
Request: Advice on Effective Data Poisoning - dredmorbius
https://old.reddit.com/r/MKaTH/comments/86ofkl/req_advice_on_effective_data_poisoning_serious/
======
salgernon
I suspect that will just add another few bits of user-specific information to
key advertisements to: [√] Believes $TRACKER won't notice attempt at
obfuscation.

------
cat-turner
I've thought about this as well. One idea I've has is releasing a data bamb,
in a sense that a huge amount of information is injected along with your
interaction. An example of this would be you open your browser and put in a
search term for cat food, and a server you are running picks up your activity
(opening a browser), then plugs in 100s of search terms for random, unrelated
things while logged into your account. Or at minimum send get requests from
your in address for you.This essentially adds noise, which one can be done in
different ways.

~~~
lazyant
Shouldn't one of the main properties of data poisoning be that it should go
undetected? otherwise the collector agency (FB, whatever) can just develop an
algorithm to flag that new data.

------
sanxiyn
I think people who are looking for data poisoning solution should install
AdNauseam, immediately.

[https://adnauseam.io/](https://adnauseam.io/)

~~~
mr_toad
Looks interesting, but I wonder if ad networks would just flag the user as a
bot.

~~~
cat-turner
As long as the adnetworks start ignoring user, isn't that the point?

~~~
dredmorbius
Actually, sorting out what your point is might be a good starting, erm, point.
What's your threat model, what do you hope to protect / avoid / guarantee?

------
DataWorker
I’m afraid this is one of those cases where the Pandora’s box has already been
opened. At a massive scale you could allow a data breach of bad data, like
experian pretends to lose data but the data are fake. I sometimes wonder if
that’s what the opm breach was all about, but that’s giving way too much
credit.

