|
|
|
|
|
|
by CharlesColeman
2457 days ago
|
|
|
> I suspect the new way of doing psyops is to buy multiple smartphones which all have separate IPs due to a GSM/4G network, and have different and distinct useragents due to different Android versions in use. That seems like a lot of enormously expensive trouble to do something that probably could be done a lot easier and cheaper: user agents are trivial to spoof and a sufficiently sophisticated attacker can probably just steal any needed IPs from legitimate organizations using BGP (I understand the hosters used by spammers already do this). The only benefit I could think of for using actual smartphones is that they'd provide different, legitimate device fingerprinting results. |
|
|
In terms of useragents, you are right that they are easy to spoof; I actually meant the device fingerprints aren't easy to spoof (Twitter probably looks at heuristics like screen resolution for example) which is why I would suggest getting a variety of different phones like a mix of legacy Android, newer model Samsungs, iPhones, etc So you have different screen resolutions (which are not trivial to spoof) even different timezones, along with a mix of other unique specs
One caveat to using hundreds (if not thousands of phones) is the cost. I get that. But remember these are the army we are talking about that have a large budget to spend on psyops and can actually pull something like that off. Another caveat to using phones is the lack of dexterity; using a phone is slower than using a desktop environment with keyboard, mouse, et al, although you can extend a phone with a keyboard for faster typing.