About Those VPNs
December 26, 2018
News and chatter about VPNs are plentiful. We noted a flurry of stories about Chinese ownership of VPNs. We receive incredible deals for VPNs which are almost too good to be true. We noted this write up from AT&T (a former Baby Bell) and its Alienvault unit: “The Dangers of Free VPNs.”
The idea behind a VPN is hiding traffic from those able to gain access to that traffic. But there is a VPN provider in the mix. From that classic man in the middle position, the VPN may not be as secure as the user thinks.
The AT&T Alienvault viewpoint is slightly different: VPNs are the cat’s pajamas as long as the VPN is AT&T’s.
We learned from the write up:
Technically, VPN providers have the capacity to see everything you do while connected. If it really wanted to, a VPN company could see what videos you watched, read emails you send, or monitor your search history.
The write up points out without reference to lawful intercept orders, national security letters, and the ho hum everyday work in cheerful Ashburn, Virginia:
Thankfully, reputable providers don’t do this. A good provider shouldn’t take any logs of your activity, which means that although they could theoretically access your data, they discard it instead. These “no-log” companies don’t keep copies of your data, so even if they get subpoenaed by a government agency, they have no data that they can hand over. VPN providers may take different types of logs, so you need to be careful when reading the fine print of any potential provider. These logs can include your traffic, DNS requests, timestamps, bandwidth and IP address.
The write up includes a “How do I love thee” approach to the dangers of free VPNs.
Net net: Be scared. Just navigate to this link. AT&T provides VPN service with the goodness one expects.
By the way, note the reference to “logs.” Many gizmos in a data center offering VPN services maintain logs. Processing these auto generated files can yield quite useful information. Perhaps that’s why there are free and low cost services.
Zero logs strikes Beyond Search as something that is easy to say but undesirable and possibly difficult to achieve.
Are VPNs secure? Is Tor?
In January 2019, Beyond Search will cover more dark cyber related content. More news is forthcoming. Let’s face it enterprise search is a done deal. The Beyond Search goose is migrating to search related content plus adjacent issues like AT&T promoting its cheerful, unmonitored, we’re really great approach to online.
Stephen E Arnold, December 26, 2018
Search for a Person in China: Three Seconds and You Are Good to Go
December 26, 2018
I read “Welcome to Dystopia : China Introduces AI Powered Tracking Uniform in Schools.” The article explains that “China has started to introduce school uniforms which track pupils all the time.”
The “all” is problematic. A student equipped with the new uniform has to take it off, presumably for normal body maintenance and the inevitable cleaning process.
The overstatement, I assume, is designed to make the point that China is going to keep social order using smart software and other tools.
The new uniform “comes with two chips embedded in the shoulder areas and works with an AI-powered school entrance system, which is equipped with facial recognition cameras.”
Combined with other monitoring gizmos, the question, “Where’s Wong? can be answered in a jiffy. The write up explains:
The entrance system, powered by facial recognition camera, can capture a 20-second-long video of each pupil going in or coming out of the school. The footage will be uploaded onto an app in real time for teachers and parents to watch.An alarm will go off if the school gate detects any pupil who leaves the school without permission,
The article suggests that location and identification takes seconds.
One presumes the search results will be objective and ad free.
Stephen E Arnold, December 26, 2018
Factualities for December 26, 2018
December 26, 2018
Accurate data are everywhere on the Interwebs. Here’s a selection of rock solid factoids for your consideration. Believe ‘em or not.
1,700. Number of voice recording Amazon sent to a random person. Source: Threat Post
31. Number of major scandals in which Facebook was involved. Source: Buzzfeed
1. The number of requests from Slovakia’s government to Apple for help unlocking an Apple device. Source: Apple
1. Number of Microsoft products in wide use among Googlers. What’s the product? Visual Studio Code. Source: CNBC
11. Number of shirt buttons equipped as spying devices requested by the US embassy in Frankfurt, Germany. Source: Russia Today
1,000 dollars. The amount one would have to pay a Facebook user to quit the service. BoingBoing
Stephen E Arnold, December 26, 2018
Relatives Got You Down? Check Out BigQuery and Redshift
December 25, 2018
I read “Redshift Vs BigQuery: What Are The Factors To Consider Before Choosing A Data Warehouse.” With Oracle on the ropes and database technology chugging along, why pay attention to old school solutions?
The article sets out to compare and contrast BigQuery (one of the Google progeny known to have consorted with a certain Mr. Dremel.) Amazon has more database products and services than I can keep track of. But RedShift is one of them, and it is important if an intelware company uses AWS and the RedShift technology.
Which system is more “flexible”? I learned:
In the case of Redshift, if anything goes kaput during a transaction, Amazon Redshift allows users to perform roll-back to ensure that data get backs to the consistent state. BigQuery works on the principle of append-only data and its storage engine strictly follows this technique. This becomes a major disadvantage to the user when something goes wrong during the transaction process, forcing them to restart from the beginning or specific point. Another key point is that duplicating data in BigQuery is hard to achieve and costly. Both the technologies have reservations regarding insertion of streaming data, with Redshift taking edge by guaranteeing storage of data with additional care from the user. On the other hand, BigQuery supports de-duplication of streaming data in the most effective way by using time window.
The write up points out:
As compared to BigQuery, Redshift is considerably more expensive costing $0.08 per GB, compared to BigQuery which costs $0.02 per GB. However, BigQuery offers only storage and not queries. The platform charges separately for queries based upon processed data at $5/TB. As BigQuery lacks indexes and various analytical queries, the scanning of data is a huge and costly process. In most cases, users opt for Amazon Redshift as it is predictable, simple and encourages data usage and analytics.
Which is “better”? Not surprisingly, both are really swell. Helpful. But the Beyond Search goose was curious about:
- Performance
- Latency for different types of queries
- Programming requirements
But swell is fine.
Stephen E Arnold, December 25, 2018
Happy Holidays: Google News May Be Mortally Wounded
December 25, 2018
I read “Google Says EU Rules Will Force It to Cut News Services.” My first reaction was, “There goes traffic to the news Web sites.” Then I thought, “What traffic?”
The write up reports:
Google has claimed it will be forced to slash the range of news thrown up by its search engine if European rules to protect copyright owners come into force.
Those copyright rules were, in part, triggered by Google itself. The click loving newspapers took a middle of the road approach: Not good, not bad.
Now the EC has cranked out a copyright regulation with Article 11. The lingo refers to “neighboring rights.” The idea is that Google has surfed on hard working journalists’ work. I assume the fraudulent stories in Der Spiegel are not included. (Yikes, a back link. Trouble looms for the Beyond Search goose.)
If the GOOG sticks in a link, the GOOG has to pay the publisher. It gives me a headache to think about the “who”. Many newspapers are pastiches of content from a wide range of sources. The copyright sensitive Associated Press is not going to be happy if one of its syndicated stories is not handled in a way that makes the AP’s legal eagle happy.
To sum up: The Google News death watch has begun. Will the GOOG survive or will it succumb to the EC’s immune system?
Stephen E Arnold, December 25, 2018
DarkCyber for December 25, 2018, Is Now Available
December 25, 2018
DarkCyber for December 25, 2018, is now available at www.arnoldit.com/wordpress and on Vimeo. The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web and lesser known Internet services.
This week’s story line up includes… Australia legislates the unlocking of encryption backdoors… Dark Web counterfeiting ring kept unencrypted customer lists… which operating system provides online anonymity Tails or Qubes… and Dunkin Donuts loyalty points on the Dark Web just in time for the holidays.
First, Australia has become the first country to legislate that technology companies must assist law enforcement in decrypting encrypted messages. The law is controversial and has trigger expressions of concern from privacy advocates. DarkCyber reports that as a member of the Five Eyes organization, the Australian action may increase the resolve of the US, UK, Canada, and New Zealand to seek similar measures in 2019. Amendments to the new legislation are likely, but the Australian action is a significant development for law enforcement which is flying blind among the rapidly rising storm of encrypted communications which thwart many investigations.
Second, Austrian police cracked a Dark Web counterfeiting ring. Police seized fake euros and a list of customers. The names, shipping addresses, and other details were stored in an unencrypted form on computers and on paper. Austrian officials provided the information to Europol, which organized a series of coordinated operations in more than a dozen countries. Hundreds of arrests were made and the police are continuing their sweep. Dark Web criminals may use Tor for anonymity, but their understanding of operational security is poor.
Third, which secure operating is better for online anonymity? Tails is one of the systems used by many individuals. The system ships with Tor and other tools, including encrypted chat capabilities. Qubes is another system used by some individuals for increased security. Qubes, however, requires that the user set up the system, which relies on virtual machines. There are other options as well; for example, Whonix, JohnDo, and ImprediaOS, among others. The answer is that a person must understand the strengths and weaknesses of each option and choose a solution that fits one’s specific needs.
The final story reports that some Dark Web ecommerce vendors are selling Dunkin Donuts loyalty points. A customer with the Dunkin Donuts app and the stolen loyalty points can order donuts and other Dunkin Donuts products with minimal security checks. Discount sweets via the Dark Web have arrived just in time for the holidays.
Watch for information about our new blog (information service) DarkCyber. We will report the location of the service in Beyond Search.
Kenny Toth, December 25, 2018
AI Be Dumb Compared To Humans
December 24, 2018
Artificial intelligence and machine learning are supposed to solve everyone’s problems like smart analytics and big data were supposed to a few years ago. Yet it, as with everything, has its limitations and AI is really lagging behind the hype. CNET explains how dumb AI is in the article, “ ‘AT Is Very, Very Stupid,’ Says Google’s AI Leader, At Least Compared To Humans.”
Andrew Moore is one of Google’s vice president and the leader for the company’s AI cloud division. Moore said that AI is good at doing some tasks, but the algorithms cannot think outside the box or do any creative thinking. He does not want people to think he’s against AI, on the contrary, Moore is a huge AI supporter.
At the moment, the AI technology is limited, but it is great for certain tasks. These include language translation, mimicking human speech, and catching credit card fraud. The biggest AI breakthrough, however, was nine years ago and nothing has happened since. Will there be another breakthrough? Of course, but they have not discovered it yet.
“ ‘People feel whoever gets to GAI first maybe has a real edge in the world, but it’s questionable whether it’s going to happen or when it’s doing to happen…’ But for today’s AI technology, Moore is happy to see the glass as half full. ‘There is so much that we could do to increase safety of people in the world and increase productivity just using the existing tool sets,’ he said.”
How about making an AI that does not make humans obsolete? At least that is some time away.
Whitney Grace, December 24, 2018
—
Amazonia for December 24, 2018
December 24, 2018
Amazon operates at scale. For those who don’t want a lump of coal in their holiday stocking, Amazon cheer is in order:
Sharing the Digital Goodies
Amazon, according to the Inquirer, gave a customer access to another Amazon customer’s Alexa voice recordings. Just an error. According to the Inquirer,
It turns out two men has requested their data under Europe’s GDPR, and Amazon had just sent each set of files to the wrong person, ironically causing more GDPR paperwork. Source: The Inquirer
Amazon Means Delivering the Goods
Amazon is the new USPS. According to the New York Times, customers perceive that only Amazon can deliver gifts in time for the holiday. The newspaper adds its own Amazon commercial, stating “Amazon is far and away the leader in e-commerce, outpacing competitors like Wal-Mart, Target and eBay.”
Alleged Dirty Tricks
Bloomberg dissects the procurement dust up for the multi-billion dollar Department of Defense cloud computing contract. IBM and Oracle have signaled that whatever the DoD does will result in a loss for these two long-standing DoD vendors. There’s another dossier zipping around DC, complete with allegations of improper relationships. The Bloomberg story reveals that the dossier reveals that Amazon acquired ABD Advisor to pump out pro-Amazon information.
The Amazon Marketplace Jungle
Amazon’s marketplace has its own culture and its own rules. “Prime and Punishment” reveals what may be a digital jungle. Bogus reviews, dirty tricks, and eBay-inspired questionable products. Push through the underbrush for a look at the primitive life thriving in the Amazon.
Another Amazon Product Service Run Down
Wired explains why Amazon is the king of the digital jungle. The write up reveals that Amazon’s cloud services generate money. The write up states:
AWS offers so many cloud computing products and services that it would be cumbersome to name them all. In 2011, Amazon introduced AWS GovCloud, aimed at government agencies. Four years later, it launched AWS IoT, a platform for connecting and managing the plethora of connected devices known as the Internet of Things. Shortly after, the company won a $600 million contract to build AWS Secret Region, a cloud storage service for the CIA.
Advertising gets a mere three mentions, but our research teams anticipates that ads will be an opportunity for the company to put increased pressure on the fragmented colossus, Google.
AWS: How Big? $600 Billion Big
Business Insider reports that Amazon Web Services could be a $600 billion dollar business by itself. That’s a hefty number. But Excel spreadsheet fever is easy to catch at this time of year. Jeff Bezos himself believes Amazon can fail. So whom does one believe: The financial analyst or the king of the jungle?
Crystal City to Gleam Again?
The once lustrous Crystal City may gleam again. The reason? Amazon. The “Update On Amazon’s HQ2 Impact On Crystal City & Long Island City” states:
According to Trulia via Forbes, as of December 8, there were almost 100 properties for-rent or for-sale that mentioned Amazon’s new headquarters, or National Landing. A total of 44 neighborhoods across the DC metro area contained at least one listing that mentioned Amazon’s new campus (to be built) as a noted selling point.
What? Us Worry? Ask FedEx and UPS
FedEx and UPS may face a tough 2019. Amazon has added more aircraft to its fleet of airplane. According to CNet:
Amazon announced that it was expanding its fleet to 50 aircraft (up from 40). Amazon says this is to support the increasing number of Prime subscribers who expect free two-day delivery…. By adding 10 more aircraft, Amazon is expanding its fleet by 25 percent — a sizable increase.
UPS owns 247 aircraft and FedEx owns over 650. Nothing for these firms to worry about.
Amazon In House Brands
Amazon has more than 100 in house brands. Bloomberg points out:
Amazon has more data on what people shop for than anyone else and can lure people to its own brands with house ads and software-generated product suggestions online and through the Alexa digital assistant and prominent online placements like in the Solo and Dawn examples. And those brands may feel compelled to pay Amazon for ads to ensure their products remain front-and-center when shoppers go looking for them. Amazon loves to say it only thinks about what’s best for shoppers, but is it good for shoppers to have top product listings dominated by companies that pay Amazon for prominent placement and Amazon’s house brands?
If you own shares of Amazon, the answer is, “Yes.”
Stephen E Arnold, December 24, 2018
Big Data: Cost Control May Be a Challenge
December 24, 2018
I read “AI’s Dark Secret? A Desire for Data.” The write up states:
The AI revolution is hungry for personal data.
Those data come with a catch.
To ensure that AI algorithms work properly and to get the bugs out, they need to fed a consistent stream of data. The data needs to be reliable, accurate, and objective and that costs a lot of money. Venture Beat shares how data has a downside in the article, “Could Data Costs Kill Your AI Startup?”
AI startups that discover their funds are chipped away by data costs should consider moving that cost from the research and development line to the costs of goods sold column. The article explains it is a golden opportunity to scale up your company, drive costs down, so that margins will increase.
Startups use data in three basic ways: acquiring, storing, and annotating the data to train the algorithm model. All these steps cost money and can tack on more expenses based on what resources and services you offer. There are different ways to scale down costs at each of the steps, but how and what depends on your individual project. The best way is to figure out how to optimize not only your costs, but also all of your tools:
“The first successful AI businesses came to market offering AI-free workflow tools to capture data that eventually trained AI models and enhanced the tools’ value. These startups were able to achieve software margins early on, since the data and AI were secondary to the startup’s value proposition. As we move to more specialized applications of AI, however, the next wave of AI startups will face higher startup costs and will require more human labor to provide initial value to their customers, making them resemble lower-margin services businesses.”
The only fact you can be sure of with your AI startup is that costs will continue to rise. In order to maintain your relevancy and sell your product, figure out how you can make the most of everything available to you.
Whitney Grace, December 24, 2018
Quote to Note: Palantir Flaw
December 24, 2018
I read “Koverse Co-Founders Tap NSA Expertise to Build a Platform to Solve Unsolvable Tech Challenges.” Koverse is a big data company, based in Seattle. The firm’s engineers use the Apache Accumulo data management system. (Accumulo shares some DNA with the Google Bigtable data management system which is old enough to vote.)
Koverse’s competition includes Silicon Valley’s Palantir Technologies, a company worth billions that was started by PayPal co-founder Peter Thiel. Matsuo downplayed Palantir’s hype. “They have gaping holes in their product that we are starting to exploit,” he said.
That is an interesting comment about Palantir Technologies, a company which has captured a number of commercial and government customers. With an initial public offering rumored, Palantir may find the observations a bit negative.
The company offers its Precision search engine. The write up points out that Koverse has “unparalleled” scalability and security.
For more information about the NSA infused Koverse, navigate to www.koverse.com.
Stephen E Arnold, December 24, 2018