On Twitter, one of the people I follow and interact with is Steffan Watkins, who follows ships and airplanes. Many sites follow ships and airplanes, and Steffan follows those sites to make sense out of who and what are going where. For example, Steffan knew a government plane was on its way long before we were told that President Trump was in Afghanistan.
He has recently been debunking stories about Russian ships and submarines off the east coast of the United States. This is a perennial story and is sometimes even true! Just as American ships and submarines do, Russian ships travel in many places in international waters. What they don’t do is dock at Mar-a-Lago.
Some of those stories come from real reporters who don’t understand what’s going on and repeat a version of something that is true but trivial. Sometimes their stories are based on dodgy websites that deliver deliberate disinformation, laundered through repetition and rumor.
Steffan doggedly checks out those news stories and sets them straight. That usually means that he debunks them, but occasionally he says yes, that Russian ship is off the coast in international waters on a normal patrol. Not once has he found the more sensational stories to be supported.
That’s what he was doing a couple of weeks ago and found a website that consistently was producing junk news stories and stealing stuff from other sites. They also advertised Trump merchandise.
That intrigued a couple of Israeli hackers, Noam Rotem and Ran Locar, who decided to check the website out. That link has all the detail for the more computer-savvy among us. Here’s their bottom line:
We found a network of dozens of websites operated by an affiliate marketer. Some of the websites pushed pro-Trump/anti-Clinton fake-news meant to use patriotism in order to sell unofficial Trump merch to Trump supporters. The technical aspects of the operation allowed us full visibility into not only the operators, but also the unwitting customers.
Many of the web addresses were registered by the same person, identified as Jackson Lin, through a company called Extreme Wisdom. Another company linked to some of the sites is Alabama company Click Wu LLC. They have been spending hundreds of thousands of dollars for advertising on Facebook. The pages have been taken down from Facebook.
Although Rotem and Locar say the motivation is money, it could be that or disinformation or both. It’s part of the stream of junk that flows through social media. It’s particularly encouraging that a bunch of amateurs exposed it. Now I’d like to see a bigger news operation take it up.
For the rest of us? Be careful what you share or retweet. Know your sources.
Watergirl is doing some diagnostics. Between them and the problems currently infecting the site, I may not be able to comment. I’ll stick around for a bit.
TaMara (HFG)
Just testing things out and seeing if I can comment.
I’ve always said, if I have no morals or dignity, I’d make a fortune off of selling merchandise to Trump/GOP supporters. An easier mark has never been made
ETA: Success! Although I am thinking of using this “repair BJ” time to take a week long break from all social media. We’ll see how long I last.
Yutsano
Speaking of diagnostics, I still can’t open the site on Firefox mobile on Android. I can open it in the Samsung browser so there’s some kind of weirdness going on there.
Bill Arnold
More of this, please. :-) (To the “amateurs”)
This terminology (bold) was new to me (and to google, at least in English):
Spanky
schrodingers_cat
How did they do this? I have been wondering how to tackle the networks of hate that BJP has nurtured and is using like its Radio Rwanda.
Another Scott
Thanks Cheryl. I suspect that we’re going to have to continue to depend on amateurs and specialists who run their own sites to get information like this out – the big news sites seemingly don’t have the ability or interest to do these types of important investigations.
One of my ever-present tabs is Krebs on Security. It’s quite eye-opening the things he posts about. For instance: It’s way to[o] easy to get a .GOV domain name.
Too much of the internet infrastructure is still based on trust without effective verification. Bad actors take advantage of that to create things that damage our economy and our democratic systems. We need to do much more to fix these issues, and we can’t continue to rely on volunteers to do it.
Cheers,
Scott.
Rob
Thank you, Cheryl. I will email a link to this post to some friends.
I second Another Scott re Krebs on Security. In fact, I need to visit that site more often.
Did the 502 monster swallow this comment? I shall soon see.
eta: Success, I avoided the monster.
Gin & Tonic
@schrodingers_cat: I’ve gone quickly through the linked article. None of what they did is sophisticated, but you have to have some knowledge of the Web ecosystem. It helps that pretty much everything they were tracking was set up by people with either no knowledge of or no interest in basic operational security. Any person with a year or two of experience could do this.
Yutsano
@Another Scott: I’m too lazy to look right now, but I wonder if the Swift on Security Twitter handle still exists.
Gin & Tonic
@Another Scott: Most of the Internet’s infrastructure is also based on technology that’s 30 years old and was designed for something completely different.
Cheryl Rofer
Thanks to the computer-savvy among us who are deciphering that article. It looks like it gives complete instructions, but I’m not the best person to interpret it.
Gin & Tonic
@Yutsano: Yes, it does. I follow it. S/he is very good.
ellenr
@Yutsano: This is what I use, on multiple Android devices. TMobile and internet connections from various providers. Maybe it’s a IP issue??? Rarely had a problem over this period, just a few times site has been down for a few minutes.
ThresherK
“LibertyFocus”.
Will I live long enough for “liberty” to be a respectable word again?
(WNBA excepted. Okay, Jeep excepted as well.)
Yarrow
Thanks, Cheryl. I’ve seen other people doing this sort of work for the last several years. We are all susceptible to disinformation and propaganda. We need much better education here about how that stuff works. At least the word “disinformation” is starting to get some attention. I’ll take that as a good sign, although it’s even easy to manipulate that.
mrmoshpotato
@ThresherK: Liberty Mutual NOT excepted. To hell with those commercials. That emu needs to kick some asses and not take names.
joel hanes
@Yutsano:
I still can’t open the site on Firefox mobile
Might help if you describe exactly what the browser does when you make an attempt that fails.
WaterGirl
@Spanky: I took the liberty of removing your empty quote box. It occurred to me too late that you might have had a secret white-on-white message in there that could only be seen by highlighting the empty space! rut roh.
WaterGirl
@Yutsano: Can you say more about what’s happening?
mrmoshpotato
@WaterGirl
WaterGirl
@mrmoshpotato: hahaha
The Golux
@mrmoshpotato:
Terrific rates, though. We just switched to them and cut our auto premium by almost 50%.
mrmoshpotato
@The Golux: And got a free emu?
The Golux
@WaterGirl: Speaking of site issues, one glitch I’ve encountered is that if I paste some text in visual mode and then enclose it in a blockquote, I cannot type below the blockquote unless I switch to text mode and enter text there. (I assume that if there were some preexisting text below the blockquote, the problem would not arise.)
mrmoshpotato
@The Golux: What I’ve done to get around that is make another empty block below, then delete it.
ETA – your workaround seems to work too.
Yutsano
@WaterGirl: I just tried it. All that happens is it shows a blank page. Like nothing refreshed. It’s been doing that since the Christmas meltdown.
WaterGirl
@The Golux: Yeah, that’s apparently the way a lot of core editor’s work, and I worried about that a bit before rollout until I realized all you have to do is hit return twice and you are popped out of the block quote. Then you can continue typing outside the block quote box.
Let me know if that works for you? Or if it doesn’t?
WaterGirl
@Yutsano: Hmm. Guessing you have already tried clearing your cache in that browser?
So you literally get a white page of nothingness? Or just the banner but nothing else? Can you get a screen capture and send it to me? Either by email to WaterGirl or though Report A Problem under Site Feedback, which let’s you attach files. thanks.
Roger Moore
@TaMara (HFG):
This is an essential point about today’s GOP base: they’re a self-selected pool of marks waiting to be fleeced by every conman who comes along. The whole right wing media operation is funded by ads from every kind of scammer under the sun.
The Golux
@WaterGirl: Both the double enter and having preexisting text below the blockquote enable the cursor below.
WaterGirl
@The Golux: Success? I didn’t mention the “always make sure you add a return or something BEFORE you select the text for blockquote” option because i sometimes forget to do that. :-)
If you haven’t done that, the double return works every time.
BruceFromOhio
@The Golux: encountered same, if I plan on using a blockquote i put four or five newlines in before pasting in the second or third line.
BruceFromOhio
BruceFromOhio
@Roger Moore: This. Money to be made if you don’t have a conscience!
J R in WV
Another great expert and security professional is Bruce Schneier, who I’ve followed for so many years that now it’s decades. Here’s his site, which by now contains a huge store of how to do it, and how NOT to do it advice on everything cyber-secure.
WaterGirl
@BruceFromOhio: If there is a secret message in there, it’s very secret! :-)
Yutsano
@WaterGirl: Stupid me didn’t think to clear out the history! I’m all good now. Thank you for the inspiration!
WaterGirl
@Yutsano: Happy dance!
WaterGirl
@Yutsano: The worst thing for the site is for people to not report problems.
The site should never be disappearing comments for no reason, for example. So whatever is happening, I need to know about it in order to get to the bottom of what’s going on.
So I’m glad I happened to be here when you mentioned it. thanks
Villago Delenda Est
One of the hilarious things about this is that these grifters are basically stealing from Donald’s official vendors, Donald isn’t getting his cut.
mrmoshpotato
@Villago Delenda Est: Sad! Nah, fuck ’em!
VOR
@Roger Moore: There is a famous article by Rick Perlstein about how much of today’s conservative infrastructure arose out of multi-level marketing.
terben
I look at this site on a daily basis and have done so for several years. I don’t post often. I’m using a laptop with Windows 10 running Firefox. I occasionally use an iPhone/iOS/Safari. I think that I must have been lucky because yesterday was my first 502 error. Are some platform/browser combinations less prone to glitches?
Steeplejack
@terben:
There doesn’t seem to be a discernible pattern yet.
Ruckus
50 yrs ago it was normal for a US warship, in international waters to be followed by a Russian naval ship. I’ve watched them when we sailed in the north Atlantic. If we were to refuel they would go much farther away, to avoid any possible collision. Also so as to not get involved if the two ships refueling did hit each other. Which has never happened before, no sir, never once did two ships, sailing along side each other in not all that calm of water, hooked up with steel cables and 10 inch pressurized fuel lines, have any kind of an issue and collide. No steering was ever lost during a refueling….
No sir that never happened…….
I also have a bridge for sale in case anyone is interested……