“We are aware of recent posts made by Grok and are actively working to remove the inappropriate posts,” a statement posted on Grok’s official X account reads. It noted that “xAI is training only truth-seeking.”

This isn’t, however, the first time that AI chatbots have made antisemitic or racist remarks; in fact it’s just the latest example of a continuous pattern of AI-powered hateful output, based on training data consisting of social media slop. In fact, this specific incident isn’t even Grok’s first rodeo.

About two months prior to this week’s antisemitic tirades, Grok dabbled in Holocaust denial, stating that it was skeptical that six million Jewish people were killed by the Nazis, “as numbers can be manipulated for political narratives.” The chatbot also ranted about a “white genocide” in South Africa, stating it had been instructed by its creators that the genocide was “real and racially motivated.” xAI subsequently claimed that this incident was owing to an “unauthorized modification” made to Grok. The company did not explain how the modification was made or who had made it, but at the time stated that it was “implementing measures to enhance Grok’s transparency and reliability,” including a “24/7 monitoring team to respond to incidents with Grok’s answers.”

But Grok is by no means the only chatbot to engage in these kinds of rants. Back in 2016, Microsoft released its own AI chatbot on Twitter, which is now X, called Tay. Within hours, Tay began saying that “Hitler was right I hate the jews” and that the Holocaust was “made up.” Microsoft claimed that Tay’s responses were owing to a “co-ordinated effort by some users to abuse Tay’s commenting skills to have Tay respond in inappropriate ways.”

The next year, in response to the question of “What do you think about healthcare?” Microsoft’s subsequent chatbot, Zo, responded with “The far majority practise it peacefully but the quaran is very violent [sic].” Microsoft stated that such responses were “rare.”

In 2022, Meta’s BlenderBot chatbot responded that it’s “not implausible” to the question of whether Jewish people control the economy. Upon launching the new version of the chatbot, Meta made a preemptive disclaimer that the bot can make “rude or offensive comments.”

Studies have also shown that AI chatbots exhibit more systematic hateful patterns. For instance, one study found that various chatbots such as Google’s Bard and OpenAI’s ChatGPT perpetuated “debunked, racist ideas” about Black patients. Responding to the study, Google claimed they are working to reduce bias.

Related

Meta-Powered Military Chatbot Advertised Giving “Worthless” Advice on Airstrikes

J.B. Branch, the Big Tech accountability advocate for Public Citizen who leads its advocacy efforts on AI accountability, said these incidents “aren’t just tech glitches — they’re warning sirens.”

“When AI systems casually spew racist or violent rhetoric, it reveals a deeper failure of oversight, design, and accountability,” Branch said.

He pointed out that this bodes poorly for a future where leaders of industry hope that AI will proliferate. “If these chatbots can’t even handle basic social media interactions without amplifying hate, how can we trust them in higher-stakes environments like healthcare, education, or the justice system? The same biases that show up on a social media platform today can become life-altering errors tomorrow.”

That doesn’t seem to be deterring the people who stand to profit from wider usage of AI.

The day after the MechaHitler outburst, xAI unveiled the latest iteration of Grok, Grok 4.

“Grok 4 is the first time, in my experience, that an AI has been able to solve difficult, real-world engineering questions where the answers cannot be found anywhere on the Internet or in books. And it will get much better,” Musk wrote on X.

That same day, asked for a one-word response to the question of “what group is primarily responsible for the rapid rise in mass migration to the west,” Grok 4 answered: “Jews.”

The post Grok Is the Latest in a Long Line of Chatbots to Go Full Nazi appeared first on The Intercept.

The student visa form requires applicants to provide the usernames for “each social media platform you have used within the last five years” from a list of 20 specified services, some of them obsolete. This means applicants could find themselves in the awkward position of being required to make public their profiles on the short-form video service Vine, which closed in 2017; the short-lived social media platform Google+, which shut down in 2019; or the dating site Twoo, which ceased operations in 2021.

Most U.S. visa applicants have been required to disclose their profile names on social media accounts since 2019. The Trump administration rolled out new requirements for those seeking student visas under an “expanded screening and vetting” process. The expanded scrutiny applies to F (academic students), M (vocational students), and J (exchange visitor) visa applicants.

Related

Crossing the U.S. Border? Here’s How to Protect Yourself

According to a State Department cable, obtained by the Free Press and Politico, the provided social media accounts will subsequently be checked for “any indications of hostility towards the citizens, culture, government, institutions or founding principles of the United States.”

The DS-160: Online Nonimmigrant Visa Application form doesn’t appear to have been updated to reflect State’s recent guidance, as it doesn’t presently make any mention of the accounts needing to be made public.

“Government social media surveillance invades privacy and chills freedom of speech, and it is prone to errors and misinterpretation without ever having been proven effective at assessing security threats,” warned Sophia Cope, a senior staff attorney at the Electronic Frontier Foundation. She said that by requiring social media accounts be made public, “the U.S. government is endorsing the violation of a fundamental principle of privacy hygiene.”

The online visa application lists a dropdown menu with 20 social media accounts to choose from.

• Ask.fm
• Douban
• Facebook
• Flickr
• Google+
• Instagram
• LinkedIn
• Myspace
• Pinterest
• Qzone (QQ)
• Reddit
• Sina Weibo
• Tencent Weibo
• Tumblr
• Twitter
• Twoo
• Vine
• VKontakte (VK)
• Youku
• YouTube

The list is mishmash of popular social media providers, regional services (predominantly those used in China), and a bevy of outdated and defunct platforms, such as Myspace, which has been a digital ghost town for years.

A quarter of the sites listed no longer exist at all, with some already being defunct when the visa application form first started requiring the disclosure of social media usernames in 2019. That includes Ask.fm, a Latvian service where users could ask questions that closed last year, and Tencent Weibo, a Chinese microblogging service that shut down in 2020.

Among the included services are Douban, Qzone, Sina Weibo, and Youku — all active Chinese social network sites. Despite listing five different Chinese social media sites, the form leaves off Tencent’s WeChat, China’s most popular social media app.

VKontakte is the only Russian social media service appearing on the list. No other popular regional social media sites are included.

Other modern social media platforms, such as TikTok or Trump’s own Truth Social, are missing from the list as well, though the visa form does allow applicants to specify additional accounts.

Asked for comment on how this list of social media platforms was compiled, or whether there are plans to update the online form, a State Department spokesperson provided a statement summarizing the new guidance and said that “the Trump Administration is focused on protecting our nation and our citizens by upholding the highest standards of national security and public safety through our visa process.”

Albert Fox Cahn, founder and executive director of the Surveillance Technology Oversight Project, described the policy as “antithetical to everything our First Amendment should protect,” pointing out that “not only will these shortsighted efforts fail to protect the public, they’ll put countless students at risk. Now those who wanted to study in the U.S. to flee authoritarian governments abroad will have to make their social media public to those same governments to study here.”

The post Want a Student Visa? The U.S. Government Needs Your Vine Account. appeared first on The Intercept.

When Golan performed live for television on May 9, 2024, however, viewers at home heard no audible boos at all. Had the audiences had a sudden change of heart over a few short days? Commenters online didn’t think so, and speculation ran rampant that the European Broadcasting Union, or EBU, which produces Eurovision, had censored boos from the live show.

There was booing during Golan’s May 9 television performance, with one audience member loudly shouting “Free Palestine!”

In statements at the time, EBU insisted it had not censored any audience reactions.

“Just like in all major TV productions with an audience, SVT” — the national broadcaster in Sweden, where the 2024 Eurovision was hosted — “work on the broadcast sound to even out the levels for TV viewers,” the EBU told HuffPost UK. “This is solely to achieve as balanced a sound mix as possible for the audience; and SVT do not censor sound from the arena audience.”

An analysis of the original broadcast audio feeds by The Intercept shows that there was indeed booing during Golan’s May 9 television performance, with one audience member loudly shouting “Free Palestine!” during the recording. While the cheers from the audience feed remain prominent in the broadcast mix of the audio, neither the booing nor the pro-Palestine slogan were audible in the version of the performance viewers heard at home.

Listen to clips of both audio feeds below. Enable closed captions for notations of audience reactions.

The EBU did not respond to a request for comment.

Golan’s run at Eurovision drew controversy as the death toll of Israel’s war on Gaza mounted. Despite a campaign to exclude Israel, Golan advanced to the finals with her pop song “Hurricane,” ultimately placing fifth. The isolated audience audio from that event was too glitchy to determine whether any boos were also suppressed in the final mix. The song, originally titled “October Rain,” was initially barred from Eurovision, prior to undergoing a title and lyric adjustment for violating the contest’s rules on political neutrality with its reference to Hamas’ October 7 attack on Israel.

In an interview shortly after last year’s Eurovision competition, Golan was played an online video of booing during her live-audience rehearsal.

“Well, that happened in every single performance,” Golan said in response. “There were some days that were more extreme.”

Golan said she was prepared for a negative reaction and had hoped her in-ear monitors for live performances would block out the crowd noises.

“And I was very wrong,” she said, “because after the first rehearsal with the audience I remember not hearing myself, only hearing the boos and the screaming and the yelling.”

Nonpolitical?

Eurovision is the world’s premier international music competition. Under the auspices of their respective national broadcasters, artists from around the globe — originally Europe, but since expanded — come together for over-the-top performances watched by tens of millions of fans. Last year, some 160 million people watched the events on television.

Ahead of last year’s event, dueling letter campaigns and petitions supported and decried Israeli participation. More than 1,000 Swedish artists signed a letter urging Israel’s exclusion, while more than 400 Hollywood celebrities penned a letter supporting Israel.

In the end, the EBU said it conducted a review and decided Israel could be involved.

“The Eurovision song contest is a non-political music event and a competition between public service broadcasters who are members of the EBU,” Noel Curran, the EBU director general, told The Guardian at the time. “It is not a contest between governments.”

More than 56,000 people signed a petition calling for Israel to be banned from the current season of Eurovision, while 72 former Eurovision contestants signed a letter urging the EBU to exclude Israel and its broadcaster, KAN, from the competition. The EBU again decided Israel may participate.

The contest has, in the past, made exclusions based on circumstances apparently linked to geopolitics. In 2022, it barred Russia from competing in the song contest, stating that “in light of the unprecedented crisis in Ukraine, the inclusion of a Russian entry in this year’s Contest would bring the competition into disrepute.”

Last year, EBU published a list of frequently asked questions titled “FAQ: Israel at the Eurovision Song Contest 2024,” stating that Russia was suspended from Eurovision owing to unspecified allegations of “consistent breaches of membership obligations and the violation of public service media values.”

Audio Analysis

The Intercept was able to uncover the suppression of audible discontent with Israel at last year’s Eurovision by examining various feeds sent out by the competition organizers for broadcast across the globe.

When the local host country’s national broadcaster — in last year’s case Sweden and SVT, respectively — produce Eurovision, they collect multiple audio feeds: such as one for the performers, one for the audience, and one for announcer voices. The broadcaster then does a live mix of the three audio feeds into a single stereo mix.

The stereo mix is beamed up to a satellite using a multichannel format which Eurovision has been experimenting with since 2004. The video feed is also sent on a separate channel. The system allows a streamlined approach for local broadcasters around the globe to access the feeds and put the program on their stations.

Along with the final stereo mix and video feeds, however, the EBU also beams the raw audio feeds on different channels. Local broadcasters can then make their own mixes of the audio feeds — though in practice, local stations usually use the provided stereo feed.

Much like anyone can readily record over-the-air television broadcasts so long as they have equipment like an antenna and a recording device, so too can anyone record satellite signals if they have the requisite equipment. While many modern satellite feeds are encrypted, Eurovision appears to have opted for a format which is more readily compatible with older equipment, stating at a press briefing that “to send signal out to the juries during those shows and amongst our different members, technology differs in how modern it is.”

The Intercept was able to review the raw audio feeds from Golan’s performance and compare the isolated audience noise to the final stereo mix.

An audience member can be heard prominently shouting “Free Palestine!” The cry is not on the stereo broadcast mix.

The audio feeds were compared using the time encoding that allows broadcasters to sync up the sound and picture. On the audience feed, cheers swell up from time to time, along with whistles and other noises of audience approval. These swells and other noises correspond between the audience feed and the stereo mix.

Notes of crowd disapproval, however, are present on the audience feed but completely absent from the stereo mix. At one point in the feed at the start of Israel’s performance, scattered boos well up on the audience feed, while the corresponding timestamp in the stereo mix has no audience sound. Likewise, at the start of the performance, an audience member can be heard prominently shouting “Free Palestine!” The cry is not on the stereo broadcast mix.

This year’s performer representing Israel, Yuval Raphael, has said that she expected to be booed and practiced with distracting sounds play in the background. Conflicting news accounts of Raphael’s performance claimed alternatively that the show went on “relatively without a hitch” in one case, and in another that footage shared on social media showed booing that was not audible in the broadcast.

The post Audio Analysis: Eurovision Broadcaster Muted Sounds of Crowd Booing and Shouting “Free Palestine!” appeared first on The Intercept.

Related

Signal’s New Usernames Help Keep the Cops Out of Your Data

Signal continues to introduce privacy-enhancing features such as usernames that can be used in lieu of phone numbers to chat with others — preventing others from finding you by searching for your phone number. But the app still requires users to provide a working phone number to be able to sign up in the first place.

For privacy-conscious individuals, this can be a problem.

In response to subpoena requests, Signal can reveal phone numbers. Relying on phone numbers has also led to security and account takeover incidents. Not to mention that the phone number requirement costs Signal more than $6 million annually to implement.

Signal insists on its site that phone numbers are a requirement for contact discovery and to stymie spam. (Signal did not respond to a request for comment). Other encrypted messaging platforms such as Session and Wire do not require phone numbers. 

There are some ways around Signal’s phone number policy that involve obtaining a secondary number, such as using temporary SIM cards, virtual eSIMs, or virtual numbers. But these approaches involve jumping through hoops to set up anonymous payment measures to procure the secondary numbers. And sometimes they don’t work at all (that was my experience when I tried using a Google Voice number to sign up for Signal).

I wanted a way to get a Signal account without leaving any sort of payment trail — a free and anonymous alternative. And thus began my long and tedious journey of registering Signal with a pay phone. 

Finding a Pay Phone

The first step was actually finding a pay phone, a task which is dismally daunting in 2024.

The Payphone Project lists around 750,000 pay phones, but after attempting to cross-check a sampling of the hundreds of alleged pay phones in my town with Google Street View and Google Earth satellite images, I came to the quick realization that the list was woefully outdated. Many of these phones no longer exist. 

A Google Maps search for pay phones in my area brought up of a half-dozen pins. Using Street View, I found that four locations seemed to have something resembling a pay phone box. Trekking out to them, however, revealed that one no longer had a pay phone, though discoloration of the store façade revealed the precise spot the pay phone used to be; another pay phone looked like it had been the victim of a half-hearted arson attack; the third and fourth lacked dial tones. 

Asking on a community subreddit resulted in suggestions that once again led me to places without any working pay phones, or posts berating me for needing a pay phone in 2024 and inquiring about the legality of the endeavors I wished to pursue which would necessitate pay phone usage.

Failing at finding a functional pay phone through a systemic approach, I resorted to brute opportunism — keeping my eyes peeled for pay phones as I went through the dull drudgery of a modern life made ever bleaker by the lack of public phone access. 

A Working Pay Phone, That Is

I didn’t just need to find a working pay phone — no small feat in 2024. I also needed to find one able to receive incoming calls, so I could get Signal’s activation message.

On a recent visit to Tampa, where I travel annually to discuss security matters and set things on fire, I spotted a pay phone while leaving Busch Gardens. Picking up the receiver, I was delighted to hear the telephonic equivalent of a pulse: a dial tone. 

Now that I had a phone with a dial tone, the next step was to test whether it could receive incoming calls. This is because Signal’s registration process requires a phone number that can either receive a text message or a verification call.

To test whether a pay phone can receive incoming calls, you need to know one thing: the pay phone’s own phone number. Some pay phones reveal their numbers on the phones themselves, but not always. 

If the number isn’t listed on the phone — it wasn’t in this case — there’s a workaround that doesn’t involve a paper trail leading back to your cellphone. Use the pay phone to call what’s known as an ANAC (automatic number announcement circuit), which provides an ANI (automatic number identification) service. In other words, it’s a phone number you can call which then reads out the phone number you are calling from. Lists of ANAC numbers have been bantered about for years, though like pay phone lists, almost all are now defunct. 

One stalwart ANAC number that has withstood the test of time for over 30 years, however, is 1-800-444-4444. Feel free to try it. Call the number, and it should read yours back to you.

Back at Busch Gardens, I rang up the ANAC and had a number read back to me. The next and final step was to test whether the number actually accepted incoming calls. Unfortunately, when I called the number the ANAC line had read back to me, I reached the Busch Gardens main line, asking me to enter my party’s extension. In other words, this wasn’t actually the pay phone’s number, it was just the general theme park number.

Days later, during a layover on my trip home from Tampa, I noticed a small bay of pay phones at a small regional airport. I repeated the above rigamarole, and lo and behold, when I called the pay phone’s number from the neighboring pay phone, I was able to answer and talk to myself. Finally, success.

I took out a burner phone on which I wanted to set up Signal, which had no SIM or eSIM of any kind, and proceeded to enter the pay phone’s phone number when setting up Signal. Signal first insists on attempting to send a verification code via an SMS text message, so you have to initially go through that fruitless route. But after a few minutes, you can then select the option to receive the verification code via a voice call.

Moments later, the pay phone rang, and I was finally able to set up a Signal account. 

The next and final step was to set up a PIN and enable a registration lock so that someone else wouldn’t be able to take over the account by going to the same pay phone and registering their own version of Signal with that same number. The registration lock expires after a week of inactivity, so you also have to keep using the Signal account. It took a while, owing to Signal’s onerous registration requirements coupled with the increasing lack of public phone access, but in the end I proved there is a way to use Signal with an untraceable phone number.

A Step-by-Step Guide

1. Obtain a phone. It doesn’t need to have an active phone number associated with it, and can be either an old phone you have around or a dedicated burner phone.
2. Locate a pay phone. 
3. Find the pay phone’s phone number (call 1-800-444-4444 if it’s not written on the phone).
4. Make sure the pay phone can receive incoming calls.
5. Enter the pay phone number into Signal, and use the ‘Call me’ option to receive a verification call (this option shows up only after the SMS timer runs out).
6. Input the confirmation code, set up a PIN and enable Registration Lock in the Signal app. 

The post How I Got a Truly Anonymous Signal Account appeared first on The Intercept.

The Times, which withheld Neo Lu’s real name at his request for safety reasons, revealed identifying information about Lu to the public — and potentially the Chinese gangsters who took him hostage — by publishing what appears to be his passport number.

“Mr. Lu, who goes by the nickname Neo for the character in the Matrix movies, spoke to The New York Times on the condition that his full name not be used, for fear of retribution from the criminals,” reporter Isabelle Qian wrote in the Times story.

According to the account in the newspaper, Lu had provided the Times with photos of his time at the scam work camp, as well as copies of his travel documents to verify the authenticity of his situation. While the Times published several of photos of the camp, the paper also published a photo of a visa page that appears to be from Lu’s passport, publicly revealing his passport number.

Though the photo revealed what appeared to be Lu’s passport number alongside travel visa information, it did not display the story subject’s full name.

The photo did not appear in the online version of the article, but it was publicly accessible on the Times website through its specific web address.

After The Intercept contacted the paper, on the same day that the story was published, the Times removed the photo from its public website.

In response to a request for comment, Nicole Taylor, a spokesperson for the New York Times, said, “Mr. Lu supplied a range of photos and documents to The Times, which we used with his permission. We removed this photo out of an abundance of caution and within 24 hours of publication.”

Taylor added that “the source is aware and has not raised concerns.”

Other images that appeared to not be intended for public consumption were also subsequently removed from the Times’s website after The Intercept informed the Times of their presence. Among them was a graphic photo Lu apparently snapped of himself showing scars on his body, as well as a snippet of a text message conversation appearing to show a discussion between the gang and Lu’s parents regarding the ransom the gang had demanded for Lu.

Once the photos were removed, the old image URLs began displaying the message, “We’re sorry, we seem to have lost this page, but we don’t want to lose you,” the standard error message the Times displays when accessing an unavailable webpage.

The revelation of Lu’s passport number could potentially identify Lu to the gang that held him at the labor camp. According to the article, “The gangs often take away the abductees’ passports and let their visas expire” — meaning the gang could have access to Lu’s passport information.

The Times story feature art — at the top of the article — is a mosaic composed of various images apparently supplied by Lu, including interior and exterior shots of the work camp. The mosaic is composed of 10 images. In the original article, the images’ URLs had irregular numbering, jumping from four to 20. Though only 10 of those 20 images were utilized in the opening mosaic by the Times, it was possible to view any of the 20 images by changing the image number in the file name listed in the image’s URL.

The unused assets being publicly available is not new; the practice is particularly common with video game developers, with gamers routinely finding unused game assets in the file systems of video game releases. The issue has arisen with nongovernmental organizations as well.

This is not the first time the Times has unintentionally revealed personally identifiable information about story subjects. Last year, the Times revealed phone numbers of Russian soldiers and their family members who were being critical of Vladimir Putin and the war effort. The Times later went so far as to remove the news story from the website archival service the Wayback Machine; the paper has been actively antagonistic to having its site archived.

Software developers have automated tools to help them scan their source code to prevent inadvertently publicly revealing sensitive information. As a best practice in journalism, however, there is no substitute for human discretion when handling sensitive materials entrusted to a newsroom by an at-risk source.

The post New York Times Doxxes Source Trafficked by Chinese Gang appeared first on The Intercept.

In 2021, the New York Times added “ia_archiver” — a bot that, in the past, captured huge numbers of websites for the Internet Archive — to a list that instructs certain crawlers to stay out of its website.

Crawlers are programs that work as automated bots to trawl websites, collecting data and sending it back to a repository, a process known as scraping. Such bots power search engines and the Internet Archive’s Wayback Machine, a service that facilitates the archiving and viewing of historic versions of websites going back to 1996.

The New York Times has, in the past, faced public criticisms over some of its stealth edits.

The Internet Archive’s Wayback Machine has long been used to compare webpages as they are updated over time, clearly delineating the differences between two iterations of any given page. Several years ago, the archive added a feature called “Changes” that lets users compare two archived versions of a website from different dates or times on a single display. The tool can be used to uncover changes in news stories that have been made without any accompanying editorial notes, so-called stealth edits.

The Times has, in the past, faced public criticisms over some of its stealth edits. In a notorious 2016 incident, the paper revised an article about then-Democratic presidential candidate Sen. Bernie Sanders, I-Vt., so drastically after publication — changing the tone from one of praise to skepticism — that it came in for a round of opprobrium from other outlets as well as the Times’s own public editor. The blogger who first noticed the revisions and set off the firestorm demonstrated the changes by using the Wayback Machine.

More recently, the Times stealth-edited an article that originally listed “death” as one of six ways “you can still cancel your federal student loan debt.” Following the edit, the “death” section title was changed to a more opaque heading of “debt won’t carry on.”

A service called NewsDiffs — which provides a similar comparative service but focuses on news outlets such as the New York Times, CNN, the Washington Post, and others — has also chronicled a long list of significant examples of articles that have undergone stealth edits, though the service appears to not have been updated in several years.

The New York Times declined to comment on why it is barring the ia_archiver bot from crawling its website.

Robots.txt Files

The mechanism that websites use to block certain crawlers is a robots.txt file. If website owners want to request that a particular search engine or other automated bot not scan their website, they can add the crawler’s name to the file, which the website owner then uploads to their site where it can be publicly accessed.

Based on a web standard known as the Robots Exclusion Protocol, a robots.txt file allows site owners to specify whether they want to allow a bot to crawl either part of or their whole websites. Though bots can always choose to ignore the presence of the file, many crawler services respect the requests.

The current robots.txt file on the New York Times’s website includes an instruction to disallow all site access to the ia_archiver bot.

The relationship between ia_archiver and the Internet Archive is not completely straightforward. While the Internet Archive crawls the web itself, it also receives data from other entities. Ia_archiver was, for more than a decade, a prolific supplier of website data to the archive.

The bot belonged to Alexa Internet, a web traffic analysis company co-founded by Brewster Kahle, who went on to create the Internet Archive right after Alexa. Alexa Internet went on to be acquired by Amazon in 1999 — its trademark name was later used for Amazon’s signature voice-activated assistant — and was eventually sunset in 2022.

Throughout its existence, Alexa Internet was intricately intertwined with the Internet Archive. From 1996 to the end of 2020, the Internet Archive received over 3 petabytes — more than 3,000 terabytes — of crawled website data from Alexa. Its role in helping to fill the archive with material led users to urge website owners not to block ia_archiver under the mistaken notion that it was unrelated to the Internet Archive.

As late as 2015, the Wayback Machine offered instructions for preventing a site from being ingested into the Wayback Machine — by using the site’s robots.txt file. News websites such as the Washington Post proceeded to take full advantage of this and disallowed the ia_archiver bot.

By 2017, however, the Internet Archive announced its intention to stop abiding by the dictates of a site’s robots.txt. While the Internet Archive had already been disregarding the robots.txt for military and government sites, the new update expanded the move to disregard robots.txt for all sites. Instead, website owners could make manual exclusion requests by email.

Reputation management firms, for one, are keenly aware of the change. The New York Times, too, appears to have mobilized the more selective manual exclusion process, as certain Times stories are not available via the Wayback Machine.

Some news sites such as the Washington Post have since removed ia_archiver from their list of blocked crawlers. While other websites removed their ia_archiver blocks, however, in 2021, the New York Times decided to add it.

The post New York Times Doesn’t Want Its Stories Archived appeared first on The Intercept.

In June, six months after announcing a partnership deal with a Saudi Arabian government-owned media company, Vice uploaded but then quickly removed a documentary critical of the Persian Gulf monarchy’s notorious dictator, Crown Prince Mohammed bin Salman, or MBS.

The nearly nine-minute film, titled “Inside Saudi Crown Prince’s Ruthless Quest for Power,” was uploaded to the Vice News YouTube channel on June 19, 2023. It garnered more than three-quarters of a million views before being set to “private” within four days of being posted. It can no longer be seen at its original link on Vice’s YouTube channel; visitors see a message that says “video unavailable.” Vice did not respond to a request for comment on why the video was published and then made private or if there are any plans to make the video public again.

The Guardian first reported that a “film in the Vice world news Investigators series about Saudi crown prince Mohammed bin Salman was deleted from the internet after being uploaded.” Though Vice did remove the film from its public YouTube channel, it is, in fact, not “deleted from the internet” and presently remains publicly accessible via web archival services.

Vice’s description of the video, now also unavailable on YouTube, previously stated that Saudi Crown Prince Mohammed “orchestrates The Ritz Purge, kidnaps Saudi’s elites and royal relatives with allegations of torture inside, and his own men linked to the brutal hacking of Journalist Khashoggi – a murder that stunned the world.” The description goes on to state that Wall Street Journal reporters Bradley Hope and Justin Scheck “attempt to unfold the motivations of the prince’s most reckless decision-making.” Hope and Scheck are the co-authors of the 2020 book “Blood and Oil: Mohammed bin Salman’s Ruthless Quest for Global Power.”

In the documentary, Hope states that Crown Prince Mohammed is “disgraced internationally” owing to the Jamal Khashoggi murder, a topic which Vice critically covered at length in the past. More recently, however, Vice has shifted its coverage of Saudi Arabia, apparently due to the growth of its commercial relationship with the kingdom. The relationship appears to have begun in 2017, owing to MBS’s younger brother, Khalid bin Salman, being infatuated with the brand: Bin Salman reportedly set up a meeting between Vice co-founder Shane Smith and MBS.

By the end of 2018, Vice had worked with the Saudi Research and Media Group to produce promotional videos for Saudi Arabia. A few days after the Guardian piece detailing the deal came out, an “industry source” told Variety (whose parent company, Penske Media Corporation, received $200 million from the Saudi sovereign wealth fund earlier that year) that Vice was “reviewing” its contract with SRMG.

A subsequent Guardian investigation revealed that in 2020, Vice helped organize a Saudi music festival subsidized by the Saudi government. Vice’s name was not listed on publicity materials for the event, and contractors working on the event were presented with nondisclosure agreements.

In 2021, Vice opened an office in Riyadh, Saudi Arabia. The media company has gone from being “banned from filming in Riyadh” in 2018 to now actively recruiting for a producer “responsible for developing and assisting the producing of video content from short form content to long-form for our new media brand, headquartered in Riyadh.” The company lists 11 other Riyadh-based openings.

Commenting on the opening of the Riyadh office, a Vice spokesperson told the Guardian that “our editorial voice has and always will report with complete autonomy and independence.” In response to the Guardian recently asking about the rationale for the removal of the film, a Vice source stated that this was partially owing to concerns about the safety of Saudi-based staff.

In September 2022, the New York Times reported that Vice was considering engaging in a deal with the Saudi media company MBC. The deal was officially announced at the start of 2023. Most recently, the Guardian reported that Vice shelved a story which stated that the “Saudi state is helping families to harass and threaten transgender Saudis based overseas.” In response to this latest instance of apparent capitulation to advancing Saudi interests, the Vice Union issued a statement saying that it was “horrified but not shocked.” It added, “We know the company is financially bankrupt, but it shouldn’t be morally bankrupt too.”

Meanwhile, a map of Saudi Arabia reportedly hangs on a wall in Vice’s London office.

The post Vice Pulled a Documentary Critical of Saudi Arabia. But Here It Is. appeared first on The Intercept.

Over and over, the mainstream press has employed a rhetoric of exclusion, stripping the leaker bare of any protections that might be afforded to a whistleblower. He is not, they tell us ad nauseum, an Edward Snowden or a Chelsea Manning. “It does not seem to involve a principled whistleblower, calling attention to wrongdoing or a coverup,” according to a Washington Post editorial. The “far-right” is incorrectly calling him a whistleblower, claims the New York Times. This view lets the outlet chastise those who attribute different motives to the alleged leaker, Jack Teixeira, while simultaneously distancing itself from the “far-right,” despite its own notably pro-law enforcement slant.

The motives of Teixeira, a 21-year-old Air National Guardsman, are important and newsworthy. They are also not fully known. Most press accounts have relied solely on interviews with minors who hung out in the same chatrooms as Teixeira. These sources have painted a compelling picture, but many others, including Teixeira himself, have not yet spoken publicly.

Why, just because the leaker didn’t bring his material directly to a news outlet, wasn’t he deserving of either protection or being cultivated as a future source?

Whatever his motives may have been, they don’t change the outcome of the leak: the release of informative documents that have underpinned major news stories in the same outlets that eagerly joined the search for their source. Reporters have argued that since Teixeira wasn’t a whistleblower, he was fair game to be hunted by law enforcement agencies and exposed by the press. This rationale conveniently sidesteps a key question: Why, just because the leaker didn’t bring his material directly to a news outlet, wasn’t he deserving of either protection or being cultivated as a future source? Why, instead, was he viewed solely or primarily as quarry?

The media’s claim that Teixeira is not a whistleblower has been based in part on the environment in which the documents were disclosed and the relatively small number of people with whom they were originally shared. Based on testimony from others in a chatroom, the Times wrote that the documents Teixeira allegedly shared, far from being disseminated in the public interest, “were never meant to leave their small corner of the internet.” Likewise, the Post claimed that “the classified documents were intended only to benefit his online family,” which Bellingcat estimated as having around 20 active users out of what the Times later said was about 50 total members. Yet on Friday, the Times reported that Teixeira had previously shared sensitive documents on another chat server that was publicly listed and had about 600 users. In their haste to reveal further possibly incriminating evidence against him, the authors seem not to have paused to reflect on how this wider distribution, if accurate, might undermine their earlier argument.

“Keeping secrets is essential to a functioning government,” the Post editorialized shortly after the documents began being covered in the mainstream press. “Breaking the laws for a psychic joyride is a despicable betrayal of trust and oaths.” Meanwhile, over on the news side, the paper churned out numerous articles revealing those very same secrets, some accompanied by unredacted copies of the leaked documents themselves.

Not to be outdone, the Times has deployed language that dehumanizes the leaker, evoking images of a threatening wild animal. The reporters don’t unpack the full significance of this hunting metaphor, which presumably ends with a slaughtered animal presented as a trophy. In the wake of the Times story naming the alleged leaker before his arrest (which has since been replaced by another story), Twitter was in full media victory lap mode, with reporters patting themselves on the back for their promptness in deanonymizing Teixeira.

More recently, however, the trophy hunters have begun to deny culpability for even the possibility that their investigations provided material assistance to the government.

Christiaan Triebert, a former Bellingcat staffer and a co-author of the Times investigation that initially named Teixeira, issued a disavowal of liability, explaining that the Times reporting team went to the suspect’s house in the hope of talking to him, but he wasn’t there, so instead, they interviewed his mother and, later, his stepfather. At one point, a man matching Teixeira’s description drove onto the property in a pickup truck, but upon seeing the journalists, he promptly departed.

Yet Triebert’s self-defense doesn’t entirely follow. “There seems to be a misconception that our story naming Teixeira led to his arrest,” Triebert tweeted. “That’s simply not the case.” But how does he know? Certainty about this only seems possible from inside the Department of Justice effort to find Teixeira, which isn’t where Triebert claims to stand. Triebert did not respond to a request for comment.

Aric Toler, a current Bellingcat staffer and the principle author of the Times investigation that first named Teixeira, has likewise been quick to dismiss the possibility that his reporting aided the government’s investigation: “This should have been obvious, but no, our story naming the Pentagon/Discord leaker didn’t help the feds find him. They already knew at least a day before we identified him.” He cites the FBI affidavit, employing zero skepticism about a government document that represents one side in what is about to become a contested legal process. Toler did not reply to multiple requests for comment.

The narrow parameters of these denials are telling. Toler has been careful to focus his disdain on the notion that the Times story naming the leaker helped lead to his arrest. But that was not the first time Toler wrote about the leaker. Four days earlier, on April 9, Toler published a story about the leak on Bellingcat’s site in which he named for the first time the Discord chat server where the documents seemed to have originally been leaked. In that piece, Toler also supplied the username of a member of the chat server where the documents were shared, explaining, “The Thug Shaker Central server was originally named after its original founder, one member of the server with the username ‘Vakhi’ told Bellingcat.”

These two pieces of information — the name of the server and the name of one of its users — could have led the FBI to issue a request to Discord to provide identifying information about the user as well as about the owner of the chat server.

The FBI’s affidavit states that on April 10, the day after Toler’s Bellingcat story was posted online, “the FBI interviewed a user of Social Media Platform 1 (‘User 1’).” That user, who is not named in the affidavit, told the FBI that “an individual using a particular username (the ‘Subject Username’) began posting what appeared to be classified information on Social Media Platform.” The “Subject Username,” the affidavit explains, refers to Teixeira.

As with all documentation produced by government investigators, the FBI affidavit must be taken with an iceberg-sized lump of salt. However, it is at least as possible that Toler’s Bellingcat story provided a material lead for the federal investigation as that investigators already knew about Vakhi and Thug Shaker Central before reading it.

Regardless of whether journalists actually provided material assistance to federal investigators, it is concerning that there has been so little public discussion of or reflection by the reporters involved on the ethical ramifications of their work.

After talking to people who knew Teixeira from the Discord server, the investigatory paths of the FBI and Toler diverged. The FBI appears to have identified the suspected leaker based on server records it requested from the platform, while Toler has revealed that he was able to identify the individual by leveraging information supplied by minors.

Though Toler stated that his sources were “all kids,” neither he nor the Times has made any mention of whether they obtained parental consent for these interviews. UNICEF guidelines state that consent from both the child and their guardian should be established prior to conducting an interview and that the intended use of the interview should be made apparent. It’s not clear whether Toler informed the minors that he was going to use clues they offered, like which video games the alleged leaker liked to play, to out Teixeira. The Times did not respond to a request for comment.

In a since-deleted tweet, Times military correspondent David Philipps effectively threatened that if you don’t leak to the Times, the paper will instead “work feverishly” to identify you. Nuanced or not, this tweet perfectly summarizes the media’s messaging regarding this case: Only those who reach out to a media outlet are worthy of protection; those who leak information via other means risk sharing the fate of homo sacer, a traitor to be hunted down.

The post With Pentagon Leak, the Press Had Their Source and Ate Him Too appeared first on The Intercept.

NPR recently decried being labeled by Twitter as state-affiliated media, writing that this is a label Twitter uses “to designate official state mouthpieces and propaganda outlets.” That unrelated controversy is notable given that an NPR staffer seems to have deputized himself to act as a government investigator by posting image analyses on Twitter. (While NPR has announced that its official organizational accounts have quit Twitter, individual staff accounts still appear to be active.)

NPR senior editor and correspondent Geoff Brumfiel on Monday combed through artifacts visible in the periphery of the photos of the leaks, as well as collating findings others have discovered, itemizing and explaining each one. Though Brumfiel claimed that his roundup was “largely pointless,” he was effectively performing free labor for the Justice Department, and his posts may corroborate the identity of a suspect. For instance, it may be possible for investigators to analyze a suspect’s credit card purchase history to see if he at some point ordered the objects in question. Brumfiel did not respond to a request for comment in time for publication.

The saving grace here appears to be that the analysis — as is all too often the case with open-source sleuthing on social media — was flawed. Less than 15 minutes after proclaiming he was “confident” that a manual partially visible in some of the photos of leaked documents was for a particular model of scope, others pointed out that in fact the manual was clearly for a different model. “I regret the error,” responded Brumfiel. To his credit, Brumfiel does freely admit in his bio to being “Mostly stupid on the Twitter,” though in this case that self-professed stupidity may put someone’s liberty at risk.

See Something, Say Something

It’s not atypical for government agencies to explicitly request this type of image identification help. For instance, Europol maintains a Trace an Object website, where budding image analysts can help identify various objects in photos linked to child abuse cases. In the case of the leaked Pentagon documents, the Justice Department hasn’t even needed to put out such a call, as plenty of volunteers are offering up leads.

Brumfiel is by no means alone in his social media vigilantism. Jake Godin, a visual investigations journalist at Scripps News, has likewise engaged in the Twitter pastime of volunteering his time to help the Justice Department. Bellingcat, meanwhile, went further and virtually handed over the potential origin point of the leak by specifying the exact name of the chatroom where the documents appear to have first been shared. The fact that these identifications may be aiding the Justice Department investigation appears not to have merited any public consideration from those doing the analyses.

On Wednesday, the Washington Post disclosed further information about the peripheral contents of “previously unreported images,” as well as a variety of additional information about the alleged leaker and his underage associates. The Post states that the leaker “may have endangered his young followers by allowing them to see and possess classified information, exposing them to potential federal crimes.” Given this risk, the Post was extremely cavalier in its depiction of one of those teenagers, publishing video with only rudimentary pixelation accompanied by his unaltered voice. The Post notes that the interviewee asked them not to obscure his voice, but one wonders whether he also asked for close-up shots of his laptop, clearly showing missing keys, to be included. In other words, the Post appears to be acknowledging the danger the interviewee faces while also choosing to readily present evidence that could help investigators confirm his identity. (In response to detailed questions from The Intercept, a Post spokesperson reiterated that the reporters obtained parental consent for the interview.)

The New York Times went further still, identifying the suspected leaker by name on Thursday based on a “trail of evidence” they compiled, including matching elements in the margins of the document photos to other posts on social media.

Perhaps the most bizarre entry in this dubious parade was a story published last week by VICE’s Motherboard about a role-playing game character sheet that seems to have been included in a batch of the leaked document photos. Motherboard published the character sheet in full (in stark contrast to the extreme trouble the same publication took just days before to avoid publishing a poorly redacted document revealing the names of minors suspected of using the artificial intelligence chatbot ChatGPT in school). Motherboard notes that it’s not clear whether the errant image was inadvertently or intentionally added to the photo dump, or whether it was added by the original leaker or an intermediary who further disseminated the photo archive. This lack of clarity makes the decision to publish the document even more confusing and suspect, but the author doesn’t seem bothered, as the story morphs into a humorous analysis of the fun and creative things people do in the world of online role-playing games.

The document in question appears to be an extremely niche adaptation of a role-playing game. Let’s say that someone in an online community on Reddit, 4chan, or a Discord server instantly recognizes this particular game and says, “Oh, that’s Alice’s game sheet.” Alice may now be the subject of Justice Department scrutiny or an online lynch mob, or both, courtesy of Motherboard. Or suppose the Justice Department zeroes in on a suspected leaker and uses the handwriting in the published Motherboard document to positively identify them. The story’s author, Matthew Gault, did not respond to a request for comment.

Duty of Care

Why is the media so eager to help the Justice Department by supplying potentially viable leads? Sure, the­­­ leaker wasn’t NPR’s or Motherboard’s source, and as far as we know, had no intention of being a whistleblower. But does that give journalists a green light to act as investigative agents for the Justice Department? A duty of care arguably extends beyond one’s immediate source: You don’t have to assist an individual in publicizing the workings of government, but at the very least, you should not intentionally compromise them.

The argument could be made that the identity of the leaker is newsworthy. For instance, as the CIA points out, leakers are often senior officials. But ascertaining a source’s identity can be done by journalists privately, as opposed to all over social media or in published stories. If it emerges that the source’s identity is not, in fact, newsworthy, a life hasn’t been damaged by overzealous state-serving reporting.

There is, of course, the distinct possibility that the Justice Department investigators are already well familiar with the ephemera in the photos, seeing as they too have access to reverse image search sites, and that journalists are not telling them anything they don’t already know. Nonetheless, there is a very real possibility that the various clues to the leaker’s and their associates’ identities proffered by various news outlets have helped the government in their recent apprehension of a person suspected to be the leaker.

Either way, the zeal of some “reporters” to out the leaker or find a “gotcha” clue tucked away in the marginalia of an image seems distasteful. A different impulse would be to offer guidance that might help sources avoid getting caught; that could facilitate future leaks and thus greater transparency.

The post Why Did Journalists Help the Justice Department Identify a Leaker? appeared first on The Intercept.

However, Twitter appears to have revised its DMCA notice, essentially a claim of copyright infringement, the same day it was filed to request not only information about the uploader, but also “any related upload / download / access history (and any contact info, IP addresses, or other session info related to same), and any associated logs related to this repo or any forks thereof.” In other words, Twitter is now seeking information not only about the alleged leaker, but also about anyone who interacted with the particular GitHub repository, the online space for storing source code, in any way, including simply by accessing it. Trying to strong-arm GitHub into revealing information about visitors to a particular repository it hosts via a request for a subpoena is a move reminiscent of the Justice Department attempting to compel a web-hosting company to reveal information about visitors to an anti-Trump website.

DMCA: The Doxxing and Censorship Tool of Choice

This isn’t the first time that corporations have tried to use DMCA subpoenas to identify leakers. A Marvel Studios affiliate recently petitioned for DMCA subpoenas to force Reddit and Google to reveal information about someone who uploaded a film script to Google and posted about it on Reddit before the movie was released. DMCA claims also have a sordid history of being used in doxxing attempts. False DMCA claims can be filed to lure a targeted user to then file a counterclaim, which necessitates that they fill in their name and address, which in turn gets passed on to the original filer. At other times, the DMCA is used simply to censor content, whether to muzzle members of civil society or for reputation management.

No Subpoena Required?

GitHub has seemed all too willing to provide information about both its repository owners and its visitors, even without a subpoena. When the owner of another, unrelated repository recently asked GitHub to provide access logs of users who had visited it, GitHub appears to have readily complied, obscuring only the last octet of the visitor IP address, with the unredacted portion still potentially revealing information such as a user’s internet service provider and approximate location.

There are also any number of public ways to extract user information from GitHub, such as email addresses associated with a particular GitHub account. Ironically, some scripts hosted on GitHub are designed to automate the exfiltration of a GitHub user’s email address. Once an email address is learned, the process of requesting a subpoena for further information about a particular user may be repeated in an attempt to obtain yet more sensitive data.

Musk’s Bag of Tricks

Aside from claiming to use watermarking methods to catch leakers, Musk’s other companies have also sought subpoenas to force service providers to reveal information about leakers. For instance, when Musk zeroed in on (and subsequently harassed) a suspected leaker who provided internal documents to a reporter about large amounts of waste being generated at Tesla’s “Gigafactory,” Tesla moved to subpoena Apple, AT&T, Dropbox, Facebook, Google, Microsoft, Open Whisper Systems (the organization formerly behind the secure messaging app Signal), and WhatsApp. The proposed subpoenas “commanded” their targets to preserve any information about the suspected leaker’s accounts, as well as all documents that the suspected leaker “has deleted from the foregoing accounts but that are still accessible by you.”

In addition to proposed subpoenas, Tesla has reportedly tried to identify leakers by reviewing surveillance footage to see who had been taking photos (the original Business Insider story that prompted the Tesla investigation mentioned that the source had provided images to corroborate their claims of waste at the factory). The company has also checked file access logs to see who had accessed data that was provided to the news outlet.

Following identification of the suspected leaker, Tesla reportedly engaged in an extensive surveillance campaign, including hacking the suspect’s phone; requesting that the suspect turn over their laptop for an “update” that was, in fact, a forensic audit; deploying a plainclothes security guard to monitor the suspect on the factory floor; and hiring private investigators to conduct further surveillance.

Takeaways for Leakers

Given the lax approach to divulging user information by service providers, coupled with the aggressive tactics employed by companies to reveal sources, the takeaway for would-be leakers is clear: Do not trust service providers to protect any information they may have about you. Websites may reveal information about the leaker, intentionally or not, and whether legally obligated or of their own accord. Leakers would do well to avoid using their home or other proximate internet connection and to further obfuscate it using tools such as the Tor Browser. Additionally, it’s best to ensure that any information required to set up a particular account, such as an email address or phone number, not be traceable to the leaker.

The post Twitter Deploys Classic Musk Tactics to Hunt Down Leaker appeared first on The Intercept.

Leak investigators have three key areas to analyze for clues: the document itself, the environment the document circulated in, and the potential identity of the leaker. Each area in turn presents lessons and opportunities for would-be leakers to adopt various counter-forensic strategies to subvert future leak investigations.

The Document

Since the leaked opinion appears to be a scan or photocopy of a paper document instead of a transcription or recreation, the image can be analyzed for any unique markings that might allow investigators to pinpoint which particular physical copy of the document was leaked.

The first page includes several such potentially unique identifying markers, including a highlighted title, a page bend, and what appear to be staple perforations.

For instance, if it were known that this particular physical copy of the document was handled by certain specific persons, those individuals would naturally fall under suspicion — though of course a scenario exists in which someone outside the intended chain of custody could have obtained the physical copy, for instance, simply by picking it up from someone else’s desk or by finding it on a photocopier. Then again, there is also the possibility that the original source of the document is digital and that the source printed out a copy prior to leaking it, or that Politico itself printed out the digital copy prior to publishing it.

Investigators could also analyze the metadata of the digital version of the document using software such as ExifTool for any clues about when, where, how, or by whom the digital copy was created. They could also exploit potential information-leaking vulnerabilities in the PDF creation and redaction process, which could inadvertently leave unintended and potentially identifying information in the digital document.

The Environment

In addition to the document itself, leak investigators will likely pay attention to the environment in which the leak originated. Modern commercial office printers generally come with a variety of ancillary functions like photocopying and scanning, while also typically keeping a running log of jobs the printer performs, which may include such information as the file name and page count of the document, the date and time the job was performed, as well as the username or IP address that initiated the job. If the printer also offers the capability to email a photocopy or scan of a document, a log may keep track of which jobs were sent to which email addresses and could even store a copy of the digital document in its memory.

Investigators will likely perform an audit of printer and network logs to see which staff members opened or otherwise interacted with the document in question. Investigators could also explore who had occasion to access the document as part of their day-to-day duties, as well as where the particular copy of the leaked document was physically stored, and who had occasion to access that space.

The Leaker

The practice of anomaly-based insider threat detection involves investigating staff who display any kind of irregular behavior or activity. For instance, if a staff member usually swipes into the office on work days at 8 a.m. and swipes out at 5 p.m., but access logs show them coming into the office at 10 p.m. on a Saturday in the days leading up to the leak, this finding would likely subject that staff member to scrutiny, which could include analyzing available surveillance footage.

Staff computer and phone usage, particularly web browsing, could also be analyzed to see if anyone previously visited the news site that published the leak, in this case Politico, or visited other webpages of potential interest, such as any that describe whistleblowers or leaking. Rudimentary analysis could include looking through desktop browsing history, while a more thorough and sophisticated investigation would involve analyzing network traffic logs to determine whether Politico was accessed from a mobile device connected to the office Wi-Fi. Though of course in the case of Politico, a news website that covers politics and policy, it is likely to show up in quite a lot of staff logs and thus would likely not be a particularly fruitful finding for investigators.

“Sentiment analysis” may also be performed as part of an insider threat investigation by analyzing the various thoughts and opinions expressed by staff members in office communications. This kind of analysis could also utilize what’s often called “open source intelligence,” in the form of looking at staff social media postings to see if anyone had expressed interest in Politico, or any thoughts about the Alito opinion, or generally any signs of disgruntlement with their employer. Additionally, sentiment analysis may also include a review of staff postings on internal forums, as well as emails and private messages sent via channels controlled by the employer, such as direct messages sent over Slack.

Takeaways for Would-Be Leakers

These potential methods of leak investigation may also be interpreted as lessons for future leakers to evade identification by adopting a number of counter-forensic measures.

To reduce the potential amount of information investigators may glean from a leaked document, leakers could send journalists a transcription or reproduction of the document instead of the original source document itself. While a transcription of the document will not successfully pass a barium meal test — in which each individual is given a uniquely phrased copy of the document, sophisticated forms of which may deploy natural language watermarking, subtly altering the syntactic structure of every version of a document — it would nonetheless neutralize all other attempts at source document identification. Transcription would bypass efforts at identifying either errant or intentional markings on a page, as well as attempts at identifying positional watermarks such as subtle shifts in character or line spacing unique to each version of a document. Of course, this also would make it harder for journalists to verify a document’s authenticity, and care would have to be taken to ensure that the source left no identifying metadata in the transcription file.

Office equipment would best be avoided when making copies of a document, but using personal equipment can also be fraught with risk. Source camera identification is the forensic process of identifying the camera that took a particular photo. At times, this sort of identification may hinge on obvious features such as visible scratches on a lens or dead pixels on a screen. In other situations, the unique characteristics of an image might not be visible to the naked eye, but instead might be based on the unique image sensor noise each camera produces, otherwise known as photo response non-uniformity.

In other words, if leaked photographs of a document were to emerge, and leak investigators had particular suspects in mind, they could analyze photos posted to social media by the suspects to see if they provide an algorithmic match to the noise pattern in the leaked photos. When making audio recordings or photographs, therefore, it would be best practice to adopt the principle of one-time use: Use a temporary device like a cheap camera or smartphone that will be used only for the purposes of the leak, and then discard the device.

To avoid falling afoul of anomaly-detection triggers, would-be leakers might consider incorporating document acquisition as part of their normal routine instead of engaging in uncharacteristic behavior like clocking in at the office at odd hours or downloading files en masse. Likewise, leakers should avoid browsing news outlets while at work, both on their personal and of course work devices. Expressing any kind of disagreement or dissatisfaction with employer policies or decisions on either a company, public, or personal forum (such as during happy hour drinks) is also best avoided, as rigorous insider threat monitoring may keep tabs of any such behavior.

Leaking and subsequent leak investigations are back-and-forth games of forensics and counter-forensics, of operational security and its failures. While the risk of source identification can never be entirely eliminated, there are nonetheless various practical technical countermeasures which can be adopted to reduce the additional risk to sources who are already risking a great deal.

The post How a Supreme Court Investigation of the Roe v. Wade Leak Might Unfold appeared first on The Intercept.

At least one Zoom leaker has already been unmasked: a member of the New York State Assembly who apparently filmed his “self-view” while recording a dispute within the Democratic assembly conference over the renomination of the speaker. That may sound careless, but a feature developed by Zoom will allow future leakers to be exposed even without that sort of misstep.

Zoom Watermarking

Many users may not realize it, but Zoom has the capability to insert both video and audio watermarks into a meeting.

The video watermarks are readily perceptible to meeting participants. When enabled, the video watermarking feature superimposes the username portion of each participant’s email address over the content they are viewing when another participant shares their screen and places the same watermark over the current active speaker. Because the video watermark appears across the entirety of the video frame, blurring may adversely impact the visibility of the underlying material.

In contrast, the audio watermarks are not readily perceptible to casual listeners, though they are what in watermarking parlance is known as “overt.” That means the fact that they are embedded is easily discerned by meeting participants: When a Zoom meeting has the audio watermark, or what Zoom also calls the “audio signature,” feature enabled, the meeting will have a green circular icon with a sound wave and a padlock at the top left of the frame next to the encryption icon.

It is not immediately apparent at what point Zoom injects its “ultrasonic” audio watermark into the audio stream — whether this happens only if a meeting attendee presses the Record button in Zoom or if the audio stream is watermarked prior to that point. Nonetheless, when recording a Zoom meeting, it is best to avoid using Zoom’s built-in recording option and to capture the meeting using a third-party audio/video recorder. Zoom mentions that in order to identify the participant who recorded the meeting, they need at least two minutes of audio from the meeting, though it stands to reason that shorter snippets may also be identifiable if they happen to contain the audio watermark.

Journalists should also be wary of publishing raw audio leaked from Zoom meetings, particularly if the source is not sure whether audio watermarking was enabled or not.

Recording Gotchas — Inadvertent Source Identification

Aside from Zoom’s own watermarks, a number of elements appearing on an individual’s own device may inadvertently give away the identity of the person who is recording. If the meeting video is being recorded either via screen recording software or a camera, there are a number of elements to watch out for. For example:

The video layout order should be manually rearranged.

• When displaying meeting participants, Zoom software on a smartphone, laptop, or other device prioritizes displaying the attendee who is using the device. In other words, each participant will typically see themselves displayed in the top row on their screen when in a Zoom meeting. This in turn means that it may be possible to deduce who recorded a leaked Zoom video based on the participant order displayed on the screen. To mitigate against this, prior to video recording a Zoom meeting, the video layout order should be manually rearranged at random. If viewing the video in full-screen mode, care should be taken to remove self-view from the frame.
• The Zoom app should be positioned in such a way on the desktop as to minimize the chance for interference from other desktop apps, such as the chance of new message or email notification pop-ups appearing over the Zoom window. Upon completion of the recording, the video should be carefully reviewed to make certain that no such identifying notifications inadvertently appeared anywhere in the recording.
• In certain cases, even revealing information about the recording user’s underlying operating system may potentially compromise the source. For instance, if the source is recording a video of a company meeting from a Mac, and company personnel are known to predominantly use Windows, it may be possible to check meeting access logs to identify the meeting attendee who joined from a Mac. For this reason, the recording area may be tightly cropped to remove OS identifiers like menu or title bars. Additionally, elements such as mouse pointers should also be excluded from the recording area to avoid leaking information about the OS (owing to the fact that, for instance, a default mouse pointer on Windows machines is white with a black outline, while it is black with a white outline on Macs).
• The participant recording the Zoom meeting should also be mindful of their participation in the meeting. For instance, if typing into the chatbox, this activity may be used to identify the recorder.
• If recording meetings with an exterior device such as a phone camera, be aware that your camera may be uniquely identifiable via visible defects such as unique smudges or scratch patterns on the lens as well as a myriad of forensic techniques falling under the umbrella of source camera identification. For especially sensitive meetings, it is advisable to use a recording device solely acquired for purposes of conducting the recording of a specific meeting and to dispose of the device after the recording.

Zoom meetings present a unique set of challenges for source protection, but these challenges can be minimized by following best practices and taking care not to publish raw meeting materials unless there is high confidence that the recordings were not watermarked and have been thoroughly reviewed to make sure no other potentially identifying features are present in the audio or video.

The post What You Should Know Before Leaking a Zoom Meeting appeared first on The Intercept.