Hack With Us in Mexico City / Hackeá con Tor en México

At a long-range planning meetup, thinking "outside the box" is particularly important.

One project which I think is challenging but doable would be developing anti-stylometry software which can be easily used with various applications such as gedit, which is already incorporated in Tails, which is currently probably the general purpose amnesiac OS for resistance by ordinary citizens.

The situation is currently so awful that even a beta tool would be invaluable.

The field of stylometry, also known as "authorship identification", embraces techniques which can be used to identify authors of anonymous or pseudonymous documents (such as social media posts via Tor or Op Eds in the stubbornly-refusing-to-fail NYT). DARPA and IARPA fund research into this, but of course their true interest is in improving their own methods in order to harm us.

Thinking about the problem in terms of information theory is essential. This also helps to bring to the forefront many useful analogies with the problems of hindering cryptanalysis, traffic analysis, and Tor circuit de-anonymization.

The bad news is that stylometric analysis can exploit many types of clues, such as variations in vocabulary, grammatical structure, punctuation, plus colloquialisms, regionalisms, acronyms, characteristic misspellings and capitalizations, as well as semantics and mood. Even variant versions of "well known" quotations or references to popular memes can offer potentially dangerous clues. The fact that any definable feature whatsoever can acquire a probabilistic characteristic over time and space makes comprehensive anti-stylometry quite a challenge.

But there is some good news too. First, natural language is so flexible that the stylometrists encounter difficulties in robotically reducing texts into a form suitable for their analysis, so stylometry is not quite as easy as DARPA propagandists claim. Second, some types of clues are easily blunted, and anything which substantially increases the entropy of the targeted text (increases the difficulty of picking an individual candidate out of the crowd of potential authors) is valuable. In particular, simply increasing the size of the crowd, by writing in a common language such as Spanish or English, or by working to enlarge the global community of Tor users, helps to keep us safe.

Currently, the only widely available type of application useful for stylometry-resistance is the humble spell checker (because alternative spellings offer information to our enemies).

One other simple trick anyone can use in their next social-media post: instead of adopting the name of your favorite Star Wars character, it would be wise to use one of the many Open Source tools to choose a generic name.

(One tool even alleges to choose a name from a particular ethnic group, a politically incorrect trick which both RU and US government trolls have exploited to the fullest when targeting BLM activists. Not very nice at all. But reporters could use this tool to choose a "black" name, and measure how their search results and what kinds of mass-mailing adverts they receive changes. They will be amazed, even if they think they can guess what to expect.)

But Tor users need much more than this, and the Tor community must work to provide the missing tools.

Currently, English appears to be the one language for which the resources needed for effective anti-stylometry tools are readily available. We need to work to change this. Considerable effort will be needed, but if we work together we can get the job done.

The goal of an anti-stylometry application is to help authors modify their draft before posting the text, in order to blunt the clues which the original draft will quite certainly offer up to stylometric analysis.

One of the most basic category of clues comes from vocabulary. English in particular is a language richly endowed with multiple synonyms, and unfortunately for the resistance authors tend to prefer particular choices. This is dangerous. And this danger is not limited to English language posts.

Good open source word lists for many languages including Spanish are readily available, but anti-stylometry apps need good information on the probabilities that each word will appear in a generic on-line text (or even better, in a text with a particular subject matter, such as environmental protest).

Fortunately, the vast Google trillion word corpus for English is available on line, and this can easily be exploited to compute relative probabilities for nouns, verbs, adjectives, and adverbs. There are also a number of excellent Open Source English dictionaries which can be used, along with the invaluable WordNet, to compile lists of synonyms for each word. Any good anti-stylometry app should integrate with gedit (say) to suggest the most common synonym for each word, especially for any rare words which appear in the draft. This will be especially valuable if coupled with even a rudimentary POS tagger, since many words can serve as both a noun and an adjective.

Google has a trillion word corpus for Spanish too, and I hope that Mexican academics will use their influence to persuade Google to make it freely available. Similarly for Russian, Mandarin, and other widely used languages. We also need WordNet for Spanish and other languages.

Currently, parts of speech taggers for English appear to be available only for Windows, but link-grammar's link-parser tool can be adapted for use as a tagger. Currently, it appears that there is no link-grammar dictionary for Spanish and making one will be a large but doable community effort.

One very useful property of link-grammar dictionaries is that they can be useful even in preliminary form; they get better (and more useful for anti-stylometry) as they are enlarged. Further, link-grammar has the remarkable and useful property of being local, i.e. being based upon juxtaposed words rather than entire sentences. For this and other reasons it can probably be re-purposed as a workable POS tagger for the most common languages, including Chinese, Farsi, Russian and other languages which are not closely related to English or Spanish. Indeed, there are already dictionaries for Russian and Farsi.

POS tagging is vital for suggesting common synonyms, but grammatical characteristics are also used for stylometric analysis and applications like link-parser can be used to try to combat that. Note that the Google trillion word English corpus includes word trigram data and it is vital to obtain the same for Spanish. In both cases, this can be exploited to identify and warn against dangerously rare grammatical patterns in English or Spanish.

Punctuation analysis can also be important; Google knows about that too and academics should try to persuade them to share. Rewriting the old unix utility "style" in order to support languages other than English would be useful, but this effort should focus on outputting POS tagging and various stylistic scores and the app should produce output in a form which is easily piped to other applications. For example, using "deanonymizing" viz "de-anonymizing" is potentially dangerous, so this post is self-referential in an ungood/un-good way. Placement of articles, commas, semicolons, colons, hyphens, and even how one uses question marks can offer up to the bad guys much potentially dangerous identifying information.

Incidentally ("by the way", "speaking of which"?), the man page for the Debian version of link-parser is not correct: batch processing doesn't work the way the man page claims. And the output of link-parser is not well suited for piping to other applications. Pressure should be applied to persuade Debian to correct these deficiencies.

Another area which needs attention is that in the current internet environment, English words and phrases often appear in posts primarily written in other languages. For this reason, English language de-anonymization-resistance is useful even to authors who belong to non-English linguistic communities.

One area where resources for Spanish and closely related languages including Brazilian Portuguese are currently far in advance of other languages is machine translation (see apertium in the Debian software repositories). In fact these are already so good that one easy way for a Spanish language author to misdirect the bad guys would be to use apertium to translate their text into Catalan or Portuguese, possibly followed by machine translation back to Spanish. Results can induce ROFL hilarity, but may nonetheless be useful for suggesting stylometry resisting modifications to the original draft.

There is a research group in the US which for many years has claimed to be "de-anonymizing" everything which has ever appeared in any language anywhere on the Internet. It is of course funded by USIC. As far as I can tell, these people overstate what they can actually accomplish at scale, but they must be regarded as the direct enemy of every Tor user, at least until well-tested and effective anti-stylometry applications become available in the most common languages.

There may be no cure for the fact that writing in a less common language aids de-anonymizing simply because individuals who belong to a smaller community are more easily identified. This is analogous to the problem with posting from countries with small populations.

In general, the authors of effective anti-stylometry applications should expect to engage in an ongoing "arms race" with the authors of stylometry applications. I urge them not to even consider seeking funding from entities such as DARPA, which will be eager to offer it, because anything the bad guys learn from you will be used to harm people such as bloggers and leakers and would-be governmental policy-moderators.

Tails has just introduced an invaluable new feature which makes it easier to install specialist software such as apertium for an individual Tails session. This feature will be even more convenient for those who use Tails booted from a USB stick. Coders should find the new feature useful for preliminary research, but ultimately I hope to see well-tested anti-stylometry apps incorporated into Tails. It is important to keep base Tails "small" (currently 1.1 GB), but the new feature should make it easy for users to load the particular language databases they need (which will probably be large even if compressed) from removable media or even via onion from a remote site, even if they boot Tails from a DVD.