An increasingly connected world needs hackers more than ever before

Internet security expert Justin Calmus explains why bug bounty programs are so important

An increasingly connected world needs hackers more than ever before
(Credit: Getty/welcomia)

As the world around us becomes more connected to the internet, the number of ways that hackers can infiltrate our lives becomes increasingly multifarious. Today data breaches are taking place in ways that were unheard of just a decade ago — from remotely hacking cars to infiltrating “smart” teddy bears.

The threats have grown so quickly that companies are overwhelmed by the increasing number of attacks, security experts say. This is not just because of the growing number of opportunities to infiltrate a network or device, but also because these attacks are increasingly automated and launched from low-priced computer hardware using open-source tools that require relatively low coding skills to deploy. Defending against such attacks can require well-paid and highly trained experts.

“We believe that cybersecurity is a correctable math problem that, at present, overwhelmingly favors the attackers,” Ryan M Gillis, vice president of cybersecurity strategy for enterprise security company Palo Alto Networks, said at a House Homeland Security Committee meeting last week about protecting the private sector from hacking. “Network defenders are simply losing the economics of the cybersecurity challenge.”

One increasingly popular way for a company or government agency to root out vulnerabilities is through a big bounty program, a policy that invites hackers to try to infiltrate its connected networks. Hackers receive financial compensation for identifying entry points that could be exploited for malicious purposes. The idea has been around since at least 1995, when internet browser pioneer Netscape initiated its “bugs bounty” program with a $50,000 budget. Today such programs are common among major companies, including United Airlines and Tesla Motors, and can be lucrative projects for the most talented hackers who can earn from $10 to tens of thousands of dollars depending on the severity of the vulnerability identified.

Last week Google and Microsoft increased their top rewards for people who can expose the most serious threats, like when code can be remotely injected and executed through network defenses. This underscores the growing popularity of bounty programs as companies compete for the attention of the most talented ethical hackers. Apple, which has resisted compensating people for identifying flaws, last year succumbed to the trend and now offers bounties of as much as $200,000.

Justin Calmus, vice president of hacker success for San Francisco-based HackerOne, which has a bug-bounty platform whose clients include the U.S. State Department, Uber Technologies and General Motors, spoke with Salon about the role bug bounties play in boosting network security.

Bug bounties have been around for about 20 years. Talk about the most recent innovations in the practice and where it might be headed.

I’ll start with the problem first. If we go back 15 years, companies would be able to recruit engineers because they were focused on specific technologies. You would have a few issues from most likely Python, [a high-level general-purpose programming language,] and you would have a website and some people who knew HTML, [the standard language for building websites]. Today we have so many different programming languages and we have different infrastructure components, like running in the cloud versus on premise, we have [Amazon Web Services, a widely used cloud-computing platform] and we have all these different operations.

The problem of security is getting bigger and bigger. How do you control your security? If you run a startup, how do you control your security as you build your business? That’s an even harder problem to solve because you don’t necessarily have the funding to hire tons of security resources. You have to figure out “How do I continue to stay secure while I scale?” That’s one of the problems bug bounties solve for.

For the most part, if you have a company, and it could be any company, you tell hackers, “Hey, I want you to do anything it takes to get access to our data and report it to us.” If you do that, you then have thousands of eyes looking into your specific programs to help you scale and help you secure your business.

Are there hackers that just do this as full-time jobs?

Yeah, we have a gentleman in Vegas that does this full-time, making a half a million dollars a year doing this. You can make a significant income from bug bounties. It’s a fantastic way to make extra income and to potentially go full-time.

Google and Microsoft recently announced big increases in their bug bounty rewards. Why do you think bug bounties are becoming more lucrative?

Imagine if Salon.com is trying to recruit the best reporter in the world, but that reporter must have specific knowledge about security — and it also wants a little bit of software engineering background because the reporter needs to talk technical, and it wants the reporter to be located in this area, and the reporter must be willing to travel. Suddenly you’re moving your needle so small that there might be three people in the world who fit the criteria.

Google is starting to have this problem. They’ve developed a lot of their own tools and they’ve developed their own [programming] language. It’s not easy to find a Google bug because there isn’t external training on what Google does, how they do it, all the different types of infrastructure. There are pretty good resources to figure this out, but to go deep on such a massive problem you need to spend hours and days and months getting to know the infrastructure to find a bug. So to dedicate all of your time and resources into Google you need to be very incentivized to look because at the end of the day you might not find anything.

We’re entering an era of the internet of things [that] connects cars, smart cities, toys with Wi-Fi connections. Are bug bounties being implemented for things like this?

We’re getting to the point to where the [makers of] hardware and the internet of things components are starting to be asked those very questions. As a hacker myself, I want to see them participate in bug bounty programs because I use Alexa, I use some of the apps connected to [the internet of things] and it’s my job to understand how the software and hardware that I buy works. Doing due diligence and being able to reverse engineer to take a look deep into a product, you may find issues and vulnerabilities; some of them may even give you access to other customers’ data. Companies need to be able to responsibly disclose all of that. For hackers to put in the time and effort to find some of these vulnerabilities — it would be fantastic if companies would reward the hackers so that they continue looking into their programs.

We’ve read a lot about how automakers are encouraging white hat hackers to root out these vulnerabilities. But is this happening with other makers of internet-connected products, like internet-connected home appliances or “smart” teddy bears?

It’s absolutely a slow roll. The tech companies get it. They have to deal with security issues day in and day out. The hardware companies don’t necessarily understand it as much as they need to. It’s a problem we’re solving for. We do have some hardware companies on board. We do have internet of things [companies] on board. But we do need to get the word out that security is a fundamental piece of everybody’s life. You need to be able to understand the security outcomes of making life more efficient or easier or whatever it may be. So do I think that we need to spread the word? Absolutely. Do I think they get it yet? Not 100 percent.

The Information Technology and Innovation Foundationrecently said that a significant number of federal government websites failed basic security benchmarks. Is the federal government falling behind in this effort to entice ethical hackers?

The Department of Defense has a bug bounty program and we’re starting to see efforts to secure all of our government services. Just speaking to higher-ups on the government side I hear them talking about “Hey, we need to find these hackers and reward them and incentivize them, see what we can do to continue to have them continue to look at our programs and even eventually hire them.” The U.S. has its own hiring criteria, but the [Defense Department] is open to anybody today, not just U.S. citizens looking to work for them.

HackerOne recently announced a platform for the open-source coding community, which is free. What inspired you to go in that direction?

We’re absolutely huge open-source fans. Open source powers our platform. It powers many platforms. We see the mission as making the entire internet safer and make sure that everyone is taken care of. We’re better off doing that for all of the open-source projects out there. We want to make sure we’re on top of that. This also helps us branch out to the best hackers out there. We’re able to leverage our ability find vulnerabilities [in open-source software] while we’re getting more connected to the hacker community.

The WikiLeaks exposures and the CIA’s threat to democratic rights

FBI director: “No such thing as absolute privacy in America”

10 March 2017

Speaking at a cybersecurity conference at Boston College Wednesday, FBI Director James Comey said, “there is no such thing as absolute privacy in America.” Every activity that Americans engage in, including conversations between spouses and with members of the clergy and attorneys, is within “judicial reach.” He declared, “In appropriate circumstances, a judge can compel any one of us to testify in court about those very private communications.”

The FBI director did not add, although he could well have, that a judicial order is completely irrelevant to the US military-intelligence apparatus. The US government has far more direct methods than court orders to learn what its citizens are thinking and talking about, through the use of sophisticated cyberweapons. These include the thousands of hacking tools whose existence was made public Tuesday by WikiLeaks, in a data release exposing efforts by the CIA to turn millions of ordinary electronic devices, from cellphones and smart TVs to the computer systems running most cars, into spy weapons.

The FBI director’s declaration that there is no right to privacy was greeted with a yawn by the corporate media, which barely reported his comments, and by Democratic and Republican party politicians. This is in keeping with the overall treatment of the WikiLeaks revelations, which has been one of indifference to the threat to democratic rights exposed in the CIA cyberweapons cache.

As far as the media is concerned, anyone who raises concerns about the right to privacy, or other democratic rights, being threatened by the national-security apparatus is an agent of Russia. This position was put most bluntly by the Washington Post, in its lead editorial Thursday, headlined, “WikiLeaks does America’s enemies a big favor.”

The editorial begins with a flat-out, 100 percent defense of the CIA, declaring, “The first thing to say about the archive of cyberhacking tools stolen from the CIA and released by WikiLeaks is that they are not instruments of mass surveillance, but means for spying on individual phones, computers and televisions. There is no evidence they have been used against Americans or otherwise improperly …”

The editorial continues, “It follows that the targets of the hacking methods, and the prime beneficiaries of their release, will be Islamic State terrorists, North Korean bombmakers, Iranian, Chinese and Russian spies, and other U.S. adversaries.” The editorial goes on to smear WikiLeaks as a tool of Russia, and denounces “privacy zealots” who “are, in effect, advocating unilateral U.S. disarmament in cyberspace.”

In response to such a brazen defense of the CIA, one is tempted to ask, why doesn’t the Washington Post simply announce that it is a propaganda arm of the U.S. government, tasked with the ideological and political defense of the military-intelligence apparatus? There is not a shred of an independent, critical attitude in this editorial. The newspaper swallows whole the CIA’s assurances that its agents are “legally prohibited” from spying on Americans. And it denounces WikiLeaks for acting as real journalists do, collecting information about government misconduct and making it public.

This from a newspaper that, 46 years ago, in conjunction with the New York Times, published the Pentagon Papers, over the vehement objections of the Nixon White House and the CIA and military leaders of the day, who raised the same cry of “national security.” One can only conclude that if someone brought the equivalent of the Pentagon Papers to the Post (or the Times ) today, the editors would immediately call up the FBI and have the leaker arrested.

The line of the Post has been repeated in innumerable forms in newspapers and on television. Former director of the CIA and the NSA Michael Hayden has been brought forward on nearly every news program to deliver the official government line. None of the major broadcasters adopt a critical line or seek to interview anyone who supports WikiLeaks and its exposure of CIA crimes.

A concrete demonstration of the relationship between the media and the military-intelligence apparatus is provided by a report posted on the web site of the New York Times earlier this week by David Sanger, the newspaper’s principal conduit for information that the CIA and Pentagon wish to make public.

Sanger wrote about how he and another Times reporter, William Broad, prepared last Sunday’s front-page report on US efforts to counter North Korean missile launches, headlined, “Trump Inherits a Secret Cyberwar Against North Korean Missiles,” which suggested that the US military had developed methods for causing North Korean missile launches to fail. The main thrust of this article, splashed across the newspaper’s front page, was that the countermeasures were insufficient, and more drastic actions were required against the supposed threat of a North Korean nuclear strike against US targets.

In a remarkable paragraph, Sanger describes “the sensitive part of these investigations: telling the government what we had, trying to get official comment (there has been none) and assessing whether any of our revelations could affect continuing operations.” He explains, “In the last weeks of the Obama administration, we traveled out to the director of national intelligence’s offices,” where, Sanger says, it was “important to listen to any concerns they might have about the details we are planning to publish so that we can weigh them with our editors.”

In plain English, the New York Times’ front-page “exclusive” was nothing more than a press release from the military-intelligence apparatus, aimed at spreading fear of North Korean nuclear capabilities in the upper-middle-class readership of the Times, and setting the tone for national media coverage of the issue. The political goal was to shape public opinion to support a preemptive US military attack on North Korea, an impoverished country the size of the state of Mississippi.

The main significance of the media response to the WikiLeaks revelations is that it demonstrates the complete erosion of democratic consciousness in all the institutions of the American ruling elite. In any serious accounting of the threats to American democracy, the CIA would be in first place: America’s own Gestapo, what even President Lyndon Johnson described as a “damned Murder Incorporated” for its brutal methods of assassination and provocation across the Caribbean and Latin America.

There is no greater danger to the democratic rights of the American people than the military-intelligence apparatus of the American government itself, the last line of defense for a crisis-stricken and historically doomed ruling elite.

Patrick Martin

 

WSWS

WikiLeaks Has Joined the Trump Administration

VOICE
WikiLeaks Has Joined the Trump Administration

As a presidential candidate, Donald Trump declared, “I love WikiLeaks!” And he had good reason to display affection to this website run by accused rapist Julian Assange. By releasing reams of emails stolen from the Democratic National Committee and Hillary Clinton campaign chairman John Podesta, WikiLeaks helped tilt the 2016 election in Trump’s favor.

As president, Trump hasn’t come out and said anything laudatory about WikiLeaks following its massive disclosure of CIA secrets on Tuesday — a treasure trove that some experts already believe may be more damaging than Edward Snowden’s revelations. But Trump hasn’t condemned WikiLeaks. The recent entries on his Twitter feed — a pure reflection of his unbridled id — contain vicious attacks on, among other things, Arnold Schwarzenegger, the New York Times, and Barack Obama but not a word about WikiLeaks. Did the president not notice that the intelligence community he commands has just suffered a devastating breach of security? Or did he simply not feel compelled to comment?

Actually there is a third, even more discomfiting, possibility:

Perhaps Trump is staying silent because he stands to benefit from WikiLeaks’ latest revelations.

Perhaps Trump is staying silent because he stands to benefit from WikiLeaks’ latest revelations.On Saturday, recall, Trump was making wild-eyed accusations that Obama had ordered the U.S. intelligence community to wiretap him. “How low has President Obama gone to tapp (sic) my phones during the very sacred election process. This is Nixon/Watergate. Bad (or sick) guy!” The White House could not come up with one iota of evidence to support this irresponsible allegation, which was denied by FBI Director James Comey and former Director of National Intelligence James Clapper. But Trump would not be dissuaded from pursuing this charge, which serves as a convenient distraction from the far more serious accusations of possible collusion between the Trump campaign and the Kremlin while Russia was interfering with the presidential campaign.

Is it just a coincidence that WikiLeaks dumped a massive database pertaining to CIA hacking and wiretapping just three days after Trump made wiretapping a major political issue? Perhaps so. But there is cause for suspicion.

In the first place, WikiLeaks has often timed its leaks for maximum political impact. It released 20,000 stolen DNC emails just three days before the Democratic National Convention on July 25, 2016. As expected, WikiLeaks generated headlines about DNC staffers disparaging Sen. Bernie Sanders, buttressing a Trump campaign effort to prevent Clinton from consolidating Sanders supporters. DNC Chairwoman Debbie Wasserman Schultz resigned as a result, and the Clinton campaign suffered significant public relations damage.

In the second place, WikiLeaks, which has often leaked American but never Russian secrets, has been identified by the U.S. intelligence community as a front for Russian intelligence. In January, the Office of the Director of National Intelligence released a declassified estimate that found “with high confidence that Russian military intelligence … relayed material to WikiLeaks.” This was done with a definite purpose: “Putin and the Russian Government aspired to help President-elect Trump’s election chances when possible by discrediting Secretary Clinton and publicly contrasting her unfavorably to him.”

Trump has consistently resisted the intelligence agency’s conclusions, insisting that some 400-pound couch potato might have committed the hacking before grudgingly accepting the findings but continuing to claim that the Russian hack had no impact on the election. (Given that 70,000 votes in three states were his margin of victory, how does he know what affected the outcome and what didn’t? And if WikiLeaks was so inconsequential, why did he tout its revelations in almost every appearance during the last month of the campaign?)

The intelligence community’s finding that Putin helped him win the election spurred Trump to pursue a vendetta against it. For example, he accused the spooks — with no support — of being behind BuzzFeed’s publication of a damning dossier compiled by a former British intelligence officer claiming that the Kremlin had compiled compromising materials on him. Trump outrageously tweeted: “Intelligence agencies should never have allowed this fake news to ‘leak’ into the public. One last shot at me. Are we living in Nazi Germany?” His animus against the intelligence agencies has continued down to his more recent accusations that they allowed themselves to be used by Obama to wiretap him. The consistent (if hardly believable) storyline from Trump is that he has no connections to Russia, and that he is a victim of the nefarious machinations of the American “deep state.”

It is significant, therefore, that one of the major storylines to emerge from the latest WikiLeaks release is that the CIA supposedly has a program to reuse computer codes from foreign hackers, thus disguising CIA fingerprints on a hacking operation. Never mind that there is no evidence that the codes used to break into the DNC were part of this CIA database. Right-wing outlets are nevertheless trumpeting these revelations with headlines such as this one on Breitbart: “WikiLeaks: CIA Uses ‘Stolen’ Malware to ‘Attribute’ Cyberattacks to Nations Like Russia.” Russian-controlled Internet “bots” are also said to be playing up these claims online.

The implication is clear. Trump was a victim of a “false flag” operation wherein CIA hackers broke into the DNC and blamed the Russians. This may be nutty, but it’s eminently believable to an audience conditioned to believe that 9/11 was an inside job and that the Sandy Hook massacre was staged — favorite tropes of the radio talk-show host Alex Jones, whose work Trump has praised. Other WikiLeaks revelations — for instance, that the CIA can use Samsung smart TVs as listening devices — lend further credence to Trump’s charge that he was secretly wiretapped.

Quite apart from its specifics, the WikiLeaks release changes the subject after a bad few days for Trump highlighted by Attorney General Jeff Sessions’s decision to recuse himself from any Kremlingate probe after he was revealed to have lied under oath when he denied meeting any Russian representatives. Last week it was Trump on the defensive. Now it’s his nemeses in the U.S. intelligence community who are answering embarrassing questions about how this leak could have occurred and the contents of the leaked information.

Again, maybe this is entirely coincidental, but WikiLeaks’ history of being used by Russian intelligence to support Trump should lead to much greater scrutiny not only of who leaked this information — is there a mole in the CIA? — but why it was released now. Even if there is no active collusion between the White House and the Kremlin, the extent to which their agendas coincide is striking. Both Putin and Trump want to discredit the U.S. intelligence community because they see it as an obstacle to their power.

Photo credit: OLI SCARFF/Getty Images

WikiLeaks Has Joined the Trump Administration

WikiLeaks reveals vast CIA spying, cyberwar operation

8 March 2017

The bitter internecine struggle within the US state apparatus and ruling political establishment, featuring unsubstantiated Democratic claims of Russian hacking in support of Trump, on the one hand, and Trump’s own charge that his campaign was bugged by Obama, on the other, was overshadowed Tuesday by a massive release of CIA documents by WikiLeaks.

The 8,761 documents contained in what WikiLeaks has described as “the largest intelligence publication in history” have begun to lay bare a vast system of surveillance, hacking and cyberwarfare directed against the people of the United States and the entire planet.

The anti-secrecy organization called the first document trove “Year Zero” and said that further CIA data dumps are still to come under a larger project dubbed “Vault 7.”

The files were taken from the CIA’s Center for Cyber Intelligence, a huge and little-known command that includes some 5,000 hackers, both CIA agents and private contractors. Much as in the case of Edward Snowden’s leaking of secret documents exposing the global spying operation of the National Security Agency (NSA) in 2013, the CIA documents have apparently come from a former agency hacker or contractor concerned about the scope and purpose of the agency’s cyberwar operations.

The programs described in the documents indicate that the CIA, according to WikiLeaks, has developed “more than a thousand hacking systems, trojans, viruses and other ‘weaponized’ malware” allowing it to seize control of devices, including Apple iPhones, Google’s Android operating system (used by 85 percent of smart phones) and devices running Microsoft Windows. By hacking these devices, the CIA is also able to intercept information before it is encrypted on social media platforms such as WhatsApp, Signal, Telegram, Wiebo, Confide and Cloackman.

The agency has apparently stockpiled so-called weaponized “zero-day” threats that can be used to exploit unidentified vulnerabilities in a wide range of devices before their manufacturer is able to detect the flaw and correct it. Under the Obama administration, the White House had supposedly established a “Vulnerabilities Equities Process,” under which the intelligence agencies would inform manufacturers of most software vulnerabilities while keeping some to itself for exploitation. In part, this was designed to prevent US companies from losing market share overseas. The vast character of the CIA arsenal establishes that this program was a sham from the outset.

One of the programs developed by the CIA, codenamed “Weeping Angel,” turns Samsung smart televisions into the kind of technology envisioned by George Orwell in 1984, in which “thought police” monitored “telescreens” that served as both televisions, broadcasting the speeches of “Big Brother,” and security cameras, monitoring every word and action of the viewer. This surveillance technique places targeted TVs in a “fake off” mode, transmitting conversations in a room over the Internet to a covert CIA server.

WikiLeaks reported that a large amount of information had been redacted from the leaked documents, including computer codes for actual cyberweapons as well as the identities of “tens of thousands of CIA targets and attack machines throughout Latin America, Europe and the United States.”

That “targets” exist in the US indicates that the agency is engaged in wholesale domestic spying in violation of its charter.

The documents also establish that the CIA has developed these programs in collaboration with MI5, the British intelligence agency, and that it operates a covert cyberwarfare center out of the US Consulate in Frankfurt, Germany.

One chilling revelation provided by the documents, according to WikiLeaks, is that, “As of October 2014 the CIA was also looking at infecting the vehicle control systems used by modern cars and trucks.” WikiLeaks notes that “The purpose of such control is not specified, but it would permit the CIA to engage in nearly undetectable assassinations.”

While WikiLeaks does not specifically mention it, this was the scenario suggested by many in the 2013 fatal single-car accident in Los Angeles that claimed the life of journalist Michael Hastings. At the time of his death, Hastings, who had previously written an article that led to the removal of Gen. Stanley McChrystal as the top US commander in Afghanistan, was working on a profile of Obama’s CIA Director John Brennan. Before the accident, Hastings had informed colleagues that he was under government surveillance and had asked a neighbor to lend him her car, saying he feared his own vehicle had been tampered with.

One other politically significant element of the revelations contained in the WikiLeaks documents concerns a CIA program known as “Umbrage,” which consists of a sizable “library” of malware and cyberattack techniques developed in other countries, including Russia. The agency is able to exploit these “stolen” tools to mask its own attacks and misdirect attribution to their originators. The existence of such a program underscores the lack of any foundation for the hysterical campaign alleging Russia’s responsibility for the hacking and leaking of Democratic Party emails.

While the Democrats continue to center their fire against Trump on the question of alleged ties to Russia—rather than the reactionary policies his administration has unleashed against immigrants and the working class as a whole—the WikiLeaks revelations about the CIA are being dismissed by sections of the media as another Moscow plot.

Along similar lines, the New York Times Monday published a lengthy article mocking alleged “signs of a White House preoccupation with a ‘deep state’ working to thwart the Trump presidency” following Trump’s charge that he had been bugged during the presidential campaign.

Such a term might be appropriate for countries like Egypt, Turkey or Pakistan, the Times argued, but could not be applied to the US because it “suggests an undemocratic nation where legal and moral norms are ignored.”

The reality is that the “deep state” in the US is more massive and powerful than anywhere in the world and is the patron of similar military-intelligence complexes in countries like Egypt, Turkey and Pakistan. As for “legal and moral norms,” the latest revelations about the CIA, an organization long ago dubbed Murder, Inc., offer a glimpse of the real methods of the American state.

That the Times attempts to dismiss concerns about the activities and influence of the military-intelligence apparatus only establishes its own role as a propaganda organ and ideological instrument of this “deep state,” with the most intimate ties to the CIA, the Pentagon and other agencies.

The documents released by WikiLeaks cover the period of 2013 to 2016, the last years of the Obama administration, which presided over the continuation and spread of the wars begun under Bush, a sweeping expansion of the power the US intelligence apparatus and a corresponding assault on democratic rights. This included the organization of an international drone assassination program under which the White House claimed the authority to order the extrajudicial murder of American citizens.

This vast apparatus of war, repression and mass surveillance has now been handed over to the administration of Donald Trump, a government of billionaires, generals and outright fascists that is determined to escalate war abroad and carry out unprecedented attacks on the working class at home.

While the Democratic Party is calling for a special prosecutor over alleged Russian “meddling” in the US election—a demand aimed at sustaining the US war drive against Russia and diverting the mass opposition to Trump into reactionary channels—and Trump is calling for a probe of the alleged bugging of his communications, neither side has called for investigation of the CIA spying operation. Both Democrats and Republicans are agreed that such police-state measures are required to defend the crisis-ridden capitalist system against the threat of a social revolution by the working class.

Bill Van Auken

http://www.wsws.org/en/articles/2017/03/08/pers-m08.html

Facebook’s “fake news” measures: A move toward censorship

161119171852-fake-news-1024x576

By George Gallanis
17 December 2016

On Thursday, the global social media giant Facebook announced new measures it said were designed to limit the spread of “fake news” from hoax web sites. The measures, however, are part of a broader corporate media campaign to clamp down on independent and alternative news organizations.

Facebook’s announcement is in response to criticism it received from major corporate news outlets such as the New York Times alleging that fake news articles shared on the social media platform played a major role in altering the outcome of the 2016 elections. Facebook’s CEO and founder, Mark Zuckerberg, first called such allegations “crazy” but has shifted to accommodate the demands.

In a news post on Facebook titled “News Feed FYI: Addressing Hoaxes and Fake News” by Adam Mosseri, vice president of product management, Facebook laid out the four components of its new policy.

Under the headline “Easier Reporting,” Facebook will streamline the way people can report an alleged fake news site by implementing new features. Under “Disrupting Financial Incentives for Spammers,” Facebook plans to financially hurt “fake news” sites by limiting their ability to purchase ads by making it more difficult to use fake domain sites when posting ads.

This is followed by the measure called “Informed Sharing.” If an article is read multiple times and it is not shared afterwards, according to Facebook this may be a sign that the article is “misleading.” If Facebook deems this to be the case, then the article will receive a lower ranking on Facebook’s newsfeed, making it less visible and available for reading.

In practice, this means that if an article, whether it is telling the truth or not, is not shared, then it may be demoted and become less likely to be read. An analysis by BuzzFeed News found that during the 2016 presidential election campaign, news posts considered fake were in fact more widely shared than those considered real.

Most significant, however, is a policy under the headline “Flagging Stories as Disputed.” Facebook will catalog reports of alleged fake news from users, along with other vague data it only describes as “signals,” and will send them to a third-party fact checker for arbitration. If a story is deemed fake, then Facebook will mark it as such with an attached explanation as to why. Such stories will then appear lower in Facebook’s newsfeed.

Facebook’s “third party” reportedly consists of five news organizations acting as fact-checkers. These are: ABC News, Politifact, FactCheck, Snopes and the Associated Press. According to Facebook, these organizations are also signatories of The Poynter Institute’s International Fact Checking Code of Principles, which are: 1) “a commitment to nonpartisanship and fairness”; 2) “a commitment to transparency of sources”; 3) “a commitment to transparency of funding and organization”; 4) “a commitment to transparency of methodology”; and 5) “a commitment to open and honest corrections”.

Poynter, a self described “global leader in journalism,” receives funding from, amongst others, Google, the Bill and Melinda Gates Foundation and most notably the National Endowment for Democracy, a front for the US Department of State that has intervened in elections all over the world in the interest of US imperialism.

The implications of Facebook’s moves to limit “fake news” are ominous. It takes place in the context of an effort by the corporate media to create an amalgam between clearly manufactured content and articles and analysis that it brands “Russian propaganda” because they are critical of US foreign policy.

Last month, the Washington Post published an article, “Russian propaganda effort helped spread ‘fake news’ during election, experts say,” which referred to an organization, PropOrNot, that had compiled a list of web sites that are declared to be “peddlers of Russian propaganda.” The site includes WikiLeaks, Truthout, Naked Capitalism and similar publications.

http://www.wsws.org/en/articles/2016/12/17/face-d17.html

No, America, It Wasn’t Russia: You Did This to Yourself

Posted on Dec 10, 2016

By Juan Cole / Informed Comment

  President-elect Donald Trump. (Gage Skidmore / CC 2.0)

The headlines scream, “Secret CIA assessment says Russia was trying to help Trump win White House” and “Obama orders review of Russian Hacking during Presidential campaign.”

I don’t doubt that the Russian Federation employs hackers and PR people to influence public opinion and even election outcomes in other countries. So does the United States of America. But I am skeptical that anything the Russians did caused Donald Trump to be president.

It wasn’t like Trump was a Manchurian Candidate, a stealth plant in the US body politic who would only be operationalized once elected.

Trump was in plain view. He had all along been in plain view. His hatred for uppity or “nasty” women, his racism, his prickliness, his narcissism, his rich white boy arrogance and entitlement (apparently even to strange women and other men’s wives), his cronyism and his fundamental dishonesty were on display 24/7 during some 18 months of the campaign, and it wasn’t as though he were an unknown quantity before that.

Americans voted for him anyway. Slightly more Americans voted for him than for a respectable person like Mitt Romney. No Russians were holding a gun to their heads. And they knew, or should have known, what they were getting.

By a “black swan” fluke, a few tens of thousands of the Trump voters were distributed differently, state by state, than the McCain and Romney voters; and in some key states like Michigan Sec. Clinton did not do as well as Obama had, even if she was beloved in California and New York.

One of the cleverest things Trump said during the campaign was directed to African-American voters, asking what they had to lose by challenging the status quo and voting for him. It was a trick, of course, and they have everything to lose, both because the Republican Party’s economic policies aim to help rich people at the expense of workers and most African-Americans are working class, and because the GOP since Nixon has connived at attracting a white racist constituency, and succeeded.

But despite the dishonesty of the quip (which did not fool African-Americans one little bit), that kind of thinking appears to have been widespread. In some states, as many as 14 percent of the white working class deserted the Democratic Party compared to the previous two elections, and, worse, 21 percent of white working class voters who used to vote for Obama just stayed home. They weren’t being irrational. Things have been bad for them and they haven’t participated in the recovery after 2008 the way the stock market has. Their death rates have even increased.

Nor did any Russian hacking related to Wikileaks, if that is what happened, prove decisive. Clinton’s own polling people found the big turning point was when she called Trump voters a “basket of deplorables.” Americans don’t like being talked down to, and had already gotten rid of Romney for the same sin. The spectacle of Clinton taking hundreds of thousands of dollars to give a speech to the people who put them out of their homes in 2008-9 also turned many of them off so that they stayed home, while another section of them decided to take a chance on Trump. He will screw them over, but from their point of view, they worried that she might have, as well. Trump was promising to stop the hemorrhaging of jobs via protectionism, whereas everyone understood that Sec. Clinton’s first instinct was to do TPP and send more jobs to Asia.

So it was Clinton’s public persona and public positions that hurt her and depressed Democratic turnout in places like Detroit and Flint, not anything in Wikileaks (can anyone name even one newsworthy email?) Or on the other hand it was neofascist disinformation campaigns like spirit cooking and pizzagate. It wasn’t anything as rational as a Putin sting.

No, America had its eyes wide open. The Republican Party, the usual 61 million, voted for Trump, despite his vulgar talk and vulgar style of life. Since the GOP is mostly the party of Protestant whites plus about 40 million Catholics who think they are white, nobody over there too much minded the racism against minorities. There were some defections among the white Protestant married women from the GOP (either stay-at-homes or aisle-crossers) and there were some defections among the white working class from the Democratic Party. But those two may well have just cancelled each other out.

The GOP voted for a champion of the business classes, which Trump will be, in spades. And that is what everyone should expect. There is nothing surprising about it. The GOP wins nationally when it can add to its base of small and large businesspeople and farmers and exurbanites, and Trump managed to attract a few tens of thousands of other sorts of people in the districts where it happened to matter.

Russia doesn’t enter into it.

http://www.truthdig.com/report/item/no_america_it_wasnt_russia_you_did_this_to_yourself_20161210