SoylentNews is people
SoylentNews
President Donald J. Trump loves his Twitter account. Much has been made of Trump's 140-character missives, which he at least in part blasts out to the world unfiltered with his own fingers (and sometimes his staff). Interpreting the data and metadata of Trump's tweets has become akin to a modern form of Kremlinology—the art of reading the temperature of the Soviet Union's leadership by noting who was seated where in the reviewing stands at Red Square.
Twitter may not be the leading social media platform, and it may not be the friendliest place on Earth to exchange ideas. But it does offer an API that lets pretty much anyone mine its metadata. While much of the data associated with tweets is obscured by the usual Twitter clients, those who've followed the tweeting travails of our 45th president are likely aware of the fact that it contains information like what device or software tweets were posted from. In the past, Law enforcement agencies and others have used access to Twitter metadata for a variety of purposes, including surveillance, by tapping into high-volume feeds of Twitter's tweet-stream. But a great deal of information can be gathered with much simpler and accessible tools.
"As any other social media website Twitter know a lot of things about you, thanks [to] metadata," a French security researcher known as X0rz wrote in a recent blog post. "Indeed, for a 140 characters message you will get A LOT of metadata—more than 20 times the size of the initial content you typed in! And guess what? Almost all of this metadata is accessible through the open Twitter API." To demonstrate that, X0rz wrote a Python script called tweets_analyzer, a command-line tool to tap into some of Twitter's vast metadata that may not be accessible from the standard client.
Tweets_analyzer requires a Twitter account for authentication, as well as Twitter API credentials and, of course, a tweaked Python environment. It's not exactly something to be handed over blindly to the average tweeter. But in the right hands (and with a little patience due to Twitter API rate-limiting), it can help analyze accounts to identify networks of Twitter bots or trolls concealing their actual location and identity. In addition to examining the metadata associated with Twitter users and their tweets, X0rz added a "friends" analysis feature that skims information from the metadata of the accounts followed by the target account, including language, timezone and location data.
For the sake of science, I turned tweets_analyzer loose on a few Twitter accounts to see what sort of information I could uncover. I started with the most obvious of suspects: Donald Trump.
Source:
(Score: 0) by Anonymous Coward on Saturday February 04 2017, @11:54PM
So he tweets while on the tarmac before paying a surprise visit to Iraq, the location data is published, security degraded. Maybe they should just turn it off already?
(Score: 4, Interesting) by JoeMerchant on Sunday February 05 2017, @01:31AM
If Trump had an even slightly tech savvy staff, they could give him a Twitter proxy client, one which enables him to tweet from whatever device he is carrying and it automatically relays to a standard Twitter client located in the West Wing - all true location information effectively scrubbed.
Of course, this would require: A) knowing about, B) understanding the implications of, and C) caring about what your metadata is telling the world. And, about 10 hours of development time from a 3rd rate programmer to pull off the technical side.
🌻🌻 [google.com]
(Score: 1) by tftp on Sunday February 05 2017, @07:26AM
C) caring about what your metadata is telling the world
If this research is representative, then he should disregard (C) - it does not contain anything that is not already public knowledge from his published itinerary [whitehousedossier.com]. I looked at the charts and determined that Trump sleeps at night and works more in the first half of the week. That is terribly important news! Someone should, perhaps, stop the presses.
I am also pretty confident that Trump, like many Presidents before him, does not care about OPSEC - but other people, who are tasked with these duties 24/7, do, and they will find a way to communicate the requirements even to a minimally cooperative President. After all, they only need to give him an Internet uplink that goes through proper channels. AF1 has them. In the worst case they will buy a portable jammer from China, and that will make all those iphones and androids useless when in restricted environment. If I can think of that, the professionals certainly have already done so.
(Score: 2) by JoeMerchant on Sunday February 05 2017, @03:26PM
I would hope that OPSEC at that level is clever enough to make the metadata appear to be unfiltered, and actually throw good looking false trails when desired. As you said, match the published itinerary, but never let anything out that might give away any classified activities.
I imagine, in reality, they started out running "open" with no filters, but hopefully they get the filters in place before something embarrassing comes out. I mean, I don't like the current Pres, but I would be embarrassed for my country if our highest level security staff allowed something like a Presidential tweet give away a secret meeting.
Also to be considered, the President is a public figure, he doesn't likely do too much "off the books," maybe some private meetings while he's otherwise engaged in public activities, but secret trips out of the country are pretty hard to pull off in AF1.
🌻🌻 [google.com]
(Score: 2, Funny) by Anonymous Coward on Sunday February 05 2017, @03:40AM
> So he tweets while on the tarmac ...
Have you heard what the secret service have to say if they spot a potential threat?
.
.
.
.
.
.
Donald duck.