Thursday, December 18, 2014

Shadowy forces controlling online conversations

I suggest reading the whole article at the following link:


At the HITB event, Haroon Meer and his team from South African-based Thinkst, an applied research company that focuses on information security, spoke about how certain parties – whether individuals with mischief in mind, organisations with vested interests, or certain nation-states – have been using false identities to control online conversations.

Unknown forces are making sure their voices are the loudest in online discourse.

In his talk Weapons of Mass Distraction: Sock Puppetry for Fun and Profit, Haroon and his team demonstrated how they successfully gamed systems ranging from mailing lists, online polls, Twitter and Reddit, to major news sites and comment systems. More importantly, they also collected forensic evidence that such tampering has already been going on.

“It’s the concept of rent-a-crowd, brought to the Internet age using sock puppets – essentially accounts that are created online that don’t really represent real people, and are used to sway people’s opinions in forums and other online get-togethers,” he told a rapt audience at HITBSecConf.

“So we thought, if we were an evil corporation or an ‘Evil.Gov,’ what would we do with sock puppets to try and influence hearts and minds? We looked at how we could control the narrative, how we could either get more attention to things or distract people from things, using sock puppets – essentially how we could increase or decrease eyeballs on the things we want.

“We looked at what can be done; what we think will be done; and what we see is already being done,” he added.


Censorship on the Internet can get routed around. But much like how US authorities learned during the protests of the 1960s that brute force was not as effective as infiltration, today’s regimes are learning that the art of deception makes a more effective tool.


“The main reason we care about this is because we think that this sort of censorship is going to be more insidious than straight-up censorship, because it kind of combines a technical hack, and a mental hack of sorts – you actually think you’re free, but you’re being manipulated behind the scenes,” he added.


“So you can use sock puppets to attract people’s attention to something you want them to read, or to distract them from something you don’t want them to read,” said Haroon. “It’s relatively simple, and all too-intuitive.”

Thinkst believes that certain parties can not only use such sock puppetry to manipulate people into paying attention to items, or to distract from reading others, but this technique can also be used to discredit opponents by doing a bad sock puppetry operation on their ‘behalf.’

Online polls are a perennial favourite, easily gamed and very influential too, since major news sites use them.


“One thing’s crystal clear – on social media it is easy to mistake popularity for credibility,” Lotan had said.

“One of things he [Lotan] found was that ‘bought followers’ actually win you ‘organic followers,’ and that those real followers stay on even after your bought followers dropped off,” said Haroon.

“This is kind of intuitive, because if you use Twitter, you’d be more likely to follow someone with a high follower count than someone with a low count,” he added.

“Why does this matter? Because of the way we use Twitter – it’s not like an RSS feed. You don’t go in to catch up on all the day’s tweets, it’s a stream that you dip into.

“If I can convince a lot of people to follow me just by tweeting more, I get to dominate that person’s timeline, and essentially, what I get to do is crowd out other conversations. I can crowd out what I don’t want them to see,” Haroon said, referring to the practice of ‘timeline crowding.’


“To remove a comment from the page, you can just keep flagging it as inappropriate and it will disappear until the admin has looked into it,” he added.

More worrying, his colleague Azhar then showed how you can download an actual user’s token from LifeFyre when he or she is logged into LiveFyre, and then impersonate that user on other sites and post comments on his or her behalf.

“We get to see your history, we get to vote for you, and we can do this with multiple accounts,” said Haroon. “Effectively, we get to do sock puppetry using real accounts.”


Having verified how easy it was to use manipulate online conversations, the Thinkst team then set out to explore whether such techniques were actually being used.

“It’s obvious they are – the most obvious recent example was Common Dreams, a website for news and views from the progressive community,” said Haroon.

“They were getting a lot of anti-Semitic comments on their pages, and were in fact in danger of losing their funding because their funders were not comfortable with such comments.

“After a little investigation, they found it was all linked to a college kid – what he did was post these sock puppet comments, then sent email to organisations to say ‘We’re being seriously oppressed here,’ etc.

“As Marco [Slaviero] has shown, you can effectively mute a voice by flagging it enough times, and we see this all the time, with appeals to others to downvote a comment you don’t agree with, which is what the IDF (Israeli Defence Forces) has done,” he added.


Haroon later told DNA that part of OTF grant includes Thinkst building tools that would allow others to detect such sock puppetry on their sites, and to counteract it. The company is in the process of doing so.

No comments:

Post a Comment