Apps
Contact
Seminars
RSS FeedJanuary 27th, 2007
Statistics Hacking – BBC as a Propaganda Tool
BBC is one of the leading news websites. It is often ranked in top 10 most visited websites. Due to this, it wields an enormous amount of influence.
BBC monitors the popularity of a news item on at least two counts (i) Number of times the news item was read, and (ii) Number of times the news item was emailed. These correspond to the “Most E-mailed” and “Most Read” segments of the BBC website.
As we show next, any hacker can propel a selected news item to the top of the “Most E-mailed” news story. The effect of this is quite significant and is self-feeding, as the news story that stays on the most emailed section then continues to get attention, and therefore continues to be emailed.
What is Statistics Hacking?
We define Statistics Hacking to be a process in which a malicious user manages to modify the system usage statistics. Statistics Hacking explicitly refers to the situation where the resource (website or system) is available to the malicious user for acceptable usage, but the user is able to modify the system usage statistics using some unacceptable methodology.
Basic Vulnerability in the BBC’s System
This section highlights in detail the vulnerability in the BBC’s “Email this to a friend” system, and how it can be exploited by Statistics Hackers.
As of now, BBC does not employ any of the advanced methods to prevent statistics hacking. Instead, it only uses a small hash value, that is hardcoded inside the HTML form. It is not clear if this hash was intended as a security mechanism at all, anyway it has zero impact in this respect.
Hacker’s Code
In the scenario below, we assume that the Statistical Hacker is a dedicated health services professional, who wants to highlight the availability of HIV Home Screening Kit, a news story carried by BBC http://news.bbc.co.uk/2/hi/health/6212467.stm.
Hacker begins by opening that page manually in a web browser, and then manually clicking on the “Email this to a friend” link. When the smaller window with email form opens, the hacker views the source of that page. The source of the page reveals most of the information that the hacker requires to submit that form.
Hacker’s Code involves a very basic Java program, in which a URL connection is obtained to the URL of the “Email this to a friend” page. Using the hidden variables and their values obtained from the form source, hacker creates the content that is then written to the output stream of the URLConnection object.
[Specific code for this story can be found in the PDF version cited below.]
Methods of Protection Against Statistics Hacking
Following categories of methods are available against Statistics Hacking.
- Use Computerized Turing Test to Distinguish Humans from Computers
- Use clustering techniques or improved counting to ignore double counts when analyzing statistics
Summary
This is a simplified version of an in-print journal paper. Full pdf version of paper can be found below.
Reference
[1] “Statistics Hacking – Exploiting Vulnerabilities in News Websites”, Amrinder Arora, International Journal of Computer Science and Network Security, March 2007.
Download PDF.
January 3rd, 2007
Communism versus Democracy
Basic trouble with this question
A basic trouble with this question (and with all articles that attempt to answer it), is that it is analogous to asking whether a person prefers Coke or Wheat bread. It would be more meaningful to ask whether person prefers Coke or Pepsi, or whether the person prefers Wheat or White bread. Democracy does not contradict communism by itself, and communism does not contradict democracy by itself. A state can follow fully democratic system, and the citizens can choose to follow communism form of economy.
Definitions
- Communism is a form of economic structure that encourages public ownership and discourages private interests.
- Democracy is a form of government that allows all citizens to participate actively in the governance and in the decision making progress.
Perceived Groupings
The following are the perceived groupings, and used quite widely in commentaries and comparisons of democracy and communism.
| Group 1 | Group 2 |
| Democracy | No participation in government |
| Capitalism | Communism |
| Right of self determination | No right of self determination |
| Right of free speech | Government controlled information |
Democracy does not guarantee right of secession
United States is a democratic country – the citizens can vote and choose their representatives, who can then change the laws to reflect the desires of the citizens. In the 1860s, the civil war divided this democratic nation, and the desire to secede of a large populace was suppressed, not by a voting mechanism, but by force. This is a feature that is currently associated with a communist regime. Even in the current peaceful times, democratic nations do not allow a systematic process of secession; for example, every 4 years, the citizens of each state choose their representatives, but they do not choose whether or not to stay as part of the same country.
Objectively measuring the degree of capitalism or communism
Every country (democratic or not) incurs some public spending. The capitalist countries try to keep the public spending to minimum, while socialist/communist countries typically have larger public spendings. Still, what should we measure, and where should we draw the line? Let us start by first creating a measure. Here are some options:
- GDP percentage of public sector output versus private (commercial) sector output: This is an easy objective measure. In transparent government, this may be fairly accurate. Still, this has a limitation. Under pressure to increase or decrease the “capitalism index”, government may change salary structure by adding/decreasing benefits.
- Populace supported by public sector versus private sector: This is also an easy objective measure. Two potential problems with this are: (i) how to account for people with incomes from both government and commercial sectors, and (ii) how to account for disparities between standards of living among different people (hypothesize a government which hires 50% of population, but only provides subsistence living)