Wikinews:Water cooler/miscellaneous/archives/2018/August


Botnet of Trolls

In a low level, non-classified brief from the Department of Homeland Security which I was attending, has advised all social media and social media like organization, like the various wiki-projects, are at risk of influx from high-functioning botnets of trolls. These botnets are unique and difficult to disseminate on a technical level since they are using short lived mirror IPs which is not like tor's onion network. The high functioning part comes from using machine learning to mimic sentence structure and commonly used words in an effort drum up false media, identity theft, and overall corruption.

These botnet are state built, run, and controlled mainly by Russia but all modern nations have similar programs. This particular botnet can be directed at any nation, not just the US. Also, any language can be used. Bots can interact with each other, making it seem as though there is real dialog making it very difficult to identify. DHS has said there is some signatures of these botnet during this early development as clusters of accounts with low variability in opinions, promoting each other through a social media's hierarchy. Also the language skills will be elementary to functional, but not extensive.

Be advised, these botnets are not going away and will be harder to determine through software development and continued machine learning. Quick identification of these accounts and closing them is the first line of defense. Second is identifying the intended targets. Lastly is monitoring activity internationally, which is out of the scope and ability of wiki-projects. AZOperator (talk) 22:02, 17 July 2018 (UTC)[reply]

@AZOperator: Is there any sort of on-line source link that can be provided for this? --Pi zero (talk) 22:55, 17 July 2018 (UTC)[reply]
@Pi zero: The general report that covers this was actually done by the Department of Commerce but all intelligence would be added you can see it here. The briefing I received was updated from the May report to today. Also, getting input from multiple analysts is great but I just got two. Asking for some policy or running around with your head on fire is premature, especially when it is far out of the scope of wikinews this is only an advisory to keep a cautious eye out. AZOperator (talk) 00:49, 18 July 2018 (UTC)[reply]
@Pi zero: Earlier this week there was an article from a short lived account with horrible grammar and nothing to say, I believe you were the speedy deleter on that. Anyway, before it was deleted I did a quick IP mapping to see where it originated. According to the trace, it resided in Romania which is the home of Guccifer and has many sympathetic Wikileaks proponents. From some less than reputable sources there is a huge amount of I/O internet traffic coming out there. That may have been one of the bots I was talking about. I got shut out when I tried to pull a MAC or Serial number off of it after I got the geo mapping. AZOperator (talk) 02:13, 5 August 2018 (UTC)[reply]

19:39, 6 August 2018 (UTC)

17:52, 13 August 2018 (UTC)

16:46, 20 August 2018 (UTC)

Does the last line affect gadgets here? Gryllida (chat) 02:33, 21 August 2018 (UTC)[reply]

Editing of sitewide CSS/JS is only possible for interface administrators from now

(Please help translate to your language)

Hi all,

as announced previously, permission handling for CSS/JS pages has changed: only members of the interface-admin (Interface administrators) group, and a few highly privileged global groups such as stewards, can edit CSS/JS pages that they do not own (that is, any page ending with .css or .js that is either in the MediaWiki: namespace or is another user's user subpage). This is done to improve the security of readers and editors of Wikimedia projects. More information is available at Creation of separate user group for editing sitewide CSS/JS. If you encounter any unexpected problems, please contact me or file a bug.

Thanks!
Tgr (talk) 12:39, 27 August 2018 (UTC) (via global message delivery)[reply]

New user group for editing sitewide CSS/JS

I'm offended by the misrepresentation of this as a security measure. --Pi zero (talk) 14:19, 30 July 2018 (UTC)[reply]
Maybe we need to add all our sysops to Special:ListUsers/interface-admin, Pi zero. --Gryllida (chat) 05:35, 29 August 2018 (UTC)[reply]
@Gryllida: I added myself to the group some time ago, on the grounds that the Foundation was otherwise removing a privilege from me that the community had given to me as part of adminship and the community had not voted to remove. Over on Wikibooks, we had a discussion and agreed, explicitly, that any admin in good standing who requests the interface priv is to be given it. That way, admins who don't want the priv aren't on the list, which theoretically reduces the attack surface.

Say the word and I'll give you the interface admin priv. --Pi zero (talk) 11:16, 29 August 2018 (UTC)[reply]

Btw, an interesting development: your edit showed up for me as two separate notifications, one for the ping in the content of the edit, and another for the ping in the edit summary. --Pi zero (talk) 11:23, 29 August 2018 (UTC)[reply]

16:15, 27 August 2018 (UTC)