How would the server admin know the real-time location of the victim to spoof the GPS coordinates? How would the admin know if the victim was with others who could verify they weren’t engaged in their device? How could the admin counter legitimate logs from other applications or services the victim might be using at the timestamp of the post?
There are far too many variables to be able to execute this successfully by professionals, let alone a bunch of IT staff.
So, the victim watches their post publish. Acknowledges it’s been doctored. Attempts to edit. Receives some error. And shrugs it off and puts their phone away…? They’ll turn to the closest person with broader knowledge of IT and then it snowballs from there. And that timeline post-publishing would be sufficient evidence for reasonable doubt.
Sure, but then it’s a question of narrative not proof, right?
Because the response from X would just be, “we aren’t sure why Mr so-and-so didn’t/couldn’t immediately delete the post, but we froze it in short order because we believe the fact he would post such a thing is a matter of public interest, and we refuse to let him sweep it under the rug.”
Yeah, he could say that he posted something completely different and X changed it, but how do you prove it? Everyone would just assume it to be a lie trying to cover their ass after posting something terrible.
Not saying this is at all likely. Just that it’s possible.
And this assumes they notice it was doctored immediately anyway. Most people don’t verify that the post is correct after hitting “submit.” A good 90+% of people would probably never notice if the text was changed post upload.
Agree; this could all happen, yes. What my original comment was trying to convey—and your reply adds to—is that the variables and complexities required to be maintained by X/Musk to ensure that the lie they are defending are hugely disproportionate to other operations that can field similar results. It is also an incredibly high-risk operation for X/Musk, in that a collusion operation of this magnitude risks global repercussions. The required amount of time, effort and resources against politicians or reporters wouldn’t be worth X/Musk’s investment when simpler techniques can be executed at lower risk and require far less resources.
It really just comes down to a cost/benefit/risk analysis. Do we start fake-posting official accounts and risk massive legal and public fallout? Or do we pay Putin $X million to spin up a bunch of bots and push a particular message that could sway public opinion in a similar direction, with very little traceable evidence and virtually no risk to X/Musk?
Sure, I agree that it’s a stupid idea from an effort vs reward perspective. It’s at best unnecessary.
But your initial position was that it couldn’t be done without being easy to prove that it was a fabrication, and I think you’re wrong about that.
I think that they are more than capable of doing it in such a way that it’s wholly word-vs-word, with no forensic evidence pointing to it being doctored. And the idea that they would do that is outlandish enough that most reasonable people would assume the post was legitimate and that the “offender” was lying about it to try and deflect blame.
It’s the classic, "No, I didn’t post that list of porn search terms to my Twitter! I was hacked!! Totally somebody hacked me and did that. Wasn’t me at all!!” But in this case it’d be something that was a pretext for the government to arrest them.
I mean, if you’re doing it from the server administration side it would be pretty easy to just copy all that from a previous post
How would the server admin know the real-time location of the victim to spoof the GPS coordinates? How would the admin know if the victim was with others who could verify they weren’t engaged in their device? How could the admin counter legitimate logs from other applications or services the victim might be using at the timestamp of the post?
There are far too many variables to be able to execute this successfully by professionals, let alone a bunch of IT staff.
You could just replace the text of a post as it gets submitted. Keep all metadata otherwise unchanged. Lock the account from being able to make edits.
So, the victim watches their post publish. Acknowledges it’s been doctored. Attempts to edit. Receives some error. And shrugs it off and puts their phone away…? They’ll turn to the closest person with broader knowledge of IT and then it snowballs from there. And that timeline post-publishing would be sufficient evidence for reasonable doubt.
Sure, but then it’s a question of narrative not proof, right?
Because the response from X would just be, “we aren’t sure why Mr so-and-so didn’t/couldn’t immediately delete the post, but we froze it in short order because we believe the fact he would post such a thing is a matter of public interest, and we refuse to let him sweep it under the rug.”
Yeah, he could say that he posted something completely different and X changed it, but how do you prove it? Everyone would just assume it to be a lie trying to cover their ass after posting something terrible.
Not saying this is at all likely. Just that it’s possible.
And this assumes they notice it was doctored immediately anyway. Most people don’t verify that the post is correct after hitting “submit.” A good 90+% of people would probably never notice if the text was changed post upload.
Agree; this could all happen, yes. What my original comment was trying to convey—and your reply adds to—is that the variables and complexities required to be maintained by X/Musk to ensure that the lie they are defending are hugely disproportionate to other operations that can field similar results. It is also an incredibly high-risk operation for X/Musk, in that a collusion operation of this magnitude risks global repercussions. The required amount of time, effort and resources against politicians or reporters wouldn’t be worth X/Musk’s investment when simpler techniques can be executed at lower risk and require far less resources.
It really just comes down to a cost/benefit/risk analysis. Do we start fake-posting official accounts and risk massive legal and public fallout? Or do we pay Putin $X million to spin up a bunch of bots and push a particular message that could sway public opinion in a similar direction, with very little traceable evidence and virtually no risk to X/Musk?
Sure, I agree that it’s a stupid idea from an effort vs reward perspective. It’s at best unnecessary.
But your initial position was that it couldn’t be done without being easy to prove that it was a fabrication, and I think you’re wrong about that.
I think that they are more than capable of doing it in such a way that it’s wholly word-vs-word, with no forensic evidence pointing to it being doctored. And the idea that they would do that is outlandish enough that most reasonable people would assume the post was legitimate and that the “offender” was lying about it to try and deflect blame.
It’s the classic, "No, I didn’t post that list of porn search terms to my Twitter! I was hacked!! Totally somebody hacked me and did that. Wasn’t me at all!!” But in this case it’d be something that was a pretext for the government to arrest them.
deleted by creator