Can Digital Poison Corrupt The Algorithm?

These days, so much of what we see online is delivered by social media algorithms. The operations of these algorithms are opaque to us; commentators forever speculate as to whether they just show us what they think we want to see, or whether they try to guide our thinking and habits in a given direction. The Digital Poison device  from [Lucretia], [Auxence] and [Ramon] aims to twist and bend the algorithm to other ends.

The concept is simple enough. The device consists of a Raspberry Pi 5 operating on a Wi-Fi network. The Pi is set up with scripts to endlessly play one or more select YouTube videos on a loop. The videos aren’t to be watched by anyone; the device merely streams them to rack up play counts and send data to YouTube’s recommendation algorithm. The idea is that as the device plays certain videos, it will skew what YouTube recommends to users sharing the same WiFi network based on perceived viewer behavior.

To achieve subtle influence, the device is built inside an unobtrusive container. The idea being that it could be quietly connected to a given WiFi network to stream endlessly, in turn subtly influencing the view habits of other users on the same network.

It’s difficult to say how well this concept would work in practice. In many cases, sites like YouTube have robust user tracking that feeds into recommendation algorithms. Activity from a random user signed into the same network might not have much of an influence. However, conceptually, it’s quite interesting, and the developers have investigated ways to log the devices operation and compare it to recommendations fed to users on the network. Privacy provisions make this difficult, but it may be possible to pursue further research in this area. Files are on Github for the curious.

Ultimately, algorithms will always be a controversial thing as long as the public can’t see how they work or what they do. If you’re working on any projects of your own in this space, don’t hesitate to let us know!

[Thanks to Asher for the tip!]

Credit: Xinmei Liu

The US Surgeon General’s Case For A Warning Label On Social Media

The term ‘Social Media’ may give off a benign vibe, suggesting that it’s a friendly place where everyone is welcome to be themselves, yet reality has borne out that it is anything but. This is the reason why the US Surgeon General [Dr. Vivek H. Murthy] is pleading for a health warning label on social media platforms. Much like with warnings on tobacco products, it’s not expected that such a measure would make social media safe for children and adolescents, but would remind them and their parents about the risks of these platforms.

While this may sound dire for what is at its core about social interactions, there is a growing body of evidence to support the notion that social media can negatively impact mental health. A 2020 systematic review article in Cureus by [Fazida Karim] and colleagues found anxiety and depression to be the most notable negative psychological health outcomes. A 2023 editorial in BMC Psychology by [Ágnes Zsila] and [Marc Eric S. Reyes] concurs with this notion, while contrasting these cons of social media with the pros, such as giving individuals an online community where they feel that they belong.

Ultimately, it’s important to realize that social media isn’t the end-all, be-all of online social interactions. There are still many dedicated forums, IRC channels and newsgroups far away from the prying eyes and social pressure  of social media to act out a personality. Having more awareness of how social interactions affect oneself and/or one’s children is definitely essential, even if we’re unlikely to return to the ‘never give out your real name’ days of  the pre-2000s Internet.

MS-DOS Meets The Fediverse

By now, most Windows users are set up with decently functional machines running Windows 10 or 11. Of course there are a few legacy machines still lagging behind on Windows 7 or 8 and plenty of computers in industrial settings running ancient proprietary software on Windows XP. But only the most hardcore of IBM PC users are still running DOS, and if you have eschewed things like Unix for this command-line operating system this long you might want to try using it to get online in the Fediverse with Mastodon.

The first step is getting DOS 6.22, the most recent version released in 1994, set up with all the drivers and software needed to access the Internet. At the time of its release there were many networking options so the operating system didn’t include these tools by default. [Stephen] first sets up an emulated NE2000-compatible networking card and then installs the entire TCP/IP stack and then gets his virtual machine set up with an IP address.

With a working Internet connection set up, the next step on the path of exploring federated social media is to install DOStodon (although we might have favored the name “MastoDOS”) which is a Mastodon client specifically built for MS-DOS by [SuperIlu]. There are pre-compiled packages available on its GitHub page for easy installation in DOS but the source code is available there as well. And, if this is your first time hearing about the Fediverse, it is mostly an alternative to centralized social media like Facebook and Reddit but the decentralization isn’t without its downsides.

Slap This Big Red Button For An Instant Social Media Detox

Dangerous machines, like ones that can quickly reduce you to a fine red mist or a smoking cinder, tend to have a Big Red Button™ to immediately stop whatever the threat is. Well, if a more dangerous machine than social media has ever been invented, we’re not sure what it would be, which is why we’re glad this social media kill switch exists.

The idea behind [Gunter Froman]’s creation is to provide a physical interface to SocialsDetox, a service that blocks or throttles connectivity to certain apps and websites. SocialDetox blocks access using either DNS over HTTPS (DoH) or, for particularly pesky and addictive apps, a service-specific VPN. The service does require a subscription, the cost of which varies by the number of devices you want to protect, but the charges honestly seem pretty reasonable.

While SocialsDetox can be set up to block access on a regular schedule, say if you want to make the family dinner a social-free time, there may be occasions where killing social access needs to happen right now. This is where the Big Red Button comes into it, which is attached to a Wemos D1 Mini. Pressing the kill switch sends an API request to either enable or disable the service, giving you a likely much-needed break from the swirling vortex of hate and envy that we all can’t seem to live without. Except for Hackaday, of course — it’s totally not like that here.

The irony of using an IoT appliance to restrict access to social media is not lost on us, but you work with the tools you’ve got. And besides, we like the physical interface here, which sort of reminds us this fitting enclosure for a PiHole.

The Invisible Battlefields Of The Russia-Ukraine War

Early in the morning of February 24th, Dr. Jeffrey Lewis, a professor at California’s Middlebury Institute of International Studies watched Russia’s invasion of Ukraine unfold in realtime with troop movements overlaid atop high-resolution satellite imagery. This wasn’t privileged information — anybody with an internet connection could access it, if they knew where to look. He was watching a traffic jam on Google Maps slowly inch towards and across the Russia-Ukraine border.

As he watched the invasion begin along with the rest of the world, another, less-visible facet of the emerging war was beginning to unfold on an ill-defined online battlefield. Digital espionage, social media and online surveillance have become indispensable instruments in the tool chest of a modern army, and both sides of the conflict have been putting these tools to use. Combined with civilian access to information unlike the world has ever seen before, this promises to be a war like no other.

Modern Cyberwarfare

The first casualties in the online component of the war have been websites. Two weeks ago, before the invasion began en masse, Russian cyberwarfare agents launched distributed denial of service (DDoS) attacks against Ukrainian government and financial websites. Subsequent attacks have temporarily downed the websites of Ukraine’s Security Service, Ministry of Foreign Affairs, and government. A DDoS attack is a relatively straightforward way to quickly take a server offline. A network of internet-connected devices, either owned by the aggressor or infected with malware, floods a target with request, as if millions of users hit “refresh” on the same website at the same time, repeatedly. The goal is to overwhelm the server such that it isn’t able to keep up and stops replying to legitimate requests, like a user trying to access a website. Russia denied involvement with the attacks, but US and UK intelligence services have evidence they believe implicates Moscow. Continue reading “The Invisible Battlefields Of The Russia-Ukraine War”

Gaming Twitter’s Trending Algorithm To Make A Point

If you have ever taken to Twitter to gauge the zeitgeist, you’ll have noticed that among the trending hashtags related to major events of the day there are sometimes outliers of minority interest associated with single-issue causes. When a cause with a distasteful pedigree was cited one as proof of widespread public support in a debate in the UK’s House of Lords there were concerns raised that a flaw in the ranking algorithm might be responsible, and it was left to [Mallory Moore] to prove the hypothesis by getting a #ThisIsAnExploit hashtag trending without a groundswell of popular support.

Some previous detective work had established that equal ranking might be awarded equally not simply for Tweeting a hashtag but also for retweeting it. The exploit takes advantage of this by means of a relatively small cadre of people all Tweeting the tag a number of times, then retweeting all other instances of it. The resulting rank gain is then in the order of the square of the number of accounts interacting with the tag, and thus hugely inflated over the number of real participants. To test this she created the #ThisIsAnExploit tag and asked her followers to do just that: Tweet it and retweet all others containing it. In a short time the exploit succeeded, beating a very high-profile tag associated with the travails of the British Prime Minister in the process, and with most of the effort due to only 50 accounts.

Our world is now significantly influenced by social media because for many it appears more trustworthy than the old-style mass media with a print origin. Work like this is important because a reminder that transferring the message from newspaper proprietors to tech barons does not confer credibility is sorely needed. Meanwhile now the weakness is in the wild we wonder how Hackaday readers might have fun with it. Does anyone want to see a #RaiseTheJollyWrencher hashtag top the pile?

Hackaday Links Column Banner

Hackaday Links: January 16, 2022

As winter well and truly grips the northern hemisphere, it’s time once again to dunk on Tesla for leaving some owners out in the cold — literally. It seems that some Model 3 and Model Y owners are finding their ride’s heat pump isn’t exactly up to the task of, you know, pumping heat. That this seems to be happening mostly in the northeastern US and southern Canada, where a polar vortex is once again dominating the weather and driving temperatures down into the -30 °C (-22 °F) range, perhaps speaks more to the laws of thermodynamics than it does to the engineering of the Tesla climate control system. After all, if there’s not much heat outside the car, it’s hard to pump it inside. But then again, these are expensive machines, some of which have had extensive repairs to address this exact same issue when it cropped up last year. It seems to us that owners have a legitimate gripe with Tesla about this, and they may be getting some help from the Feds, who are taking an interest in the situation from a safety standpoint. After all, no heat likely means fogged up windows, and that’s hardly conducive to a safe trip. But hey, that’s what self-driving is for, right?

Much has been made of the dearth of engineering cameras on the James Webb Space Telescope, and the fact that we’ve been relying on animations to illustrate the dozens of deployments needed to unfurl the observatory and make it ready for its mission. Putting aside the fact that adding extra cameras to the spacecraft makes little sense since the interesting stuff was all happening on the side where the sun doesn’t shine, we did get treated to what was billed as “humanity’s last look at Webb” thanks to an engineering camera on the Ariane 5 rocket. But not so fast — an astrophotographer named Ethan Gone managed to spot the JWST as it transited to L2 the day after launch. Granted, the blip of light isn’t as spectacular as the Ariane shots, and it took a heck of a lot of astrophotography gear to do it, but it’s still thrilling to watch Webb moving gracefully through Orion.

Continue reading “Hackaday Links: January 16, 2022”