Re: A Plan to Stop Violence on Social Media

[Ian Zimmerman]

On 2015-12-16 14:21 -0800, jdow wrote:

> One thing worth pointing out is if this CAN be done refusing to do it
> yourself is a shallow gesture.

No, it is not.  Refusing to take part in what you believe is wrong, even
if you know the wrong will be done eventually because the Zeitgeist
favors it, is a legitimate point of view.

Then again, I don't give a rodent's back what Facebook or Twitter does.
But I am afraid it won't stop there.

Of course this is totally OT, so I won't post anymore of this here, but
I could discuss it off-list.

-- 
Please *no* private copies of mailing list or newsgroup messages.
Rule 420: All persons more than eight miles high to leave the court.

Re: A Plan to Stop Violence on Social Media

[jdow]

On 2015-12-16 14:15, Wrolf wrote:

Video/audio/stills are a problem.

How about crowd sourcing ISIS identification, with sufficient votes (of
sufficient reputation) leading to RBL style blocking by IP address, and
retroactive elimination of posts spread across all media?

BTW, I am aware that Facebook has programmers. They seem not to have been
engaged on this subject. I am looking for a technical discussion before I engage
in the political process. One US presidential candidate has already challenged
Silicon Valley to solve this.

Interested if anyone knows any other forums for this discussion.

Wrolf


One thing worth pointing out is if this CAN be done refusing to do it yourself 
is a shallow gesture. If it can be done somebody will do it. It is probably 
better to get it out there in the open rather than hidden behind NSA, KGB, MI-5, 
or other backs.


{^_^}

Re: A Plan to Stop Violence on Social Media

[Wrolf]

Video/audio/stills are a problem.

How about crowd sourcing ISIS identification, with sufficient votes (of
sufficient reputation) leading to RBL style blocking by IP address, and
retroactive elimination of posts spread across all media?

BTW, I am aware that Facebook has programmers. They seem not to have been
engaged on this subject. I am looking for a technical discussion before I
engage in the political process. One US presidential candidate has already
challenged Silicon Valley to solve this.

Interested if anyone knows any other forums for this discussion.

Wrolf
​

Re: A Plan to Stop Violence on Social Media

[Bill Cole]

On 16 Dec 2015, at 13:39, John Hardin wrote:


On Wed, 16 Dec 2015, Bill Cole wrote:

ISIS uses any "social media" where the proprietors welcome them. That 
is a business decision of for-profit private enterprises based in 
lightly-regulated jurisdictions (mostly the US and EU) who mostly 
have not thought about that choice in those terms.


There may also be liability issues as well, particularly in the 
litigation-happy US.


If they try to filter such communications out, and don't do a perfect 
job, they could potentially be sued for damages resulting from a 
successful attack that was planned and coordinated using their 
communication tools.


If they don't try at all, their exposure to such suits may be greatly 
lessened because they are acting as a common carrier rather than a 
gatekeeper.


This is a red herring. Various service providers like to say this 
because it sounds plausible and WAS the state of the law nominally for a 
while in the late 90s, but it absolutely isn't any more. There's a safe 
harbor provision in COPPA II that essentially exempts providers from 
liability for inadequate filtering if they are doing so in good faith, 
and a similar provision in CAN-SPAM. I'm no lawyer and there's no case 
law I'm aware of, but it is extremely unlikely that a US service 
provider trying to exclude ISIS would be held liable for doing so 
imperfectly. It's pretty reasonable to assert that such controls are in 
part aimed at protecting minors, so the COPPA II safe harbor would 
apply.


As far as I can find, the only sorts of Internet service providers ever 
to be treated as common carriers in the US are last-mile access 
providers.


But more to the technical point: Bill is exactly correct. You don't 
need something like SA when you have a single point of control over 
the communications (though something like bayes might well be a 
component of central filtering).


Maybe for some services like Facebook but Bayes doesn't do well at 
classifying very short messages (e.g. Twitter), audio, video, or still 
images.

Re: A Plan to Stop Violence on Social Media

[Jered Floyd]

Wrolf, 

Facebook (et al.) already have extremely powerful engines and many engineers 
working on anti-spam/anti-fraud technologies. They're quite good at keeping 
most of the spam out of your Timeline. They don't need "our" help. 

The same techniques could plausibly be used to block ISIS propaganda, or the 
propaganda of any cause or organization deemed harmful. 

Whether this should be done is a topic out of scope for this forum. 

Regards, 
--Jered 

- On Dec 16, 2015, at 1:34 PM, Wrolf  wrote: 

> Thanks Bill. I guess I should restate my question.

> Would it be practical for 
> Twitter/Facebook/SnapChat/WhatsApp/Microsoft/Telegraph
> to use SpamAssassin like techniques of Bayesian filtering and RBL lists to
> block ISIS on social media?

> This is an invitation for discussion, not a rhetorical question. Feel free to
> repost to more appropriate forums.

> Wrolf

> Wrolf
> wr...@wrolf.net

> On Wed, Dec 16, 2015 at 1:22 PM, Bill Cole <
> sausers-20150...@billmail.scconsult.com > wrote:

>> On 15 Dec 2015, at 23:19, Wrolf wrote:

>>> Stop me if you've heard this one.

>>> Would it be practical to use the Spamassassin techniques of Bayesian
>>> filtering and RBL lists to block ISIS on social media?

>> I've definitely heard similarly unfunny and poorly thought-out jokes before.
>> Bill Gates had one called "Penny Black" which seems to have taught him that 
>> his
>> wealth would would be more helpful if spread out across a larger set of
>> hands...

>> The only reason email spam requires tools like DNSBLs, Naive Bayesian
>> classification, shared hash databases (DCC/Razor/Pyzor/IxHash) etc. is that
>> email is handled by many thousands of autonomous mail systems using a 
>> protocol
>> that by spec and default falls back to a protocol defined and designed for 
>> the
>> 1980's Internet. The collaborative tactics that are assembled by SpamAssassin
>> only make any sense to use AT ALL because email uses an open protocol where 
>> no
>> single operator or end-user sees all the traffic and no two see the same 
>> slice
>> of traffic. SpamAssassin in combination with other tools is pretty good
>> considering that challenge, but it totally sucks compared to what is possible
>> for communication systems with unified administrative control.

>> Excluding any set of @BadGuys from Twitter is within Twitter's power NOW.
>> Excluding any set of @BadGuys from Facebook is within Facebook's power NOW.
>> Excluding any set of @BadGuys from SnapChat is within SnapChat's power NOW.
>> Excluding any set of @BadGuys from WhatsApp is within WhatsApp's power NOW.
>> Excluding any set of @BadGuys from Skype is within Microsoft's power NOW.

>> ISIS uses any "social media" where the proprietors welcome them. That is a
>> business decision of for-profit private enterprises based in 
>> lightly-regulated
>> jurisdictions (mostly the US and EU) who mostly have not thought about that
>> choice in those terms. Whether they should is a complex question for other
>> fora...

>> Put another way, in specific terms:
>> I use SpamAssassin in conjunction with Postfix, MIMEDefang, various OS
>> components, and my own chicken-wire+duct-tape code in C/Perl/Shell to exclude
>> spammers *AND* ISIS (incidentally) from my own mail system. I use other
>> overlapping toolsets to do similar exclusions from mail systems whose owners
>> authorize and mostly pay me to do so. Twitter does not authorize or pay me to
>> manage their systems, so I won't try to do so. I'm quite sure that if they 
>> were
>> crazy enough to engage me for that role, I would use stronger tactics than I
>> CAN with email, using almost entirely different tools. On the other hand, the
>> policies and tactics needed to exclude spammers and/or ISIS from Twitter 
>> might
>> conflict with Twitter's business plans or the ethical principles (LOL) of 
>> their
>> corporate owners & leadership. Twitter has people whose jobs are policing how
>> Twitter is used. They do a shit job, because Twitter CHOOSES to not fund and
>> require the performance of a good job.

Re: A Plan to Stop Violence on Social Media

[John Hardin]

On Wed, 16 Dec 2015, Bill Cole wrote:

ISIS uses any "social media" where the proprietors welcome them. That is a 
business decision of for-profit private enterprises based in 
lightly-regulated jurisdictions (mostly the US and EU) who mostly have not 
thought about that choice in those terms.


There may also be liability issues as well, particularly in the 
litigation-happy US.


If they try to filter such communications out, and don't do a perfect job, 
they could potentially be sued for damages resulting from a successful 
attack that was planned and coordinated using their communication tools.


If they don't try at all, their exposure to such suits may be greatly 
lessened because they are acting as a common carrier rather than a 
gatekeeper.


But more to the technical point: Bill is exactly correct. You don't need 
something like SA when you have a single point of control over the 
communications (though something like bayes might well be a component of 
central filtering).


--
 John Hardin KA7OHZhttp://www.impsec.org/~jhardin/
 jhar...@impsec.orgFALaholic #11174 pgpk -a jhar...@impsec.org
 key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C  AF76 D822 E6E6 B873 2E79
---
  "Bother," said Pooh as he struggled with /etc/sendmail.cf, "it never
  does quite what I want. I wish Christopher Robin was here."
   -- Peter da Silva in a.s.r
---
 9 days until Christmas

Re: A Plan to Stop Violence on Social Media

[Wrolf]

Thanks Bill. I guess I should restate my question.

Would it be practical for
Twitter/Facebook/SnapChat/WhatsApp/Microsoft/Telegraph to use SpamAssassin
like techniques of Bayesian filtering and RBL lists to block ISIS on social
media?

This is an invitation for discussion, not a rhetorical question. Feel free
to repost to more appropriate forums.

Wrolf

Wrolf
wr...@wrolf.net

On Wed, Dec 16, 2015 at 1:22 PM, Bill Cole <
sausers-20150...@billmail.scconsult.com> wrote:

> On 15 Dec 2015, at 23:19, Wrolf wrote:
>
> Stop me if you've heard this one.
>>
>> Would it be practical to use the Spamassassin techniques of Bayesian
>> filtering and RBL lists to block ISIS on social media?
>>
>
> I've definitely heard similarly unfunny and poorly thought-out jokes
> before. Bill Gates had one called "Penny Black" which seems to have taught
> him that his wealth would would be more helpful if spread out across a
> larger set of hands...
>
> The only reason email spam requires tools like DNSBLs, Naive Bayesian
> classification, shared hash databases (DCC/Razor/Pyzor/IxHash) etc. is that
> email is handled by many thousands of autonomous mail systems using a
> protocol that by spec and default falls back to a protocol defined and
> designed for the 1980's Internet. The collaborative tactics that are
> assembled by SpamAssassin only make any sense to use AT ALL because email
> uses an open protocol where no single operator or end-user sees all the
> traffic and no two see the same slice of traffic. SpamAssassin in
> combination with other tools is pretty good considering that challenge, but
> it totally sucks compared to what is possible for communication systems
> with unified administrative control.
>
> Excluding any set of @BadGuys from Twitter is within Twitter's power NOW.
> Excluding any set of @BadGuys from Facebook is within Facebook's power NOW.
> Excluding any set of @BadGuys from SnapChat is within SnapChat's power NOW.
> Excluding any set of @BadGuys from WhatsApp is within WhatsApp's power NOW.
> Excluding any set of @BadGuys from Skype is within Microsoft's power NOW.
>
> ISIS uses any "social media" where the proprietors welcome them. That is a
> business decision of for-profit private enterprises based in
> lightly-regulated jurisdictions (mostly the US and EU) who mostly have not
> thought about that choice in those terms. Whether they should is a complex
> question for other fora...
>
> Put another way, in specific terms:
> I use SpamAssassin in conjunction with Postfix, MIMEDefang, various OS
> components, and my own chicken-wire+duct-tape code in C/Perl/Shell to
> exclude spammers *AND* ISIS (incidentally) from my own mail system. I use
> other overlapping toolsets to do similar exclusions from mail systems whose
> owners authorize and mostly pay me to do so. Twitter does not authorize or
> pay me to manage their systems, so I won't try to do so. I'm quite sure
> that if they were crazy enough to engage me for that role, I would use
> stronger tactics than I CAN with email, using almost entirely different
> tools. On the other hand, the policies and tactics needed to exclude
> spammers and/or ISIS from Twitter might conflict with Twitter's business
> plans or the ethical principles (LOL) of their corporate owners &
> leadership. Twitter has people whose jobs are policing how Twitter is used.
> They do a shit job, because Twitter CHOOSES to not fund and require the
> performance of a good job.
>

Re: A Plan to Stop Violence on Social Media

[Bill Cole]

On 15 Dec 2015, at 23:19, Wrolf wrote:


Stop me if you've heard this one.

Would it be practical to use the Spamassassin techniques of Bayesian
filtering and RBL lists to block ISIS on social media?


I've definitely heard similarly unfunny and poorly thought-out jokes 
before. Bill Gates had one called "Penny Black" which seems to have 
taught him that his wealth would would be more helpful if spread out 
across a larger set of hands...


The only reason email spam requires tools like DNSBLs, Naive Bayesian 
classification, shared hash databases (DCC/Razor/Pyzor/IxHash) etc. is 
that email is handled by many thousands of autonomous mail systems using 
a protocol that by spec and default falls back to a protocol defined and 
designed for the 1980's Internet. The collaborative tactics that are 
assembled by SpamAssassin only make any sense to use AT ALL because 
email uses an open protocol where no single operator or end-user sees 
all the traffic and no two see the same slice of traffic. SpamAssassin 
in combination with other tools is pretty good considering that 
challenge, but it totally sucks compared to what is possible for 
communication systems with unified administrative control.


Excluding any set of @BadGuys from Twitter is within Twitter's power 
NOW.
Excluding any set of @BadGuys from Facebook is within Facebook's power 
NOW.
Excluding any set of @BadGuys from SnapChat is within SnapChat's power 
NOW.
Excluding any set of @BadGuys from WhatsApp is within WhatsApp's power 
NOW.
Excluding any set of @BadGuys from Skype is within Microsoft's power 
NOW.


ISIS uses any "social media" where the proprietors welcome them. That is 
a business decision of for-profit private enterprises based in 
lightly-regulated jurisdictions (mostly the US and EU) who mostly have 
not thought about that choice in those terms. Whether they should is a 
complex question for other fora...


Put another way, in specific terms:
I use SpamAssassin in conjunction with Postfix, MIMEDefang, various OS 
components, and my own chicken-wire+duct-tape code in C/Perl/Shell to 
exclude spammers *AND* ISIS (incidentally) from my own mail system. I 
use other overlapping toolsets to do similar exclusions from mail 
systems whose owners authorize and mostly pay me to do so. Twitter does 
not authorize or pay me to manage their systems, so I won't try to do 
so. I'm quite sure that if they were crazy enough to engage me for that 
role, I would use stronger tactics than I CAN with email, using almost 
entirely different tools. On the other hand, the policies and tactics 
needed to exclude spammers and/or ISIS from Twitter might conflict with 
Twitter's business plans or the ethical principles (LOL) of their 
corporate owners & leadership. Twitter has people whose jobs are 
policing how Twitter is used. They do a shit job, because Twitter 
CHOOSES to not fund and require the performance of a good job.

Re: A Plan to Stop Violence on Social Media

[Rob McEwen]

On 12/15/2015 11:19 PM, Wrolf wrote:

Would it be practical to use the Spamassassin techniques of Bayesian
filtering and RBL lists to block ISIS on social media?


Bayes would have a high potential for false positives... such as 
blocking a news story about ISIS, or blocking a discussion about how to 
stop ISIS, or blocking an innocent discussion about the middle east, or 
an innocent discussion about Islam.


But ISIS isn't an nearly as much of an extremely fast moving and 
frequently morphing target as spam. Therefore, the techniques used don't 
have to have as much risk of FPs (since they wouldn't have to be as 
real-time-reacting to new scenarios) and should therefore be very 
surgically targeted towards 100% confirmed ISIS sources.


At the same time, beware of top-down solutions where governments impose 
free speech ("thought control") restrictions. Such powers could easily 
be abused in the future for nefarious purposes, such as suppressing 
criticism of the current party in power, etc.


This could be a "slippery slope".

--
Rob McEwen
+1 478-475-9032

Re: A Plan to Stop Violence on Social Media

[Marc Perkel]

Probably yes. But talk about opening a can of worms. If you can detect 
ISIS you can detect anything.


On 12/15/15 20:19, Wrolf wrote:

Stop me if you've heard this one.

Would it be practical to use the Spamassassin techniques of Bayesian 
filtering and RBL lists to block ISIS on social media?


Wrolf
wr...@wrolf.net 


--
Marc Perkel - Sales/Support
supp...@junkemailfilter.com
http://www.junkemailfilter.com
Junk Email Filter dot com
415-992-3400

A Plan to Stop Violence on Social Media

[Wrolf]

Stop me if you've heard this one.

Would it be practical to use the Spamassassin techniques of Bayesian
filtering and RBL lists to block ISIS on social media?

Wrolf
wr...@wrolf.net