Persona management entails the use of software by which to facilitate the use of multiple fake online personas, or “sockpuppets,” generally for the use of propaganda, disinformation, or as a surveillance method by which to discover details of a human target via social interactions. Various incarnations of this capability have been discovered in the form of patents, U.S. military contracts, and e-mail discussions among intelligence contractors.
1 Known Aspects
2 Firms known to be involved
3 Text of 2010 USAF Solicitation
4 See Also
In the wake of the HBGary investigation, it was discovered that the federal contractor had bid on a call for applications by the USAF to develop persona software for apparent propaganda and/or infiltration purposes. CENTCOM later admitted to using such capabilities abroad, but denies using them in the English language or in a way that would explicit target U.S. citizens, an action which would be illegal. Global Business Solutions and Associates LLC, Uk Plus Logistics, Ltd., NevinTelecom, Bunker Communications and Planmatrix LLC., were also among those bidding to provide such software, according to documents discovered by Raw Story. The contract was later discovered to have been won by Ntrepid, which still later was confirmed to be a wholly-owned subsidiary of Cubic Corporation and led in large part by execs and employees of the latter firm.
On October 15th, 2010, HBGary Federal CEO Aaron Barr emailed Mantech CEO Robert Frisbie about considering Palantir Technologies for help “..on some of the integration for link analysis and data correlation. We will likely be able to get into some of the persona management logic..” Barr here attached the PDF titled Social Media Persona Development. At some point, Barr also deployed a primitive single persona, intended to represent an intelligence contracting employee and USAF veteran, on Facebook and Twitter. During his attempt to infiltrate Anonymous, Barr also planned to create at least two fake personas with the intention of using the first to “discredit” the second in order to gain influence within the movement. In both instances, Barr seems to have relied on manual trickery rather than employing specialized software of the sort that’s been developed elsewhere.
Patent 20090313274, created in an apparent join effort by IBM and the U.S. military (four members of which are listed as inventors), describes specific workings of a reasonably advanced persona management system, or at least a component thereof, providing software-based linguistic capabilities in order to retain “linguistic integrity” from conversation to conversation.
DARPA’s July 2011 BAA (Broad Agency Announcement) entitled Social Media in Strategic Communications indicates that such software will increasingly form a broad programmatic area of military operations, rather than being acquired piecemeal or in covert dealings, as has been the case in the past.
Firms known to be involved
Text of 2010 USAF Solicitation
Solicitation Number: RTB220610 Notice Type: Sources Sought Synopsis: Added: Jun 22, 2010 1:42 pm Modified: Jun 22, 2010 2:07 pmTrack Changes 0001- Online Persona Management Service. 50 User Licenses, 10 Personas per user. Software will allow 10 personas per user, replete with background , history, supporting details, and cyber presences that are technically, culturally and geographacilly consistent. Individual applications will enable an operator to exercise a number of different online persons from the same workstation and without fear of being discovered by sophisticated adversaries. Personas must be able to appear to originate in nearly any part of the world and can interact through conventional online services and social media platforms. The service includes a user friendly application environment to maximize the user’s situational awareness by displaying real-time local information. 0002- Secure Virtual Private Network (VPN). 1 each VPN provides the ability for users to daily and automatically obtain randomly selected IP addresses through which they can access the internet. The daily rotation of the user s IP address prevents compromise during observation of likely or targeted web sites or services, while hiding the existence of the operation. In addition, may provide traffic mixing, blending the user s traffic with traffic from multitudes of users from outside the organization. This traffic blending provides excellent cover and powerful deniability. Anonymizer Enterprise Chameleon or equal
0003- Static IP Address Management. 50 each Licence protects the identity of government agencies and enterprise organizations. Enables organizations to manage their persistent online personas by assigning static IP addresses to each persona. Individuals can perform static impersonations, which allow them to look like the same person over time. Also allows organizations that frequent same site/service often to easily switch IP addresses to look like ordinary users as opposed to one organization. Anonymizer IP Mapper License or equal
0004- Virtual Private Servers, CONUS. 1 each Provides CONUS or OCONUS points of presence locations that are setup for each customer based on the geographic area of operations the customer is operating within and which allow a customer?s online persona(s) to appear to originate from. Ability to provide virtual private servers that are procured using commercial hosting centers around the world and which are established anonymously. Once procured, the geosite is incorporated into the network and integrated within the customers environment and ready for use by the customer. Unless specifically designated as shared, locations are dedicated for use by each customer and never shared among other customers. Anonymizer Annual Dedicated CONUS Light Geosite or equal
0005- Virtual Private Servers, OCONUS. 8 Each Provides CONUS or OCONUS points of presence locations that are setup for each customer based on the geographic area of operations the customer is operating within and which allow a customer?s online persona(s) to appear to originate from. Ability to provide virtual private servers that are procured using commercial hosting centers around the world and which are established anonymously. Once procured, the geosite is incorporated into the network and integrated within the customers environment and ready for use by the customer. Unless specifically designated as shared, locations are dedicated for use by each customer and never shared among other customers. Anonymizer Annual Dedicated OCONUS Light Geosite or equal
0006- Remote Access Secure Virtual Private Network. 1 each Secure Operating Environment provides a reliable and protected computing environment from which to stage and conduct operations. Every session uses a clean Virtual Machine (VM) image. The solution is accessed through sets of Virtual Private Network (VPN) devices located at each Customer facility. The fully-managed VDI (Virtual Desktop Infrastructure) is an environment that allows users remote access from their desktop into a VM. Upon session termination, the VM is deleted and any virus, worm, or malicious software that the user inadvertently downloaded is destroyed. Anonymizer Virtual Desktop Infrastructure (VDI) Solution or equal.
Contracting Office Address: 2606 Brown Pelican Ave. MacDill AFB, Florida 33621-5000 United States
Place of Performance: Performance will be at MacDIll AFB, Kabul, Afghanistan and Baghdad, Iraq. MacDill AFB , Florida 33679 United States
SMISC: Social Media in Strategic Communication (DARPA-BAA-11-64, PDF) – 14.07.2011