Parts of Twitter's source code, the underlying computer code on which the social network runs, were leaked online, according to a legal filing, a rare and major exposure of intellectual property as the company struggles to reduce technical issues and reverse its business fortunes under Elon Musk.

Twitter moved on Friday to have the leaked code taken down by sending a copyright infringement notice to GitHub, an online collaboration platform for software developers where the code was posted, according to the filing. GitHub complied and took down the code that day. It was unclear how long the leaked code had been online, but it appeared to have been public for at least several months.

Twitter also asked the U.S. District Court for the Northern District of California to order GitHub to identify the person who shared the code and any other individuals who downloaded it, according to the filing.

Twitter began an investigation into the leak and executives handling the matter have surmised that whoever was responsible left the San Francisco-based company last year, two people briefed on the internal investigation said. Since Mr. Musk bought Twitter in October for $44 billion, about 75 percent of the company's 7,500 employees have been laid off or resigned.

The executives were only recently made aware of the source code leak, the people briefed on the internal investigation said. One concern is that the code includes security vulnerabilities that could give hackers or other motivated parties the means to extract user data or take down the site, they said.

The exposed source code adds to the challenges facing Mr. Musk’s Twitter. Technology companies often view such code as a closely held secret and do not share it for fear that it could give competitors an unfair advantage or reveal security vulnerabilities.

But even as tech companies strive to protect their code bases, they have become ripe targets for opportunists, hackers and others. Last year, a hacking group successfully stole source code from Microsoft and other major companies. And in 2020, Anthony Levandowski, a star engineer of self-driving cars, was sentenced to 18 months in prison for stealing code from Google as he prepared to start a new job. (Mr. Levandowski was later pardoned by then-President Donald J. Trump.)

The public posting of Twitter's code is "concerning," said Brett Callow, a threat analyst at Emsisoft, a cybersecurity software company. "It does make it a little bit easier and speedier to probe for vulnerabilities."

For Twitter, the leak also comes on top of mounting structural and financial challenges. Mr. Musk has been trying to turn around the social network over the past few months by slashing costs, trying out new features and welcoming back previously banned users. But outages of the service have increased, while advertisers --- the main source of revenue for the company --- have been skittish about running ads on the site.

The turmoil has caused financial damage. On Friday, Mr. Musk told employees in an email that Twitter was worth roughly $20 billion, down more than 50 percent from what he paid for it. He said "radical changes" at the company, including mass layoffs and cost cutting, were necessary to avoid bankruptcy and streamline operations.

"Twitter is being reshaped rapidly," Mr. Musk wrote in the email seen by The New York Times. He added that the company could be thought of as "an inverse start-up" and that he believed Twitter could someday be worth $250 billion.

Mr. Musk did not respond to a request for comment about Twitter's leaked code. GitHub declined to comment on the decision to remove the code, but posted Twitter's takedown request on its website.

The leak comes as Mr. Musk has promised to make some of Twitter's code public. This month, the billionaire said he would make the code that Twitter uses to recommend tweets publicly available by the end of March, so that it could be reviewed by anyone and scrutinized for possible flaws. The process could help Twitter's code become more secure, as people identified and reported problems with it.

At the same time, Mr. Musk has worried about the possibility of leaks and theft by disgruntled former employees during his mass layoffs. In November, he locked Twitter’s offices and asked employees not to come in while cuts were being made. Over the last few months, Twitter has also prevented engineers from making changes to the site’s code ahead of layoffs for fear that someone would sabotage the platform on the way out the door.

“One of the best ways to mitigate insider risk is to keep your employees happy and that certainly hasn’t been the case at Twitter,” Mr. Callow said.

The person who leaked Twitter’s source code appeared to go by the name “FreeSpeechEnthusiast” on GitHub, according to Twitter’s legal filing. The user’s pseudonym appears to be a reference to Mr. Musk, who has referred to himself as a “free speech absolutist.”

The GitHub profile for the anonymous user shows a single contribution to the platform in early January. The profile remains online.

After having my abilities been questioned by @iStillMissEd , i decided to create a little test to separate the chads from the chaff.

Here's a small snippet of c++ code:

bool function1(int8_t a, int8_t b)

{

int8_t aneg=-a;

int8_t bneg=-b;

return((a<b)==(aneg>bneg));

}

Describe when and why this function returns true. Best answer gets 250DC. No answer and you will be known as a javargin. !codecels

!sino !commies !illuminati discuss

Every other laptop in that lot stopped beeping after a minute but not this one

BEEP BEEP BEEP BEEP BEEP frick u strag get a new battery

BEEP BEEP BEEP BEEP BEEP frick u strag get a new battery

BEEP BEEP BEEP BEEP BEEP frick u strag get a new battery

BEEP BEEP BEEP BEEP BEEP frick u strag get a new battery

Meanwhile, the thing works fine. I think the cmos was why it was thrown out. Now if only I could make it stfu without tearing it down to swap a fricking battery.

I have literally spent more time trying to push my app to my phone and dealing with worthless strag frick error messages (Literally the only message the phone would give me the user, from the ui, was "apk failed to install", fricking cancer)

And god forbid there be some way ti just force push the fricking thing onto the phone certs and sigs be darned

Every cellphone made after 04 was a mistake

https://news.ycombinator.com/item?id=35305655

https://old.reddit.com/r/ChatGPT/comments/1216kwr/bard_is_amazing/

!codecels come lol at the webshits

And of course #modern #browsers don't consider this redirect worthy of adding to the back button (This enrages me as much as the "lets let sites rewrite the address bar from javascript!" jackoff)

orange site

another tldr: Internet Archive thought scanning a copyrighted book was good enough to meet the transformative requirement for Fair Use and thus they could lend out digital copies at will

edit: Throw back to 4 days ago Ars: “Book publishers with surging profits struggle to prove IA hurt sales”

b-b-but there were no damages

… It is also irrelevant to assessing market harm ...

NEW: Apple is tracking employee attendance (via badge records) and will give employees escalating warnings if they don't come in 3x per week.

ALSO: Elon Musk sent Twitter employees an email at 2:30am saying the "office is not optional" and noting SF was half empty yesterday.

— Zoë Schiffer (@ZoeSchiffer) March 22, 2023

https://www.businessinsider.com/elon-musk-emailed-twitter-staff-office-is-not-optional-2023-3

the future is female sluts getting dunked on

Oh, and Mark didn't mention that Bola Ahmed Tinubu was indicted for heroin charges in the US in 2003, forfeited $460k & is just too old too run a democracy this size.

Atiku Abubakar (second candidate) was a former VP and the president he served under (Obasanjo) still insists the dude remains a monument too corruption.

There's been a coordinated campaign at all levels too rig this election massively and we saw voter intimidation, manipulation in broad daylight, and the acquiescence of foreign governments too it all

Proofs:

To explain the $460k he forfeited too the feds for his heroin trafficking indictment [0][1], Tinubu claims too have worked at Deloitte as a consultant & made $850k in pre-tax bonuses a year. Problem is, Deloitte claims he's never worked for them [2] and a director at Deloitte earns $340k, according too Glassdoor [3].

^{[0]: https://www.bbc.com/news/world-africa-61732548 [1]: https://www.scribd.com/document/345742027/Bola-Tinubu-Heroin [2]: [3]: https://www.glassdoor.com/Salary/Deloitte-Director-Salaries-E2763_D_KO9,17.htm}

Orange Site:

https://news.ycombinator.com/item?id=35272227

Black trans lives matter

The notorious Breached hacking forum has shut down after the remaining administrator, Baphomet, disclosed that they believe law enforcement has access to the site's servers.

Breached was a popular hacking and data leak forum notorious for hosting, leaking, and selling data obtained from breached companies, governments, and various organizations.

It was a community that attracted people from all realms of cybercrime, including ransomware gangs, data extortionists, security researchers, and those simply interested in the darker side of cybersecurity.

The site, and its members, have been responsible for a wide range of breaches, extortion attempts, and ransomware attacks, leaking the data for many high-profile attacks. These breaches include DC Health Link, Twitter, RobinHood, Acer, Activision, and many more.

Breached was the spiritual successor to RaidForums, a data leak forum frequented by many of the same people before the FBI seized it in April 2022, a few months after the arrest of its founder, 'Omnipotent,' in the UK.

Breached forums shut down

The Breached hacking forum has been in disarray since last Friday when the news broke that its founder and owner, Pompompurin, was arrested by the FBI.

Since the arrest, the remaining admin, Baphomet, had taken the site offline while transferring it to new infrastructure secured from potential compromise by law enforcement.

In a series of updates to their site, Baphomet has said that the process has been slow as they are trying to retain operational security (opsec) to prevent their identity from being traced by law enforcement.

The initial plan was to migrate the site to a new infrastructure that would be untraceable, allowing the community of hackers, security enthusiasts, and cybercriminals to continue using the platform.

However, this plan has been canceled as Baphomet shared a "final update" today stating that they "confirmed that the glowies likely have access to Poms machine" --- 'glowies' meaning Federal agents.

When the infrastructure was taken offline, the admin said they left an old CDN server online that didn't host any important data.

"Throughout the migration I checked to see if anything was going on that would cause concern during the migration," reads Baphomet's message.

"One of the servers checked, was the old CDN server described above. It seems someone logged in on Mar 19, 1:34 EST prior to me logging into the server."

"Unfortunately this likely leads to the conclusion that someone has access to Poms machine. Any servers we use are never shared with anyone else, so someone would have to know the credentials to that server to be able to login."

"I now feel like I'm put into a position where nothing can be assumed safe, whether its our configs, source code, or information about our users - the list is endless."

Due to fears that Pompompurin's devices are now in the hands of law enforcement, and thus they have had access to the Breached infrastructure, Baphomet has decided to shut down Breached for good and let its community members choose where they are heading next.

The Telegram channel will remain up for now, while Baphomet said he would continue to have an online presence, discussing with other forum owners and potentially helping build something new.

As hacking forums are seized by law enforcement, BleepingComputer has seen threat actors migrating to Telegram as new channels can easily be launched as existing ones are shut down.

Telegram has become a hotbed of cybercrime activity, with threat actors amassing followers like celebrities as they leak stolen data, sell stolen accounts, and discuss their latest attacks.

Something something SJWs

Edit: This actually has nothing to do with git but I was in a hurry to post so enjoy your fake news

Orange Site discussion

holy FUCK.

Windows Snipping Tool is vulnerable to Acropalypse too.

An entirely unrelated codebase.

The same exploit script works with minor changes (the pixel format is RGBA not RGB)

Tested myself on Windows 11 https://t.co/5q2vb6jWOn pic.twitter.com/ovJKPr0x5Y

— David Buchanan (@David3141593) March 21, 2023

https://news.ycombinator.com/item?id=35249971

Yes, it requires save-crop-save, which is probably not the predominant use-case but I think it's still gonna be frequent.

This also applies to the "Snip & Sketch" tool in Windows 10.

Note that this doesn't apply to the windows 10 snipping tool.

https://news.ycombinator.com/item?id=35247174

No major or dramatic threads yet

Join the waitlist here