Researchers have discovered a never-before-seen backdoor for Linux that's being used by a threat actor linked to the Chinese government. From a report: The new backdoor originates from a Windows backdoor named Trochilus, which was first seen in 2015 by researchers from Arbor Networks, now known as Netscout. They said that Trochilus executed and ran only in memory, and the final payload never appeared on disks in most cases. That made the malware difficult to detect. Researchers from NHS Digital in the UK have said Trochilus was developed by APT10, an advanced persistent threat group linked to the Chinese government that also goes by the names Stone Panda and MenuPass.

Other groups eventually used it, and its source code has been available on GitHub for more than six years. Trochilus has been seen being used in campaigns that used a separate piece of malware known as RedLeaves. In June, researchers from security firm Trend Micro found an encrypted binary file on a server known to be used by a group they had been tracking since 2021. By searching VirusTotal for the file name, ââlibmonitor.so.2, the researchers located an executable Linux file named "mkmon." This executable contained credentials that could be used to decrypt the libmonitor.so.2 file and recover its original payload, leading the researchers to conclude that "mkmon" is an installation file that delivered and decrypted libmonitor.so.2.

The Linux malware ported several functions found in Trochilus and combined them with a new Socket Secure (SOCKS) implementation. The Trend Micro researchers eventually named their discovery SprySOCKS, with "spry" denoting its swift behavior and the added SOCKS component. SprySOCKS implements the usual backdoor capabilities, including collecting system information, opening an interactive remote shell for controlling compromised systems, listing network connections, and creating a proxy based on the SOCKS protocol for uploading files and other data between the compromised system and the attacker-controlled command server.

European governments have "systematically" shrunk their railways and starved them of funding while pouring money into expanding their road network, a report has found. The Guardian: The length of motorways in Europe grew 60% between 1995 and 2020 while railways shrank 6.5%, according to research from the German thinktanks Wuppertal Institute and T3 Transportation. For every $1 governments spent building railways, they spent $1.7 building roads. "This is a political choice," said Lorelei Limousin, a climate campaigner with Greenpeace, which commissioned the report. "We see the consequences today with the climate, but also with people who have been left without an alternative solution to cars."

The report found the EU, Norway, Switzerland and the UK spent $1.6tn between 1995 and 2018 to extend their roads -- but just $0.99tn to extend their rail networks. In the four years that followed (2018-21), the average gap in investment in rail and road decreased from 66% to 34%. During that time, seven countries invested more in rail than roads -- Austria, Belgium, Denmark, France, Italy, Luxembourg and the UK -- while the rest spent more on roads than rail.

Under an agreement announced Monday, Joby Aviation will build hundreds of electric vertical takeoff and landing (eVTOL) aircraft in the same Ohio river valley where the Wright brothers pioneered human flight. The Associated Press reports: Joby's decision to locate its first scaled manufacturing facility at a 140-acre (57-hectare) site at Dayton International Airport delivers on two decades of groundwork laid by the state's leaders, Republican Lt. Gov. Jon Husted said. Importantly, the site is near Wright-Patterson Air Force Base and the headquarters of the U.S. Air Force Research Laboratories. The Wright brothers, Orville and Wilbur, lived and worked in Dayton. In 1910, they opened the first U.S. airplane factory there. To connect the historical dots, Joby's formal announcement Monday took place at Orville Wright's home, Hawthorn Hill, and concluded with a ceremonial flypast of a replica of the Wright Model B Flyer.

Joby's production aircraft is designed to transport a pilot and four passengers at speeds of up to 200 miles (321.87 kilometers) per hour, with a maximum range of 100 miles (160.93 kilometers). Its quiet noise profile is barely audible against the backdrop of most cities, the company said. The plan is to place them in aerial ridesharing networks beginning in 2025. The $500 million project is supported by up to $325 million in incentives from the state of Ohio, its JobsOhio economic development office and local government. With the funds, Joby plans to build an Ohio facility capable of delivering up to 500 aircraft a year and creating 2,000 jobs. The U.S. Department of Energy has invited Joby to apply for a loan to support development of the facility as a clean energy project.

An anonymous reader shared this report from TechCrunch: In March, WordPress.com owner Automattic made a commitment to the fediverse — the decentralized social networks that include the Twitter rival Mastodon and others — with the acquisition of an ActivityPub plug-in that allows WordPress blogs to reach readers on other federated platforms. Now, the company is announcing ActivityPub 1.0.0 for WordPress has been released allowing WordPress blogs to be followed by others on apps like Mastodon and others in the fediverse and then receive replies back as comments on their own sites.

Since the acquisition, the company has improved on the original software in a number of ways, including by now allowing the ability to add blog-wide catchall accounts instead of only per-author. It also introduced the ability to add a "follow me" block to help visitors follow your profile and a "followers" block to show off your followers, noted Automattic design engineer Matt Wiebe, in a post on X... For the time being, the software supports self-hosted WordPress blogs, but Wiebe teased that support for WordPress.com blogs was "coming soon."
Last year Automattic's CEO Matt Mullenweg announced Tumblr would add support for ActivityPub, the article adds. "But more recently, Mullenweg told us he's been investigating not only ActivityPub, but also other protocols like Nostr and Bluesky's AT Protocol."

Iranian hackers have hacked dozens of companies in the defense, satellite and pharmaceutical sectors this year using a fairly unsophisticated, blunt hacking technique, Microsoft warned in a new report. From a report: Many of these companies are based in the U.S., and the breaches come amid heavy U.S. sanctions targeting Iranian oil and petrochemical sales. Microsoft said Thursday that Iranian hacking group Peach Sandstorm -- which other firms also refer to as APT33, Elfin or Refined Kitten -- has been breaking into these companies by trying to guess multiple user accounts' passwords.

The password-spraying campaign took place between February and July this year, Microsoft found. In some cases, the hackers were able to exfiltrate data, and in others, they just lurked on the networks to see what intelligence they could gather. The Iranian group targeted thousands of companies as part of this monthslong campaign -- but was able to access only a small percentage of those organizations, Microsoft said.

An anonymous reader shares a report: The Streaming Era began with a promise of nurturing shows without fear of ratings pressure and quick cancellations. Of course, that was a lark. Soon enough, the streamers began slashing shows as quickly and brutally as any Nielsen-obsessed broadcaster, and they were all flooded with same complaint: "The streamers just cancel everything! Nothing gets more than a season anymore!" How true is that really? After all, the streamers are looking for hit shows, just like traditional networks. If a show gets high viewership relative to the cost of producing it, it gets renewed. Otherwise, it is canceled. That is how it has worked since the days of black-and-white TV.

To get to the heart of the matter, Variety Intelligence Platform (VIP+) and Luminate collaborated on a data exploration to determine how often the leading U.S.-based streaming and linear programmers have canceled series TV series over the past three years. The new report, "The Show Must Go Off," is an exhaustive statistical analysis that aims to settle one of the most hotly contested debates in the TV industry. The data covered all shows (scripted and unscripted) canceled between 2020 and Aug. 8, 2023. The major streamers (Netflix, Hulu, Disney+, Amazon Prime Video, Max, Apple TV+, Peacock, Paramount+) overall had a combined average cancellation rate of 12.2% -- not much higher than linear TV (10.8%), but less than half of broadcast TV alone over that period. Warner Bros. Discovery-owned Max (formerly HBO Max) was by far the most brutal when it comes to cancelling shows, coming in at 26.9%.

Criminal gangs behind a rise in bombings and shootings in Sweden in recent years are using fake Spotify streams to launder money, a Swedish newspaper reported earlier this month. From a report: Criminal networks have for several years been using money from drug deals, robberies, fraud and contract killings to pay for false Spotify streams of songs published by artists with ties to the gangs, an investigative report in Svenska Dagbladet claimed. They then get paid by the platform for the high number of streams, thereby laundering the money. The newspaper said its information had been confirmed by four gang members from separate criminal networks in Stockholm, as well as an anonymous police investigator.

Apple is extending an agreement to get modem semiconductors from Qualcomm for three more years, a sign that its ambitious effort to design the chips in-house is taking longer than expected. From a report: The new pact will cover "smartphone launches in 2024, 2025 and 2026," Qualcomm said in a statement Monday. The companies' agreement had been set to end this year, and the latest iPhone -- due on Tuesday -- was expected to be one of the last to rely on the Qualcomm modem chip. Instead, Qualcomm will maintain its lucrative position within Apple's supply chain. The iPhone maker is Qualcomm's largest customer -- accounting for nearly a quarter of revenue, according to data compiled by Bloomberg. And their relationship helps validate Qualcomm's claim to having the best smartphone modem, a critical component that allows devices to connect to the internet and make calls. Starting with the iPhone 12 generation, the chip has supported speedier 5G networks.

On August 30th the University of Michigan announced it had finally restored its internet connectivity and Wi-Fi network, according to the Ann Arbor News, "after several days of outages caused by a 'significant security concern,' officials said." The outage coincided with the first days of the new school year, although "classes continued through the outage." The internet was shut down on 1:45 p.m. on Sunday, Aug. 27, after the Information Assurance team at the university identified a security concern, according to previous reporting. The Information Assurance team fights cybersecurity threats and malicious actors... The investigation into the security issue is ongoing and no other information will be released, said Santa Ono, president of University of Michigan.
But a local CBS station heard some theories from cybersecurity experts: "The fact that they took their systems down, like proactively took their systems down, is the indication that it is a cybersecurity incident," said co-founder and CTO of SensCy Dave Kelly. "The reason why you do that is that you don't want it to spread further."

"They probably didn't know to what extent they'd been compromised," senior penetration tester and ethical hacker at NetWorks Group Chris Neuwirth said. "They probably didn't know how many accounts were compromised or the initial entry point that the threat actor used to gain access into the network." Sources close to the investigation told CBS News Detroit that U-M detected malware on its Wi-Fi network and decided to shut it down in response.

So, did the school avoid a disaster? Neuwirth thinks it very well could have. "They likely had very robust backups and data recover, plans, procedures in place that helped them make the decision very confidently and rapidly," he said. "Four days in that they're already bringing up their systems tells me that it's likely that a lot of what they had been preparing for worked."

Kelly said these types of incidents are on the rise. "There's been a large increase in cybersecurity incidents," he said. It's been trending up, quite frankly, for the last several years. It used to be that these threat actors were targeting the government and Fortune 500 companies, but they've started to, more and more over the years, look at universities."
Thanks to long-time Slashdot reader regoli for sharing the news.

The UK government will concede it will not use controversial powers in the online safety bill to scan messaging apps for harmful content until it is "technically feasible" to do so, postponing measures that critics say threaten users' privacy. Financial Times: A planned statement to the House of Lords on Wednesday afternoon will mark an eleventh-hour bid by ministers to end a stand-off with tech companies, including WhatsApp, that have threatened to pull their services from the UK over what they claimed was an intolerable threat to millions of users' security. The statement is set to outline that Ofcom, the tech regulator, will only require companies to scan their networks when a technology is developed that is capable of doing so, according to people briefed on the plan. Many security experts believe it could be years before any such technology is developed, if ever.

"A notice can only be issued where technically feasible and where technology has been accredited as meeting minimum standards of accuracy in detecting only child sexual abuse and exploitation content," the statement will say. The online safety bill, which has been in development for several years and is now in its final stages in parliament, is one of the toughest attempts by any government to make Big Tech companies responsible for the content that is shared on their networks.

Telecom operators in India, the second largest wireless market, would like internet companies to compensate for using their networks, a recommendation they've made to the local regulatory body, echoing a viewpoint that is gaining some momentum in other parts of the world but also stoking fears about violation of net neutrality. From a report: Jio, India's largest telecom operator with more than 450 million subscribers, recommended to the local regulator that internet companies should be made to "contribute" towards telecom network costs based on the traffic they consume, their turnover and number of users.

"We suggest that TRAI [India's telecom regulator] should recommend for OTT providers contributing in the network development and building a backbone for the country. In this effort, the Other OTT service providers should also be required to pay their fair share," said the unit of Reliance, which is run by Asia's richest man Mukesh Ambani. Reliance, which carries 55% share of India's total data traffic, contends that requiring internet companies to compensate for network usage will ensure a level playing field. Jio said there is a "near consensus" among telecom operators across the globe on this subject.

The Verge argues we're seeing "the end of the Googleverse. For two decades, Google Search was the invisible force that determined the ebb and flow of online content.

"Now, for the first time, its cultural relevance is in question... all around us are signs that the era of 'peak Google' is ending or, possibly, already over." There is a growing chorus of complaints that Google is not as accurate, as competent, as dedicated to search as it once was. The rise of massive closed algorithmic social networks like Meta's Facebook and Instagram began eating the web in the 2010s. More recently, there's been a shift to entertainment-based video feeds like TikTok — which is now being used as a primary search engine by a new generation of internet users...

Google Reader shut down in 2013, taking with it the last vestiges of the blogosphere. Search inside of Google Groups has repeatedly broken over the years. Blogger still works, but without Google Reader as a hub for aggregating it, most publishers started making native content on platforms like Facebook and Instagram and, more recently, TikTok. Discoverability of the open web has suffered. Pinterest has been accused of eating Google Image Search results. And the recent protests over third-party API access at Reddit revealed how popular Google has become as a search engine not for Google's results but for Reddit content. Google's place in the hierarchy of Big Tech is slipping enough that some are even admitting that Apple Maps is worth giving another chance, something unthinkable even a few years ago. On top of it all, OpenAI's massively successful ChatGPT has dragged Google into a race against Microsoft to build a completely different kind of search, one that uses a chatbot interface supported by generative AI.
Their article quotes the founder of the long-ago Google-watching blog, "Google Blogoscoped," who remembers that when Google first came along, "they were ad-free with actually relevant results in a minimalistic kind of design. If we fast-forward to now, it's kind of inverted now. The results are kind of spammy and keyword-built and SEO stuff. And so it might be hard to understand for people looking at Google now how useful it was back then."

The question, of course, is when did it all go wrong? How did a site that captured the imagination of the internet and fundamentally changed the way we communicate turn into a burned-out Walmart at the edge of town? Well, if you ask Anil Dash, it was all the way back in 2003 — when the company turned on its AdSense program. "Prior to 2003-2004, you could have an open comment box on the internet. And nobody would pretty much type in it unless they wanted to leave a comment. No authentication. Nothing. And the reason why was because who the fuck cares what you comment on there. And then instantly, overnight, what happened?" Dash said. "Every single comment thread on the internet was instantly spammed. And it happened overnight...."

As he sees it, Google's advertising tools gave links a monetary value, killing anything organic on the platform. From that moment forward, Google cared more about the health of its own network than the health of the wider internet. "At that point it was really clear where the next 20 years were going to go," he said.

Visa and Mastercard are planning to increase fees that many merchants pay when they accept customers' credit cards. From a report: The fee increases are scheduled to start in October and April, according to people familiar with the matter and documents viewed by The Wall Street Journal. Many of the increases are for online purchases. The changes could result in merchants paying an additional $502 million annually in fees, according to CMSPI, a consulting company that works with merchants.

Increases in network fees will make up a little more than half of that revenue, CMSPI estimated. The rest will come from increases in interchange fees, also called swipe fees. Merchants pay these fees when shoppers pay via credit card. The economy of interchange fees is largely hidden from shoppers. But the fees are a major source of contention between the card networks and merchants large and small, from giant online retailers to corner coffee shops. U.S. merchants paid an estimated $93 billion in Visa and Mastercard credit-card fees last year, according to the Nilson Report, an industry publication. That was up from about $33 billion in 2012. Merchants pass along at least some of that cost to consumers in the form of higher prices. More small businesses have started offering discounts to shoppers who pay by debit card, cash or check.

The FBI said Tuesday that it has taken down a network of hacked devices responsible for extorting tens of millions of dollars from victims around the world. From a report: US officials described the network known as Qakbot as one of the most notorious "botnets" in the world, referring to computer networks that have been infected with malicious software so that they can be controlled remotely without the owner's knowledge -- often to send phishing emails. These emails can in turn be used to hack into victims' computer systems, which attackers will hold for ransom.

Qakbot was instrumental in enabling cyberattacks against businesses and critical services around the world, according to US officials, including hits on the San Bernardino County Sheriff's Department and hospitals run by Prospect Medical Group. The latter resulted in the closure of emergency rooms and medical facilities across the US. US officials estimated that, since its creation in 2008, Qakbot had infected around 200,000 computers in the US and 700,000 globally.

Google DeepMind has launched a new watermarking tool that labels whether images have been generated with AI. From a report: The tool, called SynthID, will initially be available only to users of Google's AI image generator Imagen, which is hosted on Google Cloud's machine learning platform Vertex. Users will be able to generate images using Imagen and then choose whether to add a watermark or not. The hope is that it could help people tell when AI-generated content is being passed off as real, or help protect copyright. [...] Traditionally images have been watermarked by adding a visible overlay onto them, or adding information into their metadata. But this method is "brittle" and the watermark can be lost when images are cropped, resized, or edited, says Pushmeet Kohli, vice president of research at Google DeepMind.

SynthID is created using two neural networks. One takes the original image and produces another image that looks almost identical to it, but with some pixels subtly modified. This creates an embedded pattern that is invisible to the human eye. The second neural network can spot the pattern and will tell users whether it detects a watermark, suspects the image has a watermark, or finds that it doesn't have a watermark. Kohli said SynthID is designed in a way that means the watermark can still be detected even if the image is screenshotted or edited -- for example, by rotating or resizing it.

Helen Marie Plourde, an 86-year-old Minnesota resident, just spent over a month without home Internet and phone service because CenturyLink failed to fix a problem that began in July. From a report: CenturyLink didn't show up for scheduled appointments at her home in Saint Paul, Plourde told Ars in a phone interview on Thursday, August 24, one day after the latest missed service appointment. Another appointment was scheduled for August 28, but she was skeptical that it would actually happen. "I'll believe it when I see them," Plourde said. Plourde buys broadband through Velocity Telephone, which resells CenturyLink fiber service in her area and acts as an intermediary between customers and CenturyLink for repairs. Velocity told us that it set up CenturyLink appointments for Plourde on August 10, August 17, and August 23, but no CenturyLink technicians showed up to any of the appointments.

We talked to Plourde after hearing from Amalia Deloney, whose parents live nearby. Christopher Mitchell, director of the Community Broadband Networks Initiative with the Institute for Local Self-Reliance in Minneapolis, put Deloney in touch with us. "For the past month, [Plourde] has been going to my mom and dad's house to use the Internet two times a day because hers went out and CenturyLink can't be bothered fixing it. She's ready to write letters to elected officials and the Utilities Commission out of desperation," Deloney said. That didn't end up being necessary because CenturyLink sprang into action after Ars contacted the company's media relations team on Thursday night. A CenturyLink technician went to Plourde's home on Friday morning and fixed a line problem on a nearby street, restoring her Internet and VoIP phone service. Velocity, the CenturyLink reseller, also offers its own fiber service on infrastructure it owns in parts of Minnesota, but not where Plourde lives. Comcast is the other option at Plourde's house. She chose Velocity to support a local company.

"The green energy revolution still faces a huge obstacle: a lack of long-term, cost-efficient renewable storage," writes the Washington Post.

But then they check in on a Finnish start-up running the world's first commercial-scale sand battery, which uses solar panels and wind turbines to heat sand-filled vats (up to 1,000 degrees) to back up district heating networks: The sand can hold onto the power for weeks or months at a time — a clear advantage over the lithium ion battery, the giant of today's battery market, which usually can hold energy for only a number of hours.

Unlike fossil fuels, which can be easily transported and stored, solar and wind supplies fluctuate. Most of the renewable power that isn't used immediately is lost. The solution is storage innovation, many industry experts agree. In addition to their limited capacity, lithium ion batteries, which are used to power everything from mobile phones to laptops to electric vehicles, tend to fade with every recharge and are highly flammable, resulting in a growing number of deadly fires across the world. The extraction of cobalt, the lucrative raw material used in lithium ion batteries, also relies on child labor. U.N. agencies have estimated that 40,000 boys and girls work in the industry, with few safety measures and paltry compensation. These serious environmental and human rights challenges pose a problem for the electric vehicle industry, which requires a huge supply of critical minerals.

So investors are now pouring money into even bigger battery ventures. More than $900 million has been invested in clean storage technologies since 2021, up from $360 million the year before, according to the Long Duration Energy Storage Council, an organization launched after that year's U.N. climate conference to oversee the world's decarbonization. The group predicts that by 2040, large-scale, renewable energy storage investments could reach $3 trillion. That includes efforts to turn natural materials into batteries. Once-obscure start-ups, experimenting with once-humble commodities, are suddenly receiving millions in government and private funding. There's the multi-megawatt CO2 battery in Sardinia, a rock-based storage system in Tuscany, and a Swiss company that's moving massive bricks along a 230-foot tall building to store and generate renewable energy. One Danish battery start-up, which stores energy from molten salt, is sketching out plans to deploy power plants in decommissioned coal mines across three continents...

But in order to succeed, natural batteries will need to provide the same kind of steady power as fossil fuels, at scale. Whether that can be achieved remains to be seen, say energy experts. And the industry may be subject to the same pitfalls that loom over the renewables energy sector at large: Projects will need to be constructed from scratch, and they might only be adopted in developed countries that can afford such experimentation. Lovschall-Jensen, the CEO of a Danish molten salt-based storage start-up called Hyme, says the challenge will be maintaining the same standards to which the modern world has become accustomed: receiving power, on demand, with the flip of a switch.

He believes that natural batteries, though still in their infancy, can serve that goal.

New submitter Slash_Account_Dot shares a report from 404 Media, a new independent media company founded by technology journalists Jason Koebler, Emanuel Maiberg, Samantha Cole, and Joseph Cox: Customs and Border Protection (CBP), part of the Department of Homeland Security, has bought millions of dollars worth of software from a company that uses artificial intelligence to detect "sentiment and emotion" in online posts, according to a cache of documents obtained by 404 Media. CBP told 404 Media it is using technology to analyze open source information related to inbound and outbound travelers who the agency believes may threaten public safety, national security, or lawful trade and travel. In this case, the specific company called Fivecast also offers "AI-enabled" object recognition in images and video, and detection of "risk terms and phrases" across multiple languages, according to one of the documents.

Marketing materials promote the software's ability to provide targeted data collection from big social platforms like Facebook and Reddit, but also specifically names smaller communities like 4chan, 8kun, and Gab. To demonstrate its functionality, Fivecast promotional materials explain how the software was able to track social media posts and related Persons-of-Interest starting with just "basic bio details" from a New York Times Magazine article about members of the far-right paramilitary Boogaloo movement. 404 Media also obtained leaked audio of a Fivecast employee explaining how the tool could be used against trafficking networks or propaganda operations. The news signals CBP's continued use of artificial intelligence in its monitoring of travelers and targets, which can include U.S. citizens. This latest news shows that CBP has deployed multiple AI-powered systems, and provides insight into what exactly these tools claim to be capable of while raising questions about their accuracy and utility. "CBP should not be secretly buying and deploying tools that rely on junk science to scrutinize people's social media posts, claim to analyze their emotions, and identify purported 'risks,'" said Patrick Toomey, deputy director of the ACLU's National Security Project. "The public knows far too little about CBP's Counter Network Division, but what we do know paints a disturbing picture of an agency with few rules and access to an ocean of sensitive personal data about Americans. The potential for abuse is immense."

Fiber-optic cables that were damaged by a rockfall in an undersea canyon, resulting in slow internet connections in some parts of Africa, should be repaired next month by a specialized vessel, according to telecommunication companies. From a report: The West Africa Cable System that runs about 16,000 kilometers (9,950 miles) along the sea floor from Europe to southern Africa was damaged with other lines earlier this month. The 40-year-old cable-layer vessel Leon Thevenin, named after a French telegraph engineer, was moored in Cape Town this week, according to tracking data compiled by Bloomberg. It's capable of working in extreme conditions and in shallow or deep water, according to owner Orange Marine, a submarine telecommunications company. All South African networks are currently experiencing disruptions due to the damaged lines, said Anne-Caroline Tanguy, a spokeswoman at Cloudflare, a company that provides load balancing and analysis. The repairs are expected to be finished in September.

An anonymous reader quotes a report from Ars Technica: Political polarization in the US has become a major issue, as Republicans and Democrats increasingly inhabit separate realities on topics as diverse as election results and infectious diseases. [...] Now, a team of researchers has tested whether social media can potentially help the situation by getting people with opposite political leanings talking to each other about controversial topics. While this significantly reduced polarization, it appeared to be more effective for Republican participants. The researchers zeroed in on two concepts to design their approach. The first is the idea that simply getting people to communicate across the political divide might reduce the sense that at least some of their opponents aren't as extreme as they're often made out to be. The second is that anonymity would allow people to focus on the content of their discussion, rather than worrying about whether what they were saying could be traced back to them.

The researchers realized that they couldn't have any sort of control over conversations on existing social networks. So, they built their own application and hired professionals to do the graphics, support, and moderation. [...] People were randomly assigned to a few conditions. Some didn't use the app at all and were simply asked to write an essay on one of the topics under consideration (immigration or gun control). The rest were asked to converse on the platform about one of these topics. Every participant in these conversations was paired with a member of the opposing political party. Their partners were either unlabeled, labeled as belonging to the opposing party, or labeled as belonging to the same party (although the latter is untrue). Both before and after use of the app, participants answered questions about their view of politicized issues, members of their own party, and political opponents. These were analyzed in terms of issues and social influences, as well as rolled into a single index of polarization for the analysis.

The conversations appeared to have an effect, with polarization lowered by about a quarter of a standard deviation among those who engaged with political opponents that were labeled accordingly. Somewhat surprisingly, conversation partners who were mislabeled had a nearly identical effect, presumably because they suggested that a person's own party contained a diversity of perspectives on the topic. In cases where no party affiliation was given, the depolarization was smaller (0.15 standard deviations). The striking thing is that most of the change came from Republican participants. There, polarization was reduced by 0.4 standard deviations. In contrast, Democratic participants only saw it drop by 0.1 standard deviations -- a change that wasn't statistically significant. The error bars of the two groups of party members overlapped, however, so while large, it's not clear what this difference might tell us. The researchers went back and ran the conversations through sentiment analysis and focused on people whose polarization had dropped the most. They found that their conversation partners used less heated language at the start of the conversation. So it appears that displaying respect for your political opponents can still make a difference, at least in one-on-one conversations. While the conversations had a larger impact on people's views of individual issues, it also influenced their opinion of their political opponents more generally, and the difference between the two effects wasn't statistically significant. The findings have been published in the journal Nature Human Behavior.