|
|
|
|
|
|
by octosphere
2457 days ago
|
|
|
I suppose it could be done a lot cheaper and easier, but don't forget the initial research required to figure out how to do it efficiently. All the trial and error required to create a set of OPSEC rules to abide by as you operate. In terms of useragents, you are right that they are easy to spoof; I actually meant the device fingerprints aren't easy to spoof (Twitter probably looks at heuristics like screen resolution for example) which is why I would suggest getting a variety of different phones like a mix of legacy Android, newer model Samsungs, iPhones, etc So you have different screen resolutions (which are not trivial to spoof) even different timezones, along with a mix of other unique specs One caveat to using hundreds (if not thousands of phones) is the cost. I get that. But remember these are the army we are talking about that have a large budget to spend on psyops and can actually pull something like that off. Another caveat to using phones is the lack of dexterity; using a phone is slower than using a desktop environment with keyboard, mouse, et al, although you can extend a phone with a keyboard for faster typing. |
|
|
Device fingerprints aren't easy to spoof for the average IT nerd, they are trivial to spoof for NSA.
I know enough that I could probably spoof most websites given a couple of days of research and poking. Now, don't get me wrong, my odds of convincing Google I'm actually two people are basically nil, even NSA might struggle to just manufacture Googleproof identities, but device fingerprints themselves are pretty spoofable.