What xAI is doing to American Blacks is specific and intentional. It built de facto power plants with no permits, no public input, no notice, and when caught at Colossus 1 it told regulators it planned to copy and paste the same unlawful turbine strategy straight into Colossus 2. It says Black lives don’t matter.
This is not a zoning fight.
The company declared intent, on the record, to find Black neighborhoods to pollute into. They knew the law, named the workaround, and ran it again across the state line in Southaven to power Colossus 2. The pollution from both sites lands on the majority Black communities of the Memphis metro.
The scale of pollution is unbelievable. Over 400 MW of unpermitted gas generation to run the facility, turbines emitting NOx, fine particulate, and formaldehyde into a corridor already graded “F” for ozone, in a neighborhood with four times the national cancer risk.
That is xAI dumping measured harms, not modeled, measured into a neighborhood. You can see it all with the latest Brockovich Data Center map, where the damage is a forecast.
Source: Brockovich Data Center
With xAI the “AI” part means generating racist memes while pushing Black kids onto a nebulizer. Just this one company decided that the AI race meant they could get away with dumping harms into Black neighborhoods, to willfully break the Clean Air Act in the metro area defined by its race.
Where exactly?
Shelby County, Tennessee, which the VCU klavern map records as home to at least five Klan chapters, one of them the “Shelby County Klan”. Five Klan chapters in one metro! So the news is basically that a county known for harming Blacks was complicit with Musk’s “X” brand until the EPA found and closed their loophole this January.
These “X” militants in 1921 used bi-planes to firebomb Tulsa, OK. They also dropped racist propaganda leaflets across America, foreshadowing Elon Musk’s X platform.
Notably, the xAI attempts to exploit safety loopholes smell a lot like Tesla. Perhaps you recall Tesla’s Fremont plant ran up 112 air-quality violations since 2019, and had a 2024 abatement order for smog-forming emissions? Or perhaps you recall when the US government went after VW for diesel cheats causing pollution? Tesla at the time was feeding its “emissions-free” charging station with a dirty diesel engine. Tesla literally self-branded their diesel pollution as clean, while VW paid billions in fines, and so here we are today with the story of racist-meme engine xAI and their Klan Kounty Klowns pushing pollution on Black neighborhoods.
There’s a billionaire in South Korea acting like an Elon Musk. As you may remember from my earlier post, Musk regularly uses Tesla and Twitter to promote Hitler and demote democracy.
Starbucks Korea ran a “Tank Day” promotion on May 18 for a “Tank” tumbler line with the tagline to slam it down with a “Tak!” sound. This “bang the desk” line was read as mocking the torture death of student activist Park Jong-chul.
Source: BlueSky
The campaign is on the anniversary of the Gwangju Uprising, where the military killed hundreds of citizens in 1980. The official count stands near 165. Independent scholarship puts the dead between 600 and 2,300. The killing was by paratroopers and special forces with gunfire and bayonets, not by tanks as such, yet tanks are the symbol of the tragedy.
The Starbucks CEO was fired hours later and the stock crashed. Unlike America, where Elon Musk’s constant promotion of violent fascism is only growing, there has been immediate and fierce condemnation in South Korea.
Starbucks tumblers and mugs smashed during a protest against 2026 “Tank Day” campaign. Source: Yonhap via REUTERS
Trump’s second-term Cabinet started with more women than any recent Republican one. For thirteen months nobody left. Then in eleven weeks four women were gone, and every vacated seat passed to a man, three of them in an acting capacity, several of them Trump’s personal allies. This table shows the one-way swap.
Departed (woman)
Role
Replacement (man)
Tie to Trump
Kristi Noem
Homeland Security
Markwayne Mullin
Loyal sitting US senator
Pam Bondi
Attorney General
Todd Blanche (acting)
Trump’s former personal attorney
Lori Chavez-DeRemer
Labor
Keith Sonderling (acting)
Her own deputy
Tulsi Gabbard
Director of National Intelligence
Aaron Lukas (acting)
Principal deputy
And this table shows the rule: women left over performance or conduct problems, while men with same or worse problems stayed.
Commercial infrastructure was built to push unwanted content through trusted channels. It’s no stretch to say a state can place an order. We sometimes nonetheless hear people talk about PSYOP on tech as a novelty, as if it’s something more than a premium ad buy on a delivery system that was compromised the same way these systems have always been compromised for propaganda.
Nicolai’s personal records lay hidden since 1945 in Moscow’s ‘Special Archive’
The ad network operates as a primitive trust-laundering machine. It abuses a publisher’s credibility to drop a payload that a user would reject if it arrived under its own name. The ad buyer wants attention one day and the next day wants a political defection. Or maybe even the same day. The network bills the same way, either payload.
Compromise it once, reach every device that trusts it. This is what I was talking about in 2012 when I called it “Big Data’s Fourth V”.
By 2005 we were fighting supply chain risks from ads being injected. I remember it well. Malicious banner slots serving exploits through trusted publishers show up, and then landmark recognition events become the 2009 NYT malvertising incident, then the Angler-driven campaigns. Push content tampering was a big pain at the time, not to mention defacements.
By 2016 the security industry was talking malvertising as a constant threat. Pop the delivery platform, serve the payload through borrowed branding. If you think this wasn’t being used in wars, well I have news to push to you.
When web push went mainstream, browsers had to bolt permission gates onto the Push API because sites were abusing it to deliver scareware and ad spam straight to the desktop. The “fix” was called a trust prompt, which is ridiculous when you think about it. Imagine having a banner on disinformation banners bombers as a trust prompt.
Source: Me on Twitter, 2016
So all the BadeSaba hubub feels like rehashed malvertising with an obvious state as the buyer and defection as their creative intent. The prayer app is a very well-known publisher target surface for military intelligence.
Source: FP. “Above, a giant mujahid with “God is great” written on his jacket is shown defending Islam and God from Soviet assault. The text in the top right says “Shield of God’s Religion,” implying that the faith of the mujahideen will protect him from bullets. “
The notification backend is the ad server. The weeks or months of pre-positioning is barely persistence in a delivery platform, and the ordinary lifecycle of an adware campaign. Establish access, stay quiet, wait for the flight date, serve.
BadeSaba App pushing alerts. Source: Twitter
Start at 2009 and we’re talking at least seventeen years of this stuff in disinformation study circles. The Iranian Green Movement was being called a Twitter Revolution in real time. Mobile and social platforms as the delivery layer for regime-change messaging was the defining argument of that period, Iran specifically. And that’s exactly why I was talking about it a lot in 2012.
For some reason today, however, I see “nobody had done it” claims like this.
Push notifications on a smartphone are a more effective delivery mechanism than leaflets dropped from aircraft. That much should be obvious, but nobody had done it in a real war until now. In my book PROPAGANDA (CRC Press, 2024) I predict and describe exactly this scenario.
A 2024 prediction about something decades old seems, awkward? I feel bad for the author. He clearly wants to report something new. But what’s new?
Russia was pushing mobile text (apps, if you will) on Ukrainian soldiers through cell site simulators by 2014, with surrender appeals, threats, and fake payment alerts. Raphael Satter alone documented forty-plus of these messages at the front in May 2017, where an IMSI-catcher pushed content directly to phones in a combat zone.
That truly feels like forever ago, so let’s talk about July 2021. Attackers took control of the official Formula One app during Austrian GP qualifying and pushed notifications to the userbase. F1 confirmed Push Notifications Service was the only thing in scope. A trusted app’s notification channel, seized, used to send content the operator never authorized. The backend being the target and the push being the delivery was no joke, although it’s common to frame it that way to avoid investigations. A push backend hijack is in fact still a growing problem, such that BadeSaba is the same attack, different day.
Here’s another way to look at it.
Obscene and racist notifications were pushed to Apple News subscribers by Fast Company in September 2022. It’s not rocket science. A default password is the exploit for an entire delivery system, that gives a ride on Apple News, to hit the whole subscriber base under the provider identity. That is the point.
And even if we talk about synchronization being novel at war, there’s plenty of priors there too. Kursk, 6 August 2024. “I Want to Live” pushed surrender messages to Russian soldiers’ phones the same day Ukraine opened the cross-border offensive. Content to enemy phones, timed to a kinetic operation, calling for defection.
And this is why you should invite an historian to your research instead of waiting for the book promotion novelty party.
Indian troops in the Egyptian desert get a laugh from one of the leaflets which Field Marshal Erwin Rommel has taken to dropping behind the British lines now that his ground attacks have failed. The leaflet, which of course are strongly anti-British in tone, are printed in Hindustani, but are too crude to be effective. (Photo was flashed to New York from Cairo by radio. Credit: ACME Radio Photo)
a blog about the poetry of information security, since 1995
