Linking the Signal CLI with Signal on your mobile.

Jan 02, 2017

20170107: It's not "group name" it's "Group ID."  I don't know how to find that yet.

The communications program Signal by Open Whisper Systems is unique in several respects.  Firstly, its barrier to entry is minimal.  You can search for it in the Google Play online store or Apple iOS appstore and it's waiting there for you at no cost.  Second, it's designed for security by default, i.e., you don't have to mess around with it to make it work, and it does does the right thing automatically and enforces strong encryption by default (unlike a lot of personal security software).  It interoperates seamlessly with people who don't use Signal but you have the option to invite them to install it with a single tap.  Its protocol is an open standard that multiple companies have implemented, so theoretically anyone can write their own implementation of the client (Android, iOS) or server, or compile it for themselves.  It's an SMS/MMS application, so you can use it as your default text messaging client on your mobile, plus it can do text message conferencing with multiple people automatically (it's a great way to keep in touch with friends if you're at the same con).  There's even a desktop Signal client that runs inside of Google Chrome or Chromium (source code for the interested and curious).

So, why, exactly am I posting about Signal?

There is a little-known command-line implementation of Signal that I've been experimenting with because I eventually plan on writing a bot for my exocortex.  In playing around with it, I've come to realize that it's not particularly friendly to use at all, and I might have to break down and use the dbus interface to do anything useful with it.  Which I don't look forward to, but that's not the point.  The point is, I've compiled some notes about how to use the command line version of Signal and I wanted to put them online in case somebody will find them helpful.

Click for the rest of the article...

A toast.

Jan 01, 2017

Here's to the sysadmins, who fight to keep everything up and running.  And reboot printers along the way.

Here's to tier-1 tech support, who know the answers but are only allowed to recite from their scripts.

Here's to the pen testers, who keep plugging away.

Here's to desktop support, who occasionally see things they can never unsee.

Here's to the red team, who throw everything from Devo costumes to pork chops to ballroom gowns to the kitchen sink at the mission.

Here's to the hacktivists, who toil endlessly to make the world a better place.

Here's to the open source hackers, whose thankless tasks are labors of love.

Here's to the whistleblowers, who lay everything on the line to try to set things right.

Here's to the lawyers, who honestly answer the question "So, how much trouble could I get in if I did this?"

Here's to the reversers, who yank out their hair while asking the question "What the hell does this even mean?" over and over again.

Here's to the hackers who submit talks to DefCon every year but never get accepted.  You keep trying, over and over again.

Here's to the people with the honest questions, who uncover horrors never before dreamed.

Here's to the newbies, who spend long hours punching away to learn arcane skills to satisfy their own curiosity.

Here's to you.

2017.ev

Jan 01, 2017

Happy New Year, everybody.

Why I dislike loud parties.

Dec 22, 2016

Generally speaking, I dislike loud and busy parties.  I find that my senses become overloaded in a very short period of time - all the voices, all the background sounds, all the random noise, the echoes from hard surfaces... it's very unpleasant.  After a short period of time in such an environment, my vision is all but useless.  The fog, the mist, the random colors.. on top of that, my tactile sense goes nuts.  Being rubbed down with wet and dry sponges, fans blowing on the front and back of my head at full blast, my legs vibrating backwards and forwards (and knees dont bend backwards), my fingers bending in a direction they don't go in... it's not a pleasant environment to be in.

Base image was taken at the EPIC awards banquet in 2014, Washington, DC.  I've just now gotten around to trying to depict what sensory overload looks like.

The 2016 election and weird patterns on Twitter.

Dec 18, 2016

You've already read my opinion of the 2016 election's outcome so I'll not subject you to it again. However, I would like to talk about some weird stuff I (we, really) kept noticing on Twitter in the days and weeks leading up to Election Day.

As I've often spoken of in the past, a nontrivial portion of my Exocortex is tasked with monitoring global activity on Twitter by hooking into the back-end API service and pulling raw data out to analyze. Those agents fire on a stagged schedule, anywhere from every 30 minutes to every two hours; a couple of dozen follow specific accounts while others use the public streaming API and grab large samples of every tweet that hits Twitter around the world.

If you want to look at a simplified version of that agent network to see how it works I've made it available on Github. As you can see, the output of that particular agent network is batched into e-mails of arbitrary size using the Email Digest Agent and is sent to one of my e-mail addresses as a single batch. The reason for this is twofold; it's easier to scan through a large e-mail and look for patterns visually than it is to scan through several dozen to several hundred separate messages in sequence, and it uses fewer system resources on my e-mail provider to store and present to me that output.

Six or seven weeks before Election Day, Lifeline (the recognition code for the agent network which carries out these sorts of tasks for me) started sending me gigantic e-mail digests every hour or so, containing something like several hundred tweets at a time (the biggest was nearly a thousand, as I recall). Scanning through those e-mails showed that most of the tweets were largely identical, save for the @username that sent them. Tweets about CNN and the Washington Post being GRU and SVR disinformation projects or on-the-ground reporting tagged with #fakenews. Links pointing to Infowars articles (the tweets consisted of the titles of posts, links, and the same sets of hashtags; if you ran the Twitter-compressed URLs through a URL unshortener they all pointed to the same posts). Anti-Bernie and anti-Hillary tweets that all had the same content and the same hashtags. Trump as the second coming messages and calls to action. Rivers of bile directed at political comentators and reporters. Links to fake Wikileaks Podesta e-mails that went to Pastebin or other post-and-forget sites (there wasn't even enough data in the fakes to attempt to validate them (by the bye, the method linked to is really easy to automate)). I saw the same phenomenon with #pizzagate tweets, only the posts came in shorter bursts more irregularly. It went on and on, day and night for weeks, hundreds upon hundreds of unique copies of the same text from hundreds of different accounts. I had to throw more CPUs at Exocortex to keep up with the flood.

All of these posts, when taken together as groups or families consisted of exactly the same text each and every time, though the t.co URLs were different (a brief digression: Twitter's URL shortening service seems to generate different outputs for the same input URL to implement statistics gathering and user tracking as part of its business strategy). Additionally, all of those posts went up more or less within the same minute. The Twitter API doesn't let you pull the IP addresses tweets were sent from but the timestamps are available to the second. If you looked at the source field of each tweet (you'll need to scroll down a bit), they were all largely the same, usually empty (""), with a few minor exceptions here and there. The activity pattern strongly suggests that bots were used to strafe circles of human-controlled accounts on Twitter that roughly correspond to memetic communities. Figuring that somebody had already done some kind of visualization analysis (which I suck at), I had Argus (one of my web search bots) do some digging and he found a bunch of pages like this study, which seem to back up my observations.

The sort of horsepower needed to create such an army of bots would be very easy to assemble: Buy a bunch of virtual machines on Amazon's EC2. Write a couple of bots using Ruby or Python. Sign up for a bunch of Twitter accounts or just buy them in bulk. Make a Docker image that'll effectively turn one EC2 instance into as many as you can reasonably run without crashing the VM. Deploy lots and lots of copies of your bots into those Docker containers. Use an orchestration mechanism like Ansible to configure the bots with API keys and command them en masse; if you're in a time crunch you could even use something like pssh to fire them all up with a single command. Turn them loose. If you've been in IT for a year, this is a Saturday afternoon project that won't cost you a whole lot, but could make you a lot of money.

"Well, yeah, there was an army of bots advertising on Twitter. What else is new?" you're probably saying.

What I am saying is simply this: This post describes a little bit about how this sort of media strategy works, what the patterns look like at the 50000 foot view, and my/our observations. I don't think I did anything really ground-breaking here, only in the sense that I used a bunch of AI systems that stumbled across what was going on by accident. It was the hardcore data scientists who did the real academic work on it (though that work is a bit inaccessible unless you're a computer geek).

Memetic warfare is here, and our social networks at the battlegrounds. Armor up.

Memetic warfare in America.

Dec 04, 2016

The current state of anyone's capacity to get any useful information in the United States these days, which is to say next to impossible due to the proliferation of fake news sites and pro-trolls doing their damndest to lower the signal-to-noise ratio to epsilon, is the logical end result of the following progression of cliches:

"You can't believe everything people tell you."

"You can't believe everything you read in books."

"You can't believe everything you see on TV."

"You can't believe everything your friends tell you."

"You can't believe everything your teachers tell you."

"You can't believe everything you read in magazines."

"You can't believe everything in your textbooks; they're written by people with agendas."

"You can't believe anything in newspapers."

"You can't believe everything you read on the Internet."

The @DNAlounge is in trouble.

Dec 19, 2016

20161228:  The DNA has started a Patreon account to accept donations!

20161222: It seems that the DNA Lounge is coming up with contingency plans, and they need our help!

Yesterday, JWZ, owner and operator of the DNA Lounge in San Francisco, CA made an upsetting and disturbing announcement.

The DNA Lounge is in danger, and may have to close down soon.

JWZ bought the space that is now the DNA roughly 17 years ago and during that time it's become one of the premiere hotspots of SF nightlife.  Just about any kind of event you can imagine has been thrown here, from a local motorcycle club renting it out while their primary clubhouse was undergoing repairs to the Electronic Frontier Foundation's silver anniversary, and raves a-plenty over the years.  Many have come to see a burlesque show or two at the DNA, or catch an up-and-coming band in a new and strange genre of music, or even come for a slice of pizza and a glass of beer while hoping to be tapped for the stage show of Point Break Live once upon a time.  I don't think anybody can easily count the number of concerts the DNA's hosted over the years (though I've no doubt that JWZ would probably know off the top of his head).  Long time readers are probably aware that I usually haunt Death Guild, the country's longest running gothic/industrial club night as well as Turbo Drive, the only synthwave dance night I've found anywhere in the country.

In the last two years attendance has dropped off noticeably, and it's hurt the DNA Lounge in a real way.  JWZ says that he can't afford to subsidize it anymore, and it might have to go out of business for good.

All I can ask of any of you, gentlebeings, is this:

Please re-share this post far and wide, so that as many people can see it.  If you'll be in the Bay Area for any length of time, please visit the DNA Lounge.  Go on a night of the week and pay the club a visit, it's not expensive to get in and the people there are genuinely cool folks; treat them well and they'll treat you well.  Give the music on that night a fair listen that night.  You might like it, you might not, but either way you'll be exposed to something new.  If you can't make a concert or a club night (or the night's really not your thing), visit DNA Pizza next door and pick up breakfast, get lunch, or maybe have a slice or two and a cold one after work.  DNA Pizza's open 24x7 and they have some of the best pizza in SF.  Hell, if you're on the other side of the country and there's no way you'll make it to California in time, consider buying something from the online store?

The DNA Lounge is a fixture in the community of San Francisco.  You can see just about any kind of live act, hear styles of music you've never heard before, and dance until your legs are sore.  This club means a lot to many of us and we don't want to see one of the few places that we can be ourselves go away.  Please, if you can, help JWZ out and keep the DNA Lounge alive.

Neologism: Hopepothesis

Dec 18, 2016

Hopepothesis - noun - What you come up with when you really don't know what you're doing or what's going on, but you pull something out of your ass anyway.  If anybody asks, that's your working hypothesis.