But after this, Internet users would be well advised to ask another question entirely: Are my “friends” even real people?
In the continuing saga of data security firm HBGary, a new caveat has come to light: detailed proposals for software that manages online “personas,” allowing a single human to assume the identities of as many fake people as they’d like.
The revelation was among those contained in the company’s emails, which were dumped onto bittorrent networks after hackers with cyber protest group “Anonymous” broke into their systems.
In another document unearthed by “Anonymous,” one of HBGary’s employees also mentioned gaming geolocation services to make it appear as though selected fake persons were at actual events.
“There are a variety of social media tricks we can use to add a level of realness to all fictitious personas,” it said.
While there are certainly legitimate applications for such software, such as managing multiple “official” social media accounts from a single input, the more nefarious potential is clear.
The software would require licenses for 50 users with 10 personas each, for a total of 500. These personas would have to be “replete with background , history, supporting details, and cyber presences that are technically, culturally and geographacilly consistent.”
It continues, noting the need for secure virtual private networks that randomize the operator’s Internet protocol (IP) address, making it impossible to detect that it’s a single person orchestrating all these posts. Another entry calls for static IP address management for each persona, making it appear as though each fake person was consistently accessing from the same computer each time.
The contract also sought methods to anonymously establish virtual private servers with private hosting firms in specific geographic locations. This would allow that server’s “geosite” to be integrated with their social media profiles, effectively gaming geolocation services.
“Persona management software” can be used to manipulate public opinion on key information, such as news reports. An unlimited number of virtual “people” could be marshaled by only a few real individuals, empowering them to create the illusion of consensus.
You could call it a virtual flash mob, or a digital “Brooks Brothers Riot,” so to speak: compelling, but not nearly as spontaneous as it appears.
That’s precisely what got a DailyKos blogger: the potential for military-run armies of fake people manipulating and, in some cases, even manufacturing the appearance of public opinion.
“I don’t know about you, but it matters to me what fellow bloggers think,” the blogger wrote. “I consider all views. And if there appears to be a consensus that some reporter isn’t credible, for example, or some candidate for congress in another state can’t be trusted, I won’t base my entire judgment on it, but it carries some weight.
“That’s me. I believe there are many people though who will base their judgment on rumors and mob attacks. And for those people, a fake mob can be really effective.”
It was this blogger who was first to highlight the Air Force’s “persona” contract, which was available on a public website.
A call to MacDill Air Force Base, requesting an explanation of the contract and what this software might be used for, was answered by a public affairs officer who promised a call-back. No reply was received at time of this story’s publication.
Other e-mails circulated by HBGary’s CEO illuminate highly personal data about critics of the US Chamber of Commerce, including detailed information about their spouses and children, as well as their locations and professional links. The firm, it was revealed, was just one part of a group called “Team Themis,” tasked by the Chamber to come up with strategies for responding to certain bloggers and others.
“Team Themis” also included a proposal to use malware hacks against certain organizations, and the submission of fake documents in an effort to discredit established groups.
HBGary was also behind a plot by Bank of America to destroy WikiLeaks’ technology platform, other emails revealed. The company was humiliated by members of “Anonymous” after CEO Aaron Barr bragged that he’d “infiltrated” the group.
A request for comment emailed to HBGary did not receive a reply.
A list of interested vendors responding to the Air Force contract for “persona management software” included HBGary subsideary HBGary Federal, further analysis of a government website has revealed.
Other companies that offered their services included Global Business Solutions and Associates LLC, Uk Plus Logistics, Ltd., NevinTelecom, Bunker Communications and Planmatrix LLC. – Raw Story