248 stories
·
2 followers

Carnegie Mellon Researchers: Half of Twitter Accounts Discussing COVID-19 Are Disinformation Bots

1 Share

Karen Hao, writing for MIT Technology Review:

Kathleen M. Carley and her team at Carnegie Mellon University’s Center for Informed Democracy & Social Cybersecurity have been tracking bots and influence campaigns for a long time. Across US and foreign elections, natural disasters, and other politicized events, the level of bot involvement is normally between 10 and 20%, she says.

But in a new study, the researchers have found that bots may account for between 45 and 60% of Twitter accounts discussing covid-19. […] Through the analysis, they identified more than 100 types of inaccurate covid-19 stories and found that not only were bots gaining traction and accumulating followers, but they accounted for 82% of the top 50 and 62% of the top 1,000 influential retweeters. […]

Unfortunately, there are no easy solutions to this problem. Banning or removing accounts won’t work, as more can be spun up for every one that is deleted. Banning accounts that spread inaccurate facts also won’t solve anything.

I don’t understand this conclusion at all. If a team at Carnegie Mellon can do this research, so too could a team at Twitter itself. Or Twitter could just use outside teams like the one at Carnegie Mellon.

What we know is that bots are harmful — they spread misinformation with disastrous real-world effect. And we know that both bot accounts and disinformation in the content of posts can be identified at scale, algorithmically. On a social network, anti-disinformation software wouldn’t have to eradicate all disinformation to be radically effective — it only needs to start with the posts that are reaching the most people and work down the popularity graph from there.

The argument that Twitter and Facebook can’t beat disinformation by banning it is like arguing that email providers can’t beat spam. Spam hasn’t been eradicated but it has been effectively diminished. There’s absolutely no reason Twitter and Facebook can’t defeat social media disinformation to the same degree we’ve defeated spam email. They haven’t done so because they don’t want to, presumably because they consider the “engagement” generated by these bots worth the social destruction they cause.

Link: technologyreview.com/2020/05/21/1002105/covid-bot-twitter…

Read the whole story
Belfong
1 day ago
reply
malaysia
Share this story
Delete

Star Wars is awesome

1 Share


Star Wars is awesome

Read the whole story
Belfong
2 days ago
reply
malaysia
Share this story
Delete

iOS 13.5: The Pandemic Release

1 Comment

Today Apple released iOS 13.5. I can’t help but think of this as the pandemic release with several Covid-19 related changes and features:

  • If the phone detects you are wearing a face mask, it will go straight to passcode entry.

  • FaceTime now has the option to turn off those floating panels. How much you want to bet there where a bunch of Apple Executives working from home in the last two months saying, “what the hell is this?”

  • It’s also now easier to share your data with emergency services.

The Exposure Notification API

I’ve written a lot over the years about government intrusion on user privacy and my general preference that we be allowed to keep our device information private. So when I first heard about this feature, I was skeptical.

Since then, I’ve read the Apple/Google documentation and studied this new feature in greater detail. I’ve also watched the mounting global death toll as a result of this horrible disease.

I fully support the exposure notification API.

Apple and Google created this collaboratively. Because the companies have such different views on user data, I think this was a good thing.

As implemented, your phone will act as a Bluetooth beacon and generate a random identifier. It will then keep a list of other random identifiers you’ve come in contact with. If, for example, you ride up an elevator with a group of other iPhone and Android devices, the anonymous data will keep track of that. If a healthcare professional determines one of those devices was attached to a human that later is diagnosed with Covid-19, you’ll get a notification that you’ve been exposed and advised of the next steps.

There is no geo-tracking. It’s just a list of what random numbers saw what other random numbers. I think it’s a smart API that helps us deal with a massive health crisis and protects user privacy at the same time.

There are already too many people dead. Count me in.

Read the whole story
Belfong
4 days ago
reply
Count me in for the Exposure Notification API.
malaysia
Share this story
Delete

‘Hide UI’ — New Grayshift Feature Plants Hidden Passcode Monitoring Software on iPhones

1 Comment

Olivia Solon, reporting for NBC News:

Software called Hide UI, created by Grayshift, a company that makes iPhone-cracking devices for law enforcement, can track a suspect’s passcode when it’s entered into a phone, according to two people in law enforcement, who asked not to be named out of fear of violating non-disclosure agreements. […]

The GrayKey device, first revealed by Forbes and detailed by security blog Malwarebytes, is a small box with two iPhone lightning cables sticking out of it that was launched in March 2018. Law enforcement officials can plug any recent model of iPhone into the cables to install an “agent” (a piece of software) on the device. The agent then attempts to crack the passcode, offering an estimate for how much time it might take.

In order for this feature to work, law enforcement officials must install the covert software and then set up a scenario to put a seized device back into the hands of the suspect, said the people familiar with the system. […] For example, a law enforcement official could tell the suspect they can call their lawyer or take some phone numbers off the device. Once the suspect has done this, even if they lock their phone again, Hide UI will have stored the passcode in a text file that can be extracted the next time the phone is plugged into the GrayKey device. Law enforcement can then use the passcode to unlock the phone and extract all the data stored on it.

Anyone who trusts their device after they know it’s been in the hands of law enforcement is a fool. You’d have to be pretty stupid to fall for this, but there are a lot of stupid people out there.

Grayshift, you will recall, was cofounded by Braden Thomas, who spent six years at Apple as a security engineer, and who is, to say the least, not popular with his former colleagues. “What a fucking piece of shit,” one former Apple engineer told me of Thomas back in January.

Link: nbcnews.com/tech/security/iphone-spyware-lets-cops-log…

Read the whole story
Belfong
5 days ago
reply
It's easy to be fooled by the police if you are already under duress. I don't think people are stupid, they are just under too much stress and it's natural to use a returned device to call a friend, lawyer or someone.
malaysia
Share this story
Delete

US savages WHO as it promises pandemic review, but China pledges US$2bil

1 Share
Trump describes WHO as a “puppet of China” and says it has 'done a very sad job' in its handling of the coronavirus.
Read the whole story
Belfong
6 days ago
reply
malaysia
Share this story
Delete

How Signal Integrates With Giphy While Preserving Privacy

2 Shares

Joshua Lund, writing for the Signal blog back in 2017:

In order to hide your search term from GIPHY, the Signal service acts as a privacy-preserving proxy. When querying GIPHY:

  1. The Signal app opens a TCP connection to the Signal service.

  2. The Signal service opens a TCP connection to the GIPHY HTTPS API endpoint and relays bytes between the app and GIPHY.

  3. The Signal app negotiates TLS through the proxied TCP connection all the way to the GIPHY HTTPS API endpoint.

Since communication is done via TLS all the way to GIPHY, the Signal service never sees the plaintext contents of what is transmitted or received. Since the TCP connection is proxied through the Signal service, GIPHY doesn’t know who issued the request.

The Signal service essentially acts as a VPN for GIPHY traffic: the Signal service knows who you are, but not what you’re searching for or selecting. The GIPHY API service sees the search term, but not who you are.

I believe this is basically how Apple’s Giphy search in Messages on iOS (through the built-in “#images” app) works. But if anyone knows for sure, let me know.

Link: signal.org/blog/signal-and-giphy-update/

Read the whole story
Belfong
6 days ago
reply
malaysia
Share this story
Delete
Next Page of Stories