Jump to content
  • The Notorious Hacker Who’s Trying to Fix Social Media

    aum

    • 317 views
    • 20 minutes
     Share


    • 317 views
    • 20 minutes

    Over the past two decades, social media has taken over the world and become a menace to democracy. Can a pseudonymous hacktivist get it back on the right track?

     

    As much as humanly possible, I try to stay off social media. I use Twitter for work, but otherwise I’m pretty much MIA when it comes to the big sites. I haven’t used Facebook for years (too many scandals)—and I keep a healthy distance from Instagram and TikTok (they seem like attention-sucking blackholes). But recently, my ears perked up when I heard about an alternative social media platform—one that supposedly prioritized a civil and authentic social experience. There was a weird catch, though: the site was created by a mysterious hacker whose identity has never been publicly revealed.

     

    Americans are increasingly disenchanted with social platforms—many view them as detrimental to our politics and culture. From polarization to eating disorders to January 6th, there isn’t much that Facebook and Twitter can’t be blamed for these days. Personally, I’m not against the idea of engaging with online communities, but the notion of supporting platforms that seem so toxic is something that I find increasingly difficult to justify. Is it possible that someone who should, theoretically, be untrustworthy could actually restore trust in social media?


    What Is CounterSocial?


    Back in 2017, the pseudonymous hacktivist known as “The Jester” decided that he was sick of social media’s noxious ways—the disinformation, the internecine verbal sparring, the endless rage and fury. In particular, he found himself concerned about “influence operations,” the propaganda campaigns that have become so common online—and that seem to be swiftly driving us all collectively insane.


    Instead of quitting social media outright, though, Jester decided to do something slightly different.


    In a matter of months, he had spun up CounterSocial, an alternative social media site that was designed to “counter” the disinformation, trolls, influence operations and harassment prevalent on other platforms. He wanted to create a controlled environment—a walled garden where ugliness and toxicity could be moderated out. Today, the site has approximately 100,000 users and continues to see steady growth. The hacker says that he uses a variety of techniques to keep his platform safe and, according to him, it’s supposed to be a place where you can actually have civil conversations with people, where community is a real thing, and where people act like decent human beings instead of sociopaths and attention-seeking jackals.


    But for Jester to be the inventor of this happy little place is kind of funny. Why? Because until CounterSocial, he spent most of his time destroying websites, not creating them.


    Jester’s Identity

     

    Jester first gained prominence back in 2010, when he took credit for hacking a number of jihadist websites that were attempting to recruit new members. This act quickly garnered Jester a reputation as a “patriotic hacker”—a digital vigilante who hacked “for good.” Jester didn’t stop with would-be terrorists. During his heyday, he claims to have hacked a broad array of targets that he felt threatened America—everyone from fellow hacktivist groups like Wikileaks and Anonymous, to the rightwing cretins at the Westboro Baptist Church, to the blackhat hacking group Lulzsec, among others. His self-stated mission was to obstruct the communication lines of “bad guys” everywhere, and his calling card—a cartoonish but creepy Jester mascot —would be right at home in a comic book or a Hollywood hacker movie.


    If you’re wondering who’s behind that creepy mask, you’ll find no satisfaction here. A 2012 study suggests that, prior to his hacking career, Jester may have been a member of the U.S. Special Forces, or may have worked as a contractor for them. If he did, that could explain his technical abilities (the Army has a number of cyber divisions where such skills can be acquired). However, others accuse him of “hoaxing” his attacks and allege his real skill is disinformation, not hacking. Others wonder if he’s actually more than one person: a 2017 FOIA release from the NSA notes that it is “unknown if the Jester is in fact an individual working alone or a group of hackers” who hide behind a single online persona. Every once in awhile, somebody claims to have doxxed Jester or even alleges that they are him—after which Jester typically pops up to deny these claims. In short: the guy is pretty much a total mystery.


    At the same time, he’s also sort of an open book. In fact, to follow him on Twitter (which is the only mainstream social media platform that he uses) is to know that he’s something of a notorious shit-poster. A fan of former president Donald Trump and potential Twitter buyer Elon Musk he is not. He also doesn’t suffer fools gladly: some of his favorite insults include “chode,” “fucking idiot,” and “thistledick,” designations he reserves for his least favorite trolls. On any given day, you can read his vulgarity-filled tweets, which are often jarring, offensive, and occasionally funny. In other words: he’s one of the most outspoken enigmas you’ll ever meet.


    After hearing about CounterSocial, I wanted to meet Jester (online, at least) and get to know him a little bit. I was afraid that this would be difficult, since he’s notoriously secretive. But after downloading Keybase, the encrypted chat platform that he prefers to communicate with, I got a quick response: “I’d love to talk to you guys,” he said. Over the course of several days, I was able to have a relaxed, wide-ranging conversation with the mysterious hacker about the vision he has for his ever-growing pet project. He also agreed to set me up with an account so that I can check out his little experiment.


    Fixing Social Media


    “The inspiration [for CounterSocial] pretty much came from seeing all the misinformation and foreign influence operations happening on the current social media offerings. And the fact that nothing was being done to curb it,” Jester tells me, during one of our conversations.


    It’s no secret that such companies have taken a turn for the sinister in recent years. Just read Gizmodo’s own coverage of the Facebook Papers, where you can see that Meta (the parent company of Facebook) has a host of problems that it has no idea how to solve. Beset by noxious financial incentives, most social platforms are algorithmically structured to encourage the worst psychological impulses in their users. They also lack any real long-term strategies for how to fix the endless disinformation and misinformation campaigns that spawn like deranged rabbits on their platforms.


    The generous view would be that platforms like Twitter or Facebook are effectively too big to moderate or control, but Jester doesn’t seem to have much sympathy for that position. “It’s not that they are ‘too big’ - they have the resources. They just seem unwilling to deploy them effectively,” he says. In other words, while they may have the resources, they ultimately lack the will to do anything about it. Fortunately, Jester seems to have plenty.


    Using CounterSocial


    After making myself a COSO account, Jester upgraded it to a PRO account so that I could get the full user experience. PRO accounts are typically paid accounts ($4.99 a month) and allow users to access a host of features that are off-limits to free users. Setting up an account is easy. I enter some basic information (an email and a password), give myself the lame username “Tech Journo” and upload a profile picture. And that’s it. I am officially a COSONAUT, as the site refers to its users. I’m ready to get started.


    When you log onto CounterSocial the first thing you notice is that its layout is a little intense. The best thing to compare it to visually might be TweetDeck, Twitter’s dashboard feature that allows you to manage and monitor multiple accounts at one time. CounterSocial is a series of vertical feeds, which you can customize and arrange to your liking. Weirdly, there are also CNN news banners that scroll across the top of the screen—presumably to keep you informed about what’s happening in the world on that day. The view from my Pro account looks like this:

     

    237bc3018ec0755f344ca117accec94f.png

    Screenshot: Lucas Ropek/CounterSocial

     

    If you find yourself overwhelmed by COSO’s layout, you can actually turn on something called “Ostrich mode,” which disables the CNN banners and several other visual assets, allowing for a sparser, more simplified view. But I don’t mind the layout for the most part, so I keep Ostrich mode off and commence with poking around.


    If platforms like Twitter and Facebook are mega-corporations that feel like vast digital cities, CounterSocial feels very much like one of the internet’s small towns. Poking around on it gives you roughly the same feeling you might have entering a local bookstore. A banner in the corner of the screen notes: “CounterSocial stays online and ad-free because of YOU! Please consider helping to keep it that way by using the support options below. Thanks!”

     

    In other words: the whole thing is kind of quaint.


    Meanwhile, the features that Jester seems to have integrated into CounterSocial are probably the biggest selling point for a lot of people—and a lot of them are pretty cool.


    As you can see from the site’s drop down menu, COSO PRO supports a host of features that are pretty typical: You can DM people, join or start group conversations, and even audio/video call people with the COSOCall feature. For the privacy-focused, Jester says he has also integrated a “warrant canary” feature. Warrant canaries are supposed to warn users if a government has requested or subpoenaed data on them—a nice thing to have, given how much governments seem to do it these days.


    One of the most unique features that CounterSocial boasts, however, is its virtual reality “realms,” which Jester says is his response to “‘the metaverse’” from Facebook. “Awhile back I heard that Facebook was going to ‘break new ground’ with [its] MetaVerse VR stuff. So I set about integrating something similar for COSO. And managed to get it released a whole month before Facebook/Meta. With...[Realms] users can join other folks public spaces, or create their own, from a ‘remixable’ that someone else made, or by using our integrated CreativeSuite.”

     

    3d5d24b24d1e28487a24903e35fb95ce.png

    Inside “The Shining” realm on CounterSocial.
    Screenshot: Lucas Ropek/CounterSocial

     

    The realms that Jester has set up are pretty interesting, even if the animation probably isn’t going to win any awards. In one, you can wander around in the Overlook Hotel—the haunted stately manse from Stanley Kubrick’s The Shining adaptation. In another, you can shuffle around “Doc’s garage” from Back to the Future. There is also a campsite realm, a movie theater realm, and several others. But you can also create your own realms, which adds an element of interactivity to COSO that you probably wouldn’t find in other “metaverse” playgrounds. A headset will allow you to chat with other people inside of COSO “realms,” though, when I enter the Overlook, nobody else is in there except for me. I wander around the hotel for a few minutes, stare at the walls, briefly get stuck in a corner, then hop back out.


    How Does CounterSocial ‘Counter’ Disinformation?

     

     

    Then there are COSO’s anti-disinformation measures, which are the platform’s claim to fame. According to Jester, he deploys a variety of security mechanisms designed to keep trolls, bots, and assholes off of his site. The most drastic thing he does is ban IP addresses from six different countries. These include Russia, China, North Korea, Iran, Syria, and Pakistan. Jester’s logic here is that these are the countries from whence a vast majority of disinformation originates. “The nations blocked by our network are well known to be origin points of an overwhelming majority of bots and trolls that are used to engage in influence operations against not only the West but their own neighbors, as well as attempts to disenfranchise and divide social media users worldwide,” an FAQ on the site reads. When chatting with him, I point out that a dedicated disinformant could just use a VPN to mask their true location and then launch PsyOps from a Westernized IP address. He admits this is true, but says that “there’s more to” his efforts “than that.”

     

    “I also ban over 100K VPN endpoints and Tor exit nodes that are known to be used by nefarious actors,” he tells me. “On top of that, they almost always give themselves away as soon as they post anything,” he says, explaining that he feels he can identify a propagandist as soon as they enter his site. The thing about the “endpoints list” is pretty interesting but Jester won’t reveal to me where this supposed list comes from. “‘Hackers’ either know about or know how to find out about these kind of things,” he says cryptically. “It’s a compilation of different lists, and is currently... proprietary to us.”


    On top of this, CounterSocial also offers other features designed to mitigate potential disinformation aimed at users. “We teamed up with BotSentinel and Factlayer to provide our users with optional tools they can enable to help fight disinformation,” Jester tells me. BotSentinel is a free dashboard that tracks and provides information about social media accounts that are known for spreading disinformation. Factlayer, meanwhile, is a Chrome plugin that is designed to provide automated context about the websites that you visit. “Both those technologies are fully integrated into COSO,” he says.


    An Army of One

     

    All of this seems like a handful to manage, so you’d be forgiven for wondering just how many people are helping to keep this hefty little project running. According to Jester, it’s a team of exactly one—that is, just him: “Okay, right now, and I know this is gonna sound insane, but I am lead developer, moderation, CISO, CIO, first line support, second line support, marketing, security operations, infrastructure engineer, everything,” he says. It does sound sort of unworkable, but stranger things have happened in the ever-changing tech industry.


    According to Jester, the site’s infrastructure “has been designed to scale up and down very quickly to meet demand and we’re just under 100,000 users as of right now, growing every day.” For comparison, Twitter has around 7,500 employees—a number that might seem a little ridiculous for a platform that has only intermittently changed since its launch.


    This inspires a lot of questions. For one thing, how does one person monitor 100,000 people? If you’re hellbent on moderating disinformation, wouldn’t you need a few more eyes than just your own? Similarly, where does the hardware come from to support that many users?


    Apparently having a solo startup isn’t as impossible as it sounds. Called “one person unicorns,” such ventures have become somewhat common in recent years. Still, I ask Jester how he imagines being able to scale up the platform to a much larger user base, to which he tells me that securing more PRO accounts is potentially the answer: “I funded the initial rollout [of COSO] myself, with my savings. Then as we grew and the feature set expanded, I introduced the PRO account upgrade option so that folks could help me out,” Jester said. “We literally doubled in size the day Elon Musk announced he was buying Twitter a few weeks back,” he tells me. “We have been steadily growing and upgrading infrastructure as we have gone along.”


    “We don’t have any Venture Capital funding, and it’s been manageable, but that day, I had to make significant upgrades just to stay up, which I did and we’ve been stable ever since,” he adds.


    Is CounterSocial Safe to Use?


    Right about now you might be thinking: Okay, this all sounds pretty interesting, but is a platform run by a pseudonymous hacker actually trustworthy?


    It’s a good question. The short answer is: Uh, we don’t know, for certain. Gizmodo was not able to conduct a security review of COSO’s code (the site’s user policy expressly forbids security testing by users without permission—which we were unable to secure). Jester expressed concern that a penetration test conducted by an unskilled person might damage the site—which is a real concern with pentests. But, interestingly enough, folks in the cybersecurity community seem to like COSO quite a bit. The word of mouth about the platform among the infosec crowd has been mostly positive, Christopher Budd, the director of threat research at the IT security firm Sophos, told us. Budd himself has an account.


    “It’s something that I’d heard a lot of things about,” he says, in a Zoom call. Jester “is known within the [security] industry and within the security/privacy space and has good credibility with a lot of folks,” Budd added. “Enough people I know have a positive opinion [of COSO]—you know, it’s the ol’ circle of trust thing.” Budd also said that he appreciates the platform’s attempts to rid the user experience of bots and disinformation.


    Adriel Desautels, another user of the site, is the CEO and founder of penetration testing firm Netragard. Desautels recently opened a COSO account for himself and has been enjoying it. Like Budd, Desautels says that he has faith in COSO and Jester and that he has seen more and more security folks expressing interest in the platform. “It becomes tiring to not trust anything you see anywhere just because most of it is junk,” said Desautels, of the information on platforms like Facebook and Twitter. “It’s kind of refreshing to see a platform that intends—and I say intends because I can’t prove that’s what he’s actually doing—to deliver more trustworthy information.”


    Another plus is that a lot (but not all) of CounterSocial’s code is open source. Transparency (or a lack of it) has been a big issue with a lot of social media sites (just look at the hubbub over Twitter’s algorithm, for instance), so it’s nice to see a platform that’s at least interested in being straight with users.

     

    “CounterSocial is comprised of many elements, both open source and proprietary code,” the site’s licensing page reads. The open source elements include code from Mastodon, Mozilla, Apache Jitsi and MIT code via Rocketchat. But the site also uses unspecified proprietary code, something Jester doesn’t really address during our chats. And, of course, there’s the obvious irony: a site that emphasizes transparency is also run by an internet mystery man whose identity will probably never be known.


    Eventually, I ask Jester directly why users should trust him, given the fact that he’s a notorious hacker. “That’s a great question,” he says, noting that the only “personal information I need for them [the users] to create an account is an email address.” It’s true that very limited information needs to be shared to make a free account, though ostensibly the site could be collecting additional information about the user (the site claims that it does not “collect information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, household, or device”)


    Of course, a lot of the most exciting features of COSO are provided through PRO accounts, which are paid and necessitate forking over some form of financial information. Jester says that he doesn’t see any of the financial information personally and that it’s handled by a professional payment processor. However, he is unwilling to tell me which payment processor that COSO has a relationship with. “There’s some things I’m just not comfortable with volunteering. I have a lot of enemies, and they are gonna read this article to glean any tidbit they can get,” he explained. Ostensibly, if users are truly worried about providing financials, there are ways around it (using virtual cards, for instance).


    Building an Alternative

     

    If you trust Jester (and, for some people, that’s probably a big “if”), there’s definitely something endearing about his project. CounterSocial is clearly something he cares deeply about. There’s an element of world-building to it—and he clearly enjoys playing the role of the creator.


    He also seems to be accomplishing what he set out to do. In my time on the platform, I didn’t see much evidence of vulgarity, bullying, or the partisan sparring that are so routine on other social platforms. This might be because there’s just less people on CounterSocial and, therefore, less overall engagement between users. But there’s also a sense that people don’t want to fight on this platform. For one, thing there isn’t really any incentive to—it’s not going to win you any followers or advance your career. Unlike the other major platforms, COSO sorta feels like a real community.


    It also seems like something that people are interested in. After Elon Musk announced that he was thinking about buying Twitter in May, CounterSocial saw so many new users that it temporarily gave the site some trouble, according to Jester. Clearly, the hunger for alternative online ecosystems is growing. And Jester claims that he has big plans for his platform—that he wants to scale it up and broaden the community.


    “I guess [I] do (eventually) need COSO to make some money - but right now it’s a bit of a labor of love,” the hacker told me. “I am not so arrogant to think that COSO will ever become as big as Twitter or Facebook, but I would like it to ‘counter’ some of the far right platforms that have sprung up recently. I’m talking your Gab, Parler, GETTR, Frankspeech, and Trumps ‘Truth’ Social,” he says, in reference to the MAGA-verse alternatives that appear on a monthly basis. If this all sounds quixotic, Jester doesn’t seem to mind. “I hear God loves a trier,” he quips.

     

    Source

    • Like 2

    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...