Hi, Why would anyone bother to change your Twitter image? What do they gain from that?
-- Matt Johnson On Sat, Jan 17, 2015 at 9:00 AM, J.M. Porup <j...@porup.com> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 01/16/15 14:52, Cypher wrote: > > On 01/15/2015 11:29 AM, carlo von lynX wrote: > >> On Thu, Jan 15, 2015 at 08:49:31AM -0800, Steve Weis wrote: > >>> Note you said "users will never know" if e2e is being used, > >>> but as Moxie says "we'll be surfacing this into the UI" of > >>> upgraded clients. > >> > >> There is a systemic legal problem by which neither Facebook, nor > >> Whatsapp, nor Textsecure nor Moxie are in a position to > >> guarantee that whatever is surfaced into the UI actually means > >> what it says. > > > > I was under the impression that the government couldn't make you > > actively lie to someone. For example, if I have a message on my > > page that says "we do not collect any user data" and the government > > makes me collect data on an existing user, that's acceptable. But > > they could not stop me from changing that sign and force me to lie. > > I'd assume that would be the case with WhatsApp. Once the visuals > > are surfaced, each new encrypted connection would be forcing the > > service to actively tell a lie, which, as I understand it, isn't > > legal. Of course, IINAL so I don't know. > > I would like to give a concrete example of "commandeering." Something > that happened yesterday. > > I've been saying for a while now that Twitter has been commandeered. > There's a great deal of circumstantial evidence pointing this way. I > documented my research last March, here: > > > https://medium.com/@toholdaquill/how-the-military-uses-twitter-sock-puppets-to-control-debate-and-suppress-dissent-a4ccba1e6f05 > > Be sure to read the footnote about @Asher_Wolf. > > Then yesterday, I logged into Twitter, posted a couple of tweets, and > realized that my outgoing tweets had been hacked to include a > *different* image than my profile image. > > The image of a gun: > > https://twitter.com/toholdaquill/status/556102312494915586 > > Now, you could argue that someone must have stolen my password and > replaced my profile image. But that never happened. My profile photo > never changed. Only my outgoing tweets contained a different profile > image. To the best of my knowledge, it is not possible for Twitter > users to maintain two different profile images at the same time. > > Additionally, the only operating systems I use are Qubes and Tails. > That doesn't make my end points impregnable, but it makes > opportunistic hacks rather unlikely. > > What does this mean? > > Either: > > 1) I am a complete liar / fraud / charlatan making this up to annoy > everyone (because why?) > > or > > 2) Something like this happened: > > https://firstlook.org/theintercept/2014/02/24/jtrig-manipulation/ > > Remember? "Change their photos on social networking sites" > > Now here's the rub: the Twitter API does not include an optional > "second profile image" parameter. At least not publicly. See: > > https://dev.twitter.com/rest/reference/post/statuses/update > > Which means that, at the point of a court order / gun, Twitter has > been coerced into putting that parameter into their code, and giving > API keys to a thug who works for the FBI / CIA / NSA. > > And the funny thing? If they were trying to scare me, they failed. All > they've done is make me angry. > > JMP > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1 > > iQIcBAEBAgAGBQJUupUxAAoJEGrDVsHXOmiEufMP/2RUsZG64bYTgTSwPctjtgbC > ki8YMuELXs/VeTFDddWIQagikBgaYJxSY3zV/a/wpt0XPZiaIiQFQsLldZORGDFe > zN1CVIGtvd7u5WyV3bly34TAoXTlmqipsHXMBv8uqz2MPZe1fWJ1Vda4JIEegPmj > 9MUxfD+SfQaiTkIz/JoxfX0mKtSKf3G+yMhqqgkuYaMU2Xkx6q8PMlczKyuXIOCB > Ll2lZ2XZR03jUHdnrnCnoYhvhlGyPlrysNvutanIdhW6OdOBSEWC+JnHCh6vCfRZ > UwaMiHXcFLgcECP6JtT4xSmF5pD4+uIixWCC79HteVADUqM+Yu9HeAg0mbu9h1S1 > RoXmOuPGqaiFHDqcp1EYEj+GrpePaT0ZEC48d+7M0m5BDV5FqiK7VzvyN6zaul93 > JPC8M4EvCnCc+cyLvI6ZwY90YQoj9L80/qsBfk0U0uZjGV0KZcig6EBoVl+Y1lHO > VJwg+J3fex7y6KkMA+Cu2XCCk30Nt2hO8dy2To0wb0RwPGNBjveNR82bE6KHLOwU > niijVg+//aVJQ8oyspJwNvfbosFvHBGCZbCUYVP2cTVrDiEnE/WA7h31FSQ9Rj+g > CpGttn9DECOz1rD/uUhF2neH9n7dNj8vC4dLJavzIgwEp6xukAu8d3WIFwmmtt3u > hfIVBGXJf43LsL+9B2j7 > =IwE5 > -----END PGP SIGNATURE----- > -- > Liberationtech is public & archives are searchable on Google. Violations > of list guidelines will get you moderated: > https://mailman.stanford.edu/mailman/listinfo/liberationtech. > Unsubscribe, change to digest, or change password by emailing moderator at > compa...@stanford.edu. >
-- Liberationtech is public & archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
