MCSeto boosted

The password manager LastPass has suffered another breach, and this time customer information was affected. pcmag.com/news/lastpass-suffer

MCSeto boosted

Warning: Do not use Hive Social ⚠️🐝

We found multiple critical security vulnerabilities in the App, leaking private messages, posts, images and user data like phone numbers, emails and birthdates.

zerforschung.org/posts/hive-en

MCSeto boosted

We just published a study on fake social media engagement services, aka "SMM panels". These panels sell inorganic engagement with online content, such as likes, followers, song/video reproductions, and comments or reviews. Just open up a search engine, search for "smm panel", click on "services" and scroll down to get an idea of what I'm talking about.

Our results are based on a dataset we collected over 4 months. We monitored 86 SMM panels and gathered a catalog of 61k service entries. We also scanned 2.8M underground forum entries and identified 7k threads dealing with fake engagement trading. Here's a summary of the key findings.

These panels target literally every major online platform, including social networks (Instagram, Facebook, Twitter, TikTok), review services (TripAdvisor, IMDB), video (YouTube, Twitch) and music (Spotify, SoundCloud) sites. They also offer traffic to standard websites.

The specific services offered depend on the target platform---e.g., likes and followers for social networks and plays for audio/video platforms. But what is really interesting is the level of customization one can buy. You can buy 'real' or 'bot' traffic. You can buy traffic from a 'male' or a 'female' account. You can select the country of origin. You can ask for the service to be 'guaranteed', automatically 'refilled', delivered at a 'fast' or 'slow' pace and many, many other qualifiers. This level of customization is a relatively recent phenomenon. It suggests that there is an underlying infrastructure (platform accounts, network vantage points and human operators) to deliver engagement services with the required characteristics.

We did an economic analysis of this ecosystem. We find prices are relatively stable, but there are significant disparities between prices for the same service across providers. This suggests that the market is still underdeveloped and sellers do not know the real market value of their services.

Trading of these services in underground forums is relatively common. We found 751 actors with activity in this area. Some of them are very active and enjoy good reputation (>1k positive points). Public transaction reviews suggest that customers are happy with the quality of the service they bought.

More details are available in the paper:

sciencedirect.com/science/arti

This is a joint work with my awesome collaborators Sergio Pastrana and Narseo Vallina, and has been led by my student David Nevado, who spent a year studying this ecosystem for his master's thesis.

MCSeto boosted

Another quick PSA for the newcomers:

There is no Mastodon.

As in, there is no entity out there called Mastodon that needs to "get it together" or "make things easier."

Every server is a unique collection of hardware and software operated by a unique team of (usually) volunteer humans funded by (usually) donations.

Some days will be smoother than others. We new folks have flooded the network. Cut the volunteers some slack. Better yet, offer support.

MCSeto boosted

Email translations:

“I was under the impression”
Translation: I’m furious

“As per my email”
Translation: I’m furious

“With respect”
Translation: I’m furious

“Whilst I appreciate”
Translation: I’m furious

“As I’m sure you’re aware”
Translation: I’m furious

MCSeto boosted
MCSeto boosted

A research team tested the reliability of the dot-probe task across 36 versions in 9,000 people.

“Conclusions: The emotional dot probe task is not an adequately reliable measure of individual differences in attentional bias to threat. We identified no parameters that produced attentional bias scores that had adequate reliability to justify inclusion in research studies that seek to quantify differences between people, including individuals with elevated anxiety.”

psyarxiv.com/58z4n/

MCSeto boosted

In a classic experiment, 12 articles were resubmitted to the same journals in which they had already been published. Three were recognized as resubmissions. Eight of the nine articles reviewed again were rejected, often due to "serious methodological flaws."

@alexismadrigal I’m enjoying the nostalgia of being on a site with lots of other new users.

And the sense of smaller communities (instances) sharing social responsibilities within the fediverse.

General tone has been super refreshing

MCSeto boosted

Some people think Mastodon is too weird to become popular:

I joined Twitter in 2008. We had to put a "d" in front of a tweet to convert it to a direct message and every other day you had some embarrassing private moments exposed because someone forgot about the “d”. Hashtags were just a community hack, introduced by Chris Messina to somehow tag content. Search? Hah, you wish! Tweets via SMS were supposed to be a thing. Oh, and the daily meet and greet with the failwhale. Totally not weird.

MCSeto boosted

@alexismadrigal I liked the exposure to very different people and ideas. Learned a lot via the bird app.

Also ended up being a way to keep up with breaking news and doing some science knowledge translation.

MCSeto boosted
MCSeto boosted

Fedified.com is a list of Twitter-verified accounts that have moved to Mastodon. This is a hand-curated list, so it's updated a few times a day. fedified.com/

MCSeto boosted

As my first toot on Sciences.Social, I'm excited to share our lab's new PNAS paper--just out today--showing that wealth redistribution promotes happiness. This #MysteryExperiment began when a wealthy couple partnered with
TED to give away $2 million. 300 participants from 7 countries (Kenya, Indonesia, Brazil, Canada, US, UK, & Australia) joined the experiment without knowing what it was about. Then, 200 of them, chosen at random, received $10,000 each...pnas.org/doi/10.1073/pnas.2211

MCSeto boosted

Did you know that if you capitalize each word in a multi-word hashtag, #ScreenReaders can read them as words, but if you leave them lowercase, they can't? Well, now you know! So, for #accessibility, please capitalize words when there's more than one in a hashtag.

Loved the bird app for a long time but the recent chaos and ongoing problem of trolls…

Trying Mastodon as an alternative space for discourse about sexuality science, child sexual abuse prevention, and forensic mental health. With fewer posts about fishing and food.

Qoto Mastodon

QOTO: Question Others to Teach Ourselves
An inclusive, Academic Freedom, instance
All cultures welcome.
Hate speech and harassment strictly forbidden.