.
@Dante – Any Sandford reference made relevant is awesome… … … and yeah, kinda inspirationally romantic.
you should not publish the stolen infos. there is no use for it to the public. there is no scandal or criminal act you can uncover. this is just cheap journalism. i hope techcrunch is not into that kind of thing that i only now from yellowpress offline media.
it seems desparate to just generate traffic with a possible story like this while basically saying you gave a shit about your reputation.
don’t do it.
the news is that soneone hacked twitter and forwarded the infos to you. period.
Wow. Arrington I hope you have good bodyguards. That said, I can’t wait to see the posts! LOL.
This was really a bad move techcrunch. I don’t think this is the way to get visitors to your site. You should be giving back the docs to twitter instead. Shame on you guys. I’ve many times send news tips on startups to techcruch inorder to publish them….but they never appeared. Now they have time to go through all the “confidential” docs and post tat shit.
No…..shame on you for sounding like such a pussy
That might say more about the value of your news tips than it does about TC.