The Unsuitablog

Exposing Ethical Hypocrites Everywhere!

Monthly Undermining Task, November 2010: The Online Infocrunch

Posted by keith on November 9th, 2010

Where do you go for information? I guess, because you are reading this as a web page, then your primary resource for information that you need in a hurry (and aren’t we all in a hurry nowadays?) is the Internet. As far as corporations go, online presence has now eclipsed printed and television media as the primary location for information. Well, I say “information” but that would be crediting the corporate world with far too much honesty: what I really mean is that the Internet is the primary location for propaganda. Call it PR, corporate information, spinning…whatever you like, but what the corporate world presents to the public is always going to be propaganda.

The Internet is manna to business, not particularly because it presents new opportunities for selling stuff – after all, the richest man in history (John D. Rockefeller, whose fortune is still being used to fund organisations like 350.org) made his fortune in an era when newspapers were king – but because the “information” can be so much more tightly controlled. Want to know about ExxonMobil, and most people will just type “Exxon” into Google and, at the time of writing, the three top hits will be ExxonMobil corporate links. The fourth proper link, not unexpectedly, is to the Wikipedia entry; something I will come to later. By controlling the portals of “information” ExxonMobil are able to control the message that is sent out to the world – to wit:

And a lovely spinny molecular graphic which, presumably is some kind of hydrocarbon.

What if the logo changed?

There, that’s a lot more accurate – it would really piss the company off, and take the rosy hue from the public perception that ExxonMobil have been so careful to cultivate. But here’s the thing: no one is going to see my new logo because (a) it’s not on the official ExxonMobil websites, (b) my own website doesn’t have much presence compared to the other links, (c) even if it did, it wouldn’t fool anyone that this is the real ExxonMobil logo because it’s not on a corporate web site. And that’s besides the obvious problem of being sued for passing the logo off as genuine.

That said, spoofs are most definitely part of the game on the Internet, which is why none of mine have ever been subject to a “take down” demand; the corporations are far too savvy to draw any attention to something they really wouldn’t like in the public eye, whether it’s a more truthful logo, the wording on a pretend “genuine” website, or a Wikipedia entry. Which brings me to the next point: I bet from time to time you have wanted to change something on Wikipedia; you might have even made a change, only to find that the article reverts back to the original as soon as your back is turned. Moderation exists on Wikipedia – by far the most referenced source of general information on the Internet, if not the entire global information corpus – to prevent vandalism; regardless of how well-meaning changes may be, if a change is made for nefarious reasons then it is considered to be vandalism. This isn’t looking very easy, is it?

So what about creating a new website that will be referenced as much, if not more than the corporate propaganda one? You’ll be lucky. It can be the finest example of the genre; it can be Digg-ed, Like-d and Reddit-ed to the hilt, but to hit a major corporation with a Googlebomb is asking for a minor miracle. There have to be easier ways to undermine the world of online information.

Well, there are; but you can also do all of the aforementioned as well – you just have to be smarter than smart about it, which is what I am going to try and help with here. I may not be clever enough to actually execute all of this, but I reckon the two of us (and anyone else you want to work with) can do a pretty good job screwing up the online corporate propaganda machine if we set our minds and hands to it…

Quick Wins

The following Undermining actions are low risk and easy to do, so there’s really no excuse not to do at least a couple of them when you have a moment to spare. The first one, is one that sticks pins in corporations’ feet. Social networking has been monopolised by Facebook – and there are plenty of bad things to say about Facebook now, including how it makes people feel they have achieved something useful, when they haven’t – and many corporations, along with the more corporate-friendly NGOs (like The Nature Conservancy and WWF) have created Fan Groups to give themselves a wider online presence. If you have a Facebook account, then I would encourage you to look for these Groups, join them and make mischief. The worst that can happen is that you get blocked, but as with the Nestle group, enough people who “Like” but don’t like has completely destroyed their social networking presence, despite Nestle recruiting hundreds of people to make positive comments.

You might like to try the same with The Nature Conservancy and Chevron; keep your eye out for more, because the corporations would love to control social media as much as they control the mass media.

Talking of the mass media, virtually every newspaper in the industrial world now has a web presence, and in very many cases it positively loves people to comment on stories. Some papers like The Guardian have a very high level of comments per article, but some – like the New York Times, surprisingly – get very few comments on the articles they open up. This one on BHP Billiton, is crying out for a few negative comments. The point is that you and I are almost certainly not going to get enough web connectivity to attract readers to blogs about companies; the big newspaper web sites, on the other hand, are highly syndicated and reposted, so that’s the place to do the Undermining.

Some of the more widely read blogs, such as Huffington Post and Mashable, cover corporate stories on a regular basis – again, negative comments, correcting the assumption that growth and profit are a good thing (amongst other lies) are always worth a shot. Even if you get flamed, you will have still made a point in a place where lots of people are likely to see it. The Technorati list is a good place to start looking for potential Undermining targets.

The following three Undermining Actions are a little more involved – in fact they can be very involved if you want them to be – and are listed in approximate order of both risk and also effort. There is no real correlation between risk and effort, and often the more effort you put into something, the less risk you entail; but if something requires more effort full stop to attain, then there are more opportunities to make mistakes, so be careful if you find yourself biting off more than you can chew: it may be that you are not up to the task, and that’s no bad thing to admit.

Wikicorrecting

I’m not one of those people who generally looks at Wikipedia and thinks, “That’s completely wrong, it must be changed!” Part of the reason is that as a media form, Wikis are supposed to be self-regulating, and the more people involved in the Wiki – in general – the better the self-regulation. Ok, there are some Wikis, like the infamous Conservapedia, that have such a bulk of prejudiced users that any attempt to correct information is doomed to failure (that said, it would be fun to try…) but in the main, a good Wiki, like Wikipedia is going to end up about as balanced as it’s possible to be in the context of Industrial Civilization. You can’t really expect it to go against the tenets of the industrial system, but you can make it more objective.

As an example, I stumbled across an article (presumably) posted by an employee of either IBM or one of their PR firms. The article in question was promoting the virtues of IBM’s Green Computing, and was a blatant advert. Simply by marking the article with the appropriate “Speedy Deletion” tag – in this case {{db-promo}} – the article was deleted by an administrator, never to be seen again. One bit of greenwash consigned to the virtual dustbin.

Of course, there is more to Undermining than just correcting obvious bias: what about exposing the real truth behind the corporate system? Yes, you can do it on Wikipedia, but you need to tread lightly…

It is easy for a person to vandalize Wikipedia. Since anyone can edit any page, the possibility is always there. The vandal might add profanity or inappropriate images to a page, might erase all the content of a page, etc.

However, there are tools that make it easy for the community to find and remove vandalism. There are also other tools available on Wikipedia to help corral users who are persistently destructive. For example:

* It is easy for anyone who sees vandalism to revert pages back to a pre-vandalism state.
* It is easy for any user to alert the rest of the Wikipedia community to vandalism that is in progress.
* It is possible for an admin to block or ban users (or IP addresses) who are persistently destructive.
* It is possible for an admin to protect a page temporarily to keep people from changing it.
* It is possible for an admin to delete an inappropriate page.

Tools like these make it easy for members of the community to quickly eliminate vandalism and prevent vandals from coming back.

(from http://computer.howstuffworks.com/internet/basics/wiki3.htm)

It’s no good just steaming in with a rant as, certainly in the case of higher-profile pages, the changes will be undone. Therefore, you have three options:

1) Make sure the changes you make are evidence-based, referenced and written properly. Anything that suggests vandalism will be reverted. You have to justify inclusion of new information, and removal of someone else’s, so you might need to refer to “reinstating balance” or suchlike in your notes.

2) Make subtle textual changes that alter the meaning of entries, undermining any positive image the company or organisation may benefit from. Always mark changes as “This is a minor edit”, and explain it is for clarity.

3) Make changes to unwatched entries. From the point of view of a Underminer, the most useful Wikipedia page by far is http://en.wikipedia.org/wiki/Wikipedia:Database_reports/Most-watched_pages (this is probably second: http://en.wikipedia.org/wiki/Wikipedia:Database_reports/Pages_with_the_most_revisions) as it indicates those entries you cannot “vandalise” (a.k.a. make more accurate) without comeback. Also, look for the last edit date: if it is more than a year ago then you should be able to get away with more nefarious changes, even blatant hacking without the change being reverted.

In all cases, make changes either anonymously (for minor edits) or under a disposable alias.

Online Subvertising

Subvertising is the act of undermining the message that advertisers wish to present. There are many ways to do this, and I have gone into a great deal of detail elsewhere on The Unsuitablog. Here is the related Monthly Undermining Task, here is the Subvertising Gallery, and here is the Earth First! guide to subvertising billboards for anyone who wants to take it to a more practical level.

Assuming you have a new, more accurate graphic, the wider the coverage of it, the better; this does not mean getting a few mates to post it on their blogs – unless those blogs are read by thousands of people* – it means that the subvertising has to effectively usurp the advertisers’ message in situ, just like a subvertised billboard does. The difficulty is that, as I said above, you can’t just change the corporate web site (I’m sure there are a one or two people willing to hack sites just to change a logo, but it’s a big risk for a change that will likely only last a few minutes); you need to find places where the logo or advert is normally placed online and find a way of replacing it. Wikipedia is, of course, one such place – with the provisos above; and as an experiment I have changed the logo on the Rainforest Alliance entry:

Somehow, I don’t think this will last long, but are there better places for subvertising? What about getting your logo on Google Images? Google Images is often used as a place for people to download corporate graphics. If you have a fairly well connected blog, like this one, or are able to contribute to something like that then you could be onto a winner at least with smaller companies, organisations or campaigns. The Avon “Hello Green Tomorrow” campaign was something I blogged about, and as a result it immediately went to near the top of the Google search rankings for “hello green tomorrow”, but the graphic I used didn’t do so well in the Google Images ranking. What I did wrong was not to include anything in the Alt Text – so as another experiment, I have inserted the following: “Hello Green Tomorrow Avon logo”. Prior to making that change, the logo languished on page 3. Almost immediately, the image search has placed it; well, here you go:

I’m sure you can be more creative than that.

*You can check how many visitors almost any site has by going to compete.com.

Spoofing

The final action, and no doubt the most complex, is the act of Spoofing. “Spoofing” means pretending to be somone or something you aren’t, but appearing on the surface to be that thing; a very common spoofing method is usually known as Phishing, which you will no doubt have encountered from time to time and, I’m sure, not been fooled by.

The basic techniques of phishing are certainly valid in spoofing a company or organisation, but like any method in this arena, they are not for the faint-hearted. However, by using a generic example of spoofing a corporation, including the option of phishing – not for money, but to damage their reputation – I can give an insight into at least the fundamentals of carrying out a large-scale spoof.

The best recent example of a corporate spoof (in both senses of the word) was that carried out by The Yes Men on Chevron in October, 2010. The non-technical details have been blogged by Andy Bichlbaum; but in a technical sense, what they did falls pretty much within the scope of the following, give or take a few steps.

1) Create your web page(s): make it as close to the look and feel of those of your target as works with the nature of the spoof you are carrying out. Ideally you should use as much of the source code of the original web site as you can, as well as (for all that you are not changing) using the original links. Test your page(s) thoroughly in every common browser (Internet Explorer, Firefox, Opera and Safari should cover it).

1a) If you are doing a complete bait-and-switch, i.e. presenting something completely different than the original, then the code is up to you; though be aware that anything more than a fake “holding” page will immediately be seen as a spoof.

2) Work out your hosting and URL redirection methodology. I’m assuming here that you have bought an appropriate domain name, such as www.chevron-weagree.com, otherwise your spoof will have to be of the Phishing variety (see 2a) If you have admin rights where the web page(s) will be hosted then you can control the way the URL displays, but will need to change the DNS record for the domain, and anyone with a bit of nous will be able to find out the details of your server(s). Alternatively, you can just set up a Framed Redirection via your domain provider, which will mask the URL of your spoofed page(s).

2a) For a straight Phishing attack you will be using what appears to be the official URL to go to the spoof page(s). Most anti-virus software will detect phishing in emails, but you could always use this technique in forums and blogs where you can edit the HTML. Even if you use phishing, you will probably still need the redirection or DNS change in place.

3) If you are not sending out a press release or invitation to view and just relying on the spoof, then that’s all you need to do; but you won’t get much traffic unless you have a really convincing URL (see www.vedanta-resources.com) so you will at least need to publicise your efforts as in 2a) above. If you are sending out a press release then you will need to set up at least one mailbox under your fake domain name, otherwise your information will lack credibility. If you can use a third party email client then that will protect your personal details (and the security of your own computer); most domain providers have that facility for a small additional fee. Be aware, though, that this is a form of abuse, so you may lose your account if you are found out.

4) Send out your press releases: make them as similar to the official press releases as you can, including embedded logos (proper ones) and contact details as appropriate. It is up to you whether you respond (the Yes Men don’t tend to), but if you do then keep all responses in the official form of the original. Telephone numbers are not recommended unless you have a call centre to hand.

5) Follow up. As per the Chevron spoof, a good follow up, turning the tables, can really extend the life of any spoof: my own blog on this contains the original text of the Yes Men emails.

Note that I have been fairly light on technical detail: if you are not technically adept at something like this then you either need to learn, or find someone who is and you can trust to help you. This is also only a rough template – there are so many ways of spoofing that are more complex, but I think this provides as least a starting point for those of you who may, very soon, be undermining the very fabric of the online corporate propaganda machine.

4 Responses to “Monthly Undermining Task, November 2010: The Online Infocrunch”

  1. B Says:

    Resist the empire from the comfort of your home office.

    On spoofing: I finally got a chance to try this not too long ago. I learned a few things.
    1) You can use the free software HTTrack (www.httrack.com) to copy an entire site. Then, you can alter the code and upload it to your server. Flash seems to be more difficult to copy or at least I haven’t figure out why it doesn’t copy over yet.
    2) Godaddy, and I suspect others, don’t care to check on any of the “WHOIS” data that accompanies a domain registration, fill in whatever you want. By using paypal to pay the registration cost you can avoid giving them any information that can be used to track you down later. The company I spoofed made all kinds of legal threats but never was able to get my name, home address, phone number, or personal email (I always make a new yahoo account for things like this).
    3) My site was taken down by the host about 6 hours after the press release went out. Host received emails from the spoofee demanding it be removed on legal grounds. However, I was able to still access the account and simply re-uploaded the index.html (main page) and the site re-appeared. It then took the spoofee 2 months to get an ICANN ruling that allowed them to take over the domain name I used for the spoof.

    On images: Posting on Flikr with the good titles and descriptions may also help elevate the google images rank of you subvertising.

  2. rl Says:

    Children at play. What a yaaaawn

  3. keith Says:

    When I finish “Underminers” give me your email address and I’ll send you the PDF. Sometimes you don’t have to smash things up to change things; in fact usually that’s a distraction from the real stuff that’s going on. Imagine the impact of just one decent spoof a day going to the world’s mainstream press: after a while they won’t know what to believe.

  4. keith Says:

    Thanks for the good advice, B, especially the last one – I notice that The Yes Men have handed over http://www.chevron-press.com to Chevron, which I consider to be a cop-out. They could plead “public interest” in informing people of the way Chevron operate, and get a good deal of press coverage if they are threatened with legal action.

Leave a Reply

You must be logged in to post a comment.