The recent announcement that Elon Musk purchased Twitter for $44 billion has created nervousness among many, especially over the return of questionable political groups to the micro-blogging platform.
In addition, experts have been speculating about the impact his ownership would have on the social media service.
While Musk has proposed many changes, many in the cybersecurity community have critiqued his desire to make Twitter’s algorithm open-source. In particular, media analysts have pointed out that this could invite malicious actors to “game” the algorithm and make Twitter a target for more intense cyber-attacks.
Looking into the matter for Digital Journal is Cybersecurity expert Derek E. Brink, Vice President & Research Fellow at Aberdeen Strategy & Research.
Brink is not adopting the same line as other cybersecurity commentariat, noting: “The idea that algorithms should be open and transparent has been considered best practice for nearly 140 years. It’s called Kerkhof’s Principle, which holds that trying to keep the algorithms secret — which many refer to as “security by obscurity” — is the wrong approach to maintaining security.”
The principle holds that a cryptosystem should be secure, even if everything about the system, except the key, is public knowledge. It follows, the fewer and simpler the secrets that one must keep to ensure system security, the easier it is to maintain system security.
Alternatively, Brink states: “Instead, the algorithms themselves should be public knowledge — or as put by Shannon’s Maxim (another version of the same principle), we should operate under the assumption that “the enemy knows the system.”
This means: “In cybersecurity, openness and transparency has consistently led to algorithms that are better and more secure, not less.”
Addressing those who are taking a different line, Brink says: “For those who raise the concern that an open, transparent algorithm might be “gamed” to provide some advantage — can we not say the same thing about “closed” algorithms? Everyday examples are abundant, for example: how to make your web pages more likely to be found by search engines; how to raise your credit score; how to minimize the likelihood of an IRS audit on your tax return; how to improve your candidacy on job search sites; and how to optimize your personal profile for dating sites, to name just a few.”
Returning to his theme, Brink reiterates: “Openness and transparency about how these algorithms work is the best way to prevent discrimination and corruption – or, as [U.S.] Supreme Court Justice Louis Brandeis put it, ‘sunlight is the best disinfectant’”.
