Wednesday, September 11, 2013

I forked oolon's repo and stored it on a dongle...

As a software professional, I was interested to learn that the source code for The Block Bot is open source and freely available for anyone to look at and copy. I downloaded it and looked over it, but I haven't had time to examine it in detail, nor can I say for sure that the code on Github is the same as the code running on oolon's server. However I would like to make a couple of points.

Firstly, my understanding is that there is a list of people with admin privileges including oolon, Aratine Cage and an unknown number of other people who can add twitter users to the list. One of the ways they can do this is by sending a tweet to the block bot, specifying the person to be blacklisted and the level the person is to be added to. In addition, if the hashtag "spam" is included in the tweet, the target is not only added to the block-list but is also reported to Twitter as a spammer.

So while it's not the case that anyone blocked is also automatically reported for spam (as has been erroneously stated on some web pages), that capability exists and is open to abuse. Personally I think Twitter screwed up by adding the "report spam" functionality to the API and allowing bots to use it. A captcha should be required to report spam, at a minimum, to reduce abuse of this feature.

Oolon claims that just getting blocked will not in itself lead to your account being suspended. Of course he can't state that as a definite fact unless he's privy to the internal workings of Twitter, but even if he's technically correct, I think he's being disingenuous. What you have to understand is that Twitter's procedure for suspending accounts is highly automated and based on heuristics which Twitter keeps tweaking. Meanwhile, other people are busy reverse-engineering the system and figuring out how to game it to get people they don't like suspended. Do a google search for "twitter gulag" and "reply trap", and you will get an idea of the type of games that go on.

One tactic I've seen very often is that someone is added to the block bot and then some atheism-plus person - quite often oolon himself, or his sidekick Aratina Cage - will then start bombarding the blockee with tweets, and encourage other block bot users to do the same. This happened recently with @tkmlac being dogpiled on out of the blue by A. Cage and cronies. This looks a lot like classic "reply trap" behavior - the point being to provoke the target into replying. If you have been blocked but send more than a certain number of tweets to the people who have blocked you, it triggers a Twitter heuristic and you get suspended.

While we can't prove the block bot is being used with malicious intent, based on the observed pattern of behavior this seems quite likely. The bot certainly lends itself to such underhanded activities and automates them to a degree. In a way it's ingenious what oolon has done - he's succeeded in getting hundreds of people to give him control over their twitter accounts, to do with as he pleases. He can not only block on other people's behalf, he can post or delete their tweets, or basically do anything he likes.

Here again oolon is exploiting a shortcoming of the Twitter API. Not to get too technical, but when you authorize an app to access your twitter account, you have to give it a certain level of privileges. Some apps can post tweets on your behalf, others can't, depending on how much privilege you authorize. The problem is that the set of possible privileges is way too coarse-grained - it's pretty much all or nothing. Ideally (if I were running the block bot and wanted to use it in good faith) there should be a privilege level that specifically allowed an app to block on your behalf but do nothing else, and the block bot would only need to request this level of access.

So to sum up, there are worrying indications that the bot is being used in ways other than advertised, and people who sign up for it are giving away much more control of their account than probably most of them realize. This is why I would never use it nor encourage anyone else to use it, quite apart from the problem of letting someone else (whose agenda may not be the same as yours) control what you can and can't see on Twitter.

Tuesday, September 10, 2013

"Mild pedophilia" and major drama

I love Richard Dawkins' books. I think they are masterful examples of explaining science clearly and simply for a general audience. But when he speaks off the cuff, or tweets, he has been far less successful. His usual clarity seems to desert him, and he has to spend far more time explaining and doing damage control than he spent on the original remarks.

It's not always his fault. I've seen many tweets from him whose meaning seemed perfectly clear, and yet hordes of people were working themselves into a frenzy condemning him for saying the opposite of what he actually said. Some people just don't have adequate reading comprehension skills. And quite a few, I suspect, have it in for Dawkins to begin with, and they will see what they want to see. Or even understand perfectly well what he is saying, and still attack a strawman.

PZ Myers, never one to miss a chance for intellectual dishonesty, channels Oliver Cromwell. Many others are gleefully joining in the dogpiling. It's quite an astonishing display of victim-blaming by those who have the privilege of not having been victims. Perhaps some "STFU and listen" is called for here?

I've previously blogged about my own abusive childhood. I was groped on a couple of occasions, mostly by bullies at school, but the non-sexual physical, emotional and psychological abuse that I suffered was far more damaging.

It seems pretty clear to me what Dawkins is saying - the molesting that he personally experienced did not do significant lasting damage to him, though he acknowledges that there are degrees of sexual abuse and many victims had a more severe and harmful experience than him. Groping is bad, tearing someone's clothes off is worse, forcible penetration is worse still. This isn't rocket science, people!

When did the FTBullies become more morally absolutist than Bill Donohue? Why must they immediately jump to the most uncharitable possible interpretation of every word out of Dawkins' mouth? Okay, we know the answer to that one - they hate his guts, but lack the intellectual wherewithal to refute him.

So here's a final question: if Richard Dawkins can find it in his heart to forgive the man who groped him, rather than nursing a grudge for decades, who the hell are Myers & co. to condemn him for doing so?