Weaponizing Cyberpsychology and Subverting Cybervetting

Monday, August 01, 2011

Rafal Los


Weaponizing Cyberpsychology and Subverting Cybervetting for Fun, Profit and Subterfuge

If you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place.” --Eric Schmidt

Nothing to hide, nothing to fear?  Not so fast there!  Almost everything we do in life leaves a personality footprint and what we do on online social networking sites like Facebook is no exception.

While the benefits of online social networking are being discovered at an immense pace,  how much do we really understand about the risks and how to deal with them?

In a talk to be shared for the first time at DEF CON 19, members from the UK based volunteer organization the OnlinePrivacyFoundation.org will share the results of their research on examining to what extent it is possible to determine someone’s personality through their Facebook activity.

The talk will cover:

  • An introduction to personality traits theories
  • How the research was conducted
  • What it is possible to determine about someone's personality from their Facebook profile activity
  • Discussion on the strength of the results and what they can be used for good, and bad
  • Steps you can take to manage or even alter your 'NetRep' (online reputation)
The talk is aimed to appeal to a wide audience and will raise fundamental questions about privacy, freedom and the use of personality footprints.

This area of research is important for society as knowledge of someone’s personality traits could be used and abused for a variety of purposes, including marketing, employee screening and scam based crimes. 

Given the ubiquity of personality testing in corporations (Cha, 2005)  and the rise in popularity of Online Social Networking, it is perhaps unsurprising that we’re also beginning to see the use of social networks in pre-employee screening. 

To date, such screening is based on a manual analysis of profiles which trigger certain criteria, such as keywords, affiliation with certain groups and sexually explicit photos. 

The Online Privacy Foundation set out to look at just how far personality traits could be determined through social networks, and  what impact this might have on society.

With express permission from over 500 participants, the Online Privacy Foundation conducted a research study called 'The Big 5 Experiment'. The study aimed to extend existing research and examine whether online social media profiles and usage can be used as an indicator of personality traits and whether this is of a practical significance.

A purpose-built Facebook application was used to collect self-reported ratings on the 44-question Big Five Inventory (John, Nauman, & Soto, 2008), providing measures of openness, conscientiousness, extroversion, agreeableness and neuroticism, commonly referred to as “The Big 5”.

The application also retrieved 74 Facebook data points including sex, age, biography and quotes length and number of friends and also examined the linguistic usage and word counts in posts and photo descriptions. In terms of data points, this is the largest study of personality prediction through OSN activity.

The team will share results and provide discussion on practical usage, areas of further research and some of the mistakes they learned along the way.

You should leave the talk with an insight into how the ‘Big 5 Experiment’ results could be used and abused, by whom and for what purpose. Should you wish to conduct your own research, related or not, you should also learn from what proved to be a rather fascinating experience in carrying out the experiment.

The talk is titled “Weaponizing Cyberpsychology and Subverting Cybervetting for Fun, Profit and Subterfuge” and is scheduled for Saturday 6th of August at 1300hrs in the Penn & Teller Theater in the RIO Hotel, Las Vegas.

More details are available here: http://www.defcon.org/html/defcon-19/dc-19-speakers.html#Sumner

Cross-posted from Following the White Rabbit

Possibly Related Articles:
Facebook Privacy Social Networking Psychology Profiling DEFCON
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.