this post was submitted on 17 Oct 2024
176 points (98.9% liked)

Technology

34906 readers
249 users here now

This is the official technology community of Lemmy.ml for all news related to creation and use of technology, and to facilitate civil, meaningful discussion around it.


Ask in DM before posting product reviews or ads. All such posts otherwise are subject to removal.


Rules:

1: All Lemmy rules apply

2: Do not post low effort posts

3: NEVER post naziped*gore stuff

4: Always post article URLs or their archived version URLs as sources, NOT screenshots. Help the blind users.

5: personal rants of Big Tech CEOs like Elon Musk are unwelcome (does not include posts about their companies affecting wide range of people)

6: no advertisement posts unless verified as legitimate and non-exploitative/non-consumerist

7: crypto related posts, unless essential, are disallowed

founded 5 years ago
MODERATORS
 

The plan, mentioned in a new 76-page wish list by the Department of Defense’s Joint Special Operations Command, or JSOC, outlines advanced technologies desired for country’s most elite, clandestine military efforts. “Special Operations Forces (SOF) are interested in technologies that can generate convincing online personas for use on social media platforms, social networking sites, and other online content,” the entry reads.

The document specifies that JSOC wants the ability to create online user profiles that “appear to be a unique individual that is recognizable as human but does not exist in the real world,” with each featuring “multiple expressions” and “Government Identification quality photos.”

In addition to still images of faked people, the document notes that “the solution should include facial & background imagery, facial & background video, and audio layers,” and JSOC hopes to be able to generate “selfie video” from these fabricated humans. These videos will feature more than fake people: Each deepfake selfie will come with a matching faked background, “to create a virtual environment undetectable by social media algorithms.”

you are viewing a single comment's thread
view the rest of the comments
[–] Warl0k3@lemmy.world 0 points 1 month ago* (last edited 1 month ago) (1 children)

We are pathetically behind in the cyber warfare sphere, though. Like at this point it's embarrassing, we don't even have the semblance of security education or standards for digital hardening. it's just fucking awful, and we are being obliterated by chinese/russian/anyone else troll farms and hackers because of it. massive data breaches are a weekly occurrence.

Its just... we've got the NSA, sure, and they are good at what they do. But what they do is not what we need. Right now, you can scatter some USB drives outside any gvmt office here and some poor dumb HR rep or whatever will invariably plug it in to their work desktop, and they'll totally fail to understand why it was bad for them to do that.

[–] davel@lemmy.ml 13 points 1 month ago* (last edited 1 month ago) (1 children)

We are pathetically behind in the cyber warfare sphere, though.

Not relative to other countries.

we are being obliterated by chinese/russian/anyone else troll farms

We are not; we are told we are. It’s propaganda coming from our own security state, pointed at us. Why? To manufacture our consent to censorship. They are telling us that other countries are doing to us what they are doing to other countries, and have been since even before the internet existed.

Listen to this complete inversion of reality from Biden: How would it be if the United States were viewed by the rest of the world as interfering with the elections directly of other countries, and everybody knew it?

[–] Warl0k3@lemmy.world -1 points 1 month ago* (last edited 1 month ago) (1 children)

Yeah... this is an example of what I'm talking about. It's the romanticized version of the wild west online right now, and whenever you talk about the need for increased security, you're subjected to a ~~propaganda lecture~~ (edit for clarity:) lecture about propaganda and the political implications of fucking twitter or something. Everyone is so primed to respond along the party line to the idea of troll farms that the conversation about how they're used outside of influencing our elections never even occurs to people. Most don't even realize it's an issue that could be discussed.

So lets be clear here, while you're absolutely correct about what you're saying, that's not related to what I was saying.

The near constant spear phishing, network intrusion, ransomware, impersonation, false landings, etc. attacks that every government, medical, social and technical system in the country is being constantly subjected to is the issue I am qualified to speak about. It's an area where the US isn't even attempting to fight back, and as beautiful as headline-darling things like stuxnet were, the developers that worked on it haven't figured out how to mitigate ex: the rampant identity theft throttling the country. My favorite new one has been the theft of identity and thence blackmail of recently paroled prisoners, since a bad actor can easily get them returned to prison by just, say, using their credit card at a walmart out-of-state, or applying for public benefits in a different city. This happens all the time and nobody, at all, is talking about it. It's so common I was brought in to write a set of tools that auto-generate the letter informing out-of-state LEO agencies that the person was the victim of identity theft and should not be found in violation of their parole terms, since that was so common it was all their entire staff were spending their time doing.

That's just the one example that has occured to me, if you want more I can go on for very literal hours (just ask my students (who are no doubt quite stick of the topic...)). There's no systems, or even the political or social will to investigate developing systems, that could even begin to address the most basic issues in this realm. That is the problem I was screaming helplessly into the void about.

[–] davel@lemmy.ml 3 points 1 month ago* (last edited 1 month ago) (1 children)

Yeah, I work in this industry, in the US. I’m familiar with the specific attacks you mentioned. I’ve been paid to lose sleep over these things. I’ve worked extra hours dealing with DDOS attacks and suspected intrusions and zero-day fire drills. I know.

But this isn’t unique to the US. It’s basically the same everywhere. And the US isn’t uniquely “behind.” Everyone’s behind. If the US is unique at all, it’s that we happen to own & run more internet services than anyone else.

[–] Warl0k3@lemmy.world -1 points 1 month ago* (last edited 1 month ago)

I’m familiar with the specific attacks you mentioned

(I made "false landings" up.)

No, it's not unique to the US. But we're by far the most dependent on technology out of any country and knowing this we talk a big game and do nothing to back said game up. The frequency with which [any agency you care to name] fails information security audits is pretty much just one long interrupted string of failures, and having worked with many western non-US governmental groups, the difference in security culture is pretty shameful.