Earlier tonight, I posted a link to a site that is scoring mastodon sites based on their threat score. Using things like violence, socialism, and polygamy as data points to score instances.
I removed the link, because they are a known entity that we can use for Projekt:ONI.
Let me take a moment to describe Projekt:ONI.
We are working on a detection and response system to detect listeners on the fediverse. It is in it’s very early stages... but essentially we will be compiling statistics in order to find targets that are likely surveillance operations, and then alerting the fediverse.
Think of it as an AI/ML system to keep snoops out of our shit.
Perhaps a Fediverse SOC.
Not sure what that endgame will look like, but we have assembled a team of Netizens to develop a detection system, and a response system.
We will be debuting more information in the future.
This is currently a 5 person team, dedicating time freely to secure our home in the fediverse. If they want to announce who they are, that is on them, but operations are moving forward.
We will find you.
@mewmew no... not yet.
@mewmew honestly, I’m not yet even sure it’s real data.
@mewmew not replying to earlier post you made.
Oooh, I want to join the Fediverse SOC!
"Mutuum Foedus Inure"
@TheGibson aside from blocking these a-holes, perhaps at the IP level, what else can we do to prevent these bogons from snarfing our shit?
@PhoneBoy we detect them as quickly as we can and make the effort to do so expensive to operate.
@TheGibson Still sounds like a cat and mouse game. Very much how infosec works when you have a determined adversary.
That’s what it basically is.
@TheGibson I do wonder when the big boys (the Googles, MSFTs, Amazons, Apple, etc) start trying to do this crap on the Fediverse. You have to know it's coming.
@PhoneBoy twitter is working on it already.
I know an exploit that could make them effectively unblockable. We are working to mitigate that as well, but it’s a tough problem to crack due to the nature of AP.
@TheGibson it does confirm my basic thesis that the only safe data at this point isn't digitized anywhere. If it's digitized, it's only a matter of time before someone who shouldn't get it will.
@TheGibson like I said, only a matter of time.
@TheGibson ML countersurveillance. I was wondering if people were going to start trying that... *huge approving grin*
@Kyresti it’s what we do.
@Kyresti you should see the system Inproposed to a prospective employer last week to stop browser fingerprinting.
@TheGibson I'd seen you post about it some too. IIRC, something to do with either spoofing the metadata or throwing out a bunch of junk data to render it useless?
@Kyresti yep. Not junk, has to be consistent. Unique junk is still trackable
@thegibson Using their own tools against them. Glorious.
@thegibson Thank you for this!
This is both an excellent idea and way cool!
@TheGibson oni was a really nice pc game
@TheGibson Sounds kind of like DShield for the fediverse... Should end up more useful than throwing manual detections into a toot and ask for similar sightings, like I sometimes did in the past.
Is Projeky:ONI also going to detect active sabotage accounts and operations within the fedi?
Maybe, be will adjust TTPs as data becomes available.
It really depends on what the resolution of our optics can get to.
@thegibson hey this sounds super interesting. Can I grab a link to wherever the progress for this is occuring? I've been interested in something like this for a while now!
@goat when it is ready to show, yes.
@thegibson alright, do you have a link to the site scanning the fediverse? I'd link to block them until there's a better solution
@goat we have not yet isolated their instance. Just found the reporting platform, which I pulled down continue research and not guide attention to.
@TheGibson you didn't happen to make a note of who was winning that ranking did you?
No, and it appears the site has been pulled down.
I’d say the considerable number of boost over the past couple of days may have spooked them.
@TheGibson aw, shame
I was going to see what we could do about getting a high score
@thegibson Now I'm almost wondering about the opposite of this: an operation that "scrapes" (and throws away!) to test out detection. A red team version, if you will.
(I will probably not do this, and would let you know if I were, but it would be interesting.)
@aschmitz now you’re cooking with Lard.
A bunch of technomancers in the fediverse. Keep it fairly clean please. This arcology is for all who wash up upon it's digital shore.