Medical Intelligence Sentinels
April 29, 2020
Analysts at the U.S. National Center for Medical Intelligence were concerned about the novel coronavirus well before most of the country. That is because researchers at the agency are good at their jobs; if only those in charge would listen to them. The Star Advertiser shares the article, “Medical Intelligence Sleuths Tracked, Warned of New Coronavirus.” A division of the Defense Intelligence Agency, the organization has been around since World War II, when it was part of the U.S. Army Surgeon General’s office. The article reports:
“At least 100 epidemiologists, virologists, chemical engineers, toxicologists, biologists and military medical expert — all schooled in intelligence trade craft — work at the medical intelligence unit, located at Fort Detrick in Frederick, Maryland. … Most of the information they study is public, called ‘open source’ material. A local newspaper in Africa might publish a story about an increasing number of people getting sick, and that raises a flag because there’s no mention of any such illness on the other side of the country. A doctor in the Middle East might post concerns about a virus on social media. But unlike organizations such as the WHO, the medical intelligence team, part of the Defense Intelligence Agency, also has access to classified intelligence collected by the 17 U.S. spy agencies. The medical unit can dig into signals intelligence and intercepts of communications collected by the National Security Agency. It can read information that CIA officers pick up in the field overseas. The National Geospatial-Intelligence Agency can share satellite imagery and terrain maps to help assess how a disease, like Ebola or avian flu, might spread through a population.”
The quality and availability of information varies by region. Countries with underdeveloped health systems may not compile good data, for example, while some governments cannot be trusted to admit how serious an epidemic is. In such cases, researchers rely more heavily on reports from the local level. The scientists analyze data from these many sources on infectious diseases, natural disasters, toxic materials, bioterrorism, and different countries’ preparedness for each type of threat. They regularly report their conclusions to military commanders, defense health officials, and policymakers. Constantly on the lookout for threats to our armed forces overseas and our citizens at home, these professionals should really be given the consideration they deserve.
Cynthia Murrell, April 29, 2020
Amazon: Zooming Toward Google Hangouts?
April 28, 2020
DarkCyber spotted this Thomson Reuters’ story: “Amazon Tests Screening New Merchants for Fraud via Video Calls in Pandemic.” The news story reveals that yes, indeed, Amazon has its own Zoom-type service. What struck DarkCyber as peculiar was that the focus was Covid fraud, not the Amazon video conference service or the Amazon video technology. You can learn about the AWS pay-for-what-you-use service on the Amazon Chime information page. Amazon says:
AWS will offer free use of all Amazon Chime Pro features for online meetings and video conferencing from March 4, 2020 to June 30, 2020 for all customers that start using Amazon Chime for the first time during this period from their AWS account. This does not include PSTN services or charges related to PSTN services, such as Amazon Chime Voice Connector, call-me or meeting dial-in. Customers who are already using Amazon Chime can also contact their AWS account managers to see if they are eligible for credits for Amazon Chime usage during this period.
There are a number of interesting Amazon patents related to video communications. These range from facial recognition to active overlays.
Most of the DarkCyber research time said, “Who knew?” Marketing is not Job One at the online bookstore at this time. Maybe that will change once Mr. Bezos settles into his favorite seat: Driving the Bezos bulldozer.
Stephen E Arnold, April 29, 2020
DarkCyber for April 28, 2020: Free Cyber Warfare Book, Spy Insights, the Info Gap Map, and HaaS
April 28, 2020
The April 28, 2020, DarkCyber tackles four stories this week. This week’s program is available via the DarkCyber blog, Vimeo, or YouTube. This week’s stories include information that is otherwise difficult to locate.
You can download a comprehensive look at cyber warfare published by the Carnegie Endowment for International Peace. The book covers cyber intelligence and methods of cyber warfare. DarkCyber’s Stephen E Arnold and former CIA spy Robert David Steele discussed misinformation in a one hour interview which is available on the Phi Beta Iota Web site. DarkCyber includes an extract from the discussion about obtaining hyper local data about people, events, and places. The information gap map illustrates how little digital information is available in free Web search systems. The map makes clear that anyone relying on Bing, Google, Yandex, and other free Web search systems is likely to be drowned in misinformation. The program explains how to access a no cost honeypot as a service. HaaS makes it possible to explore malware and learn about exploits in a controlled environment. The link to the service is provided in the program.
Kenny Toth, April 28, 2020
Palantir to Help HHS Track Coronavirus
April 28, 2020
With Peter Theil’s ally in the Oval Office, Palantir Technologies’ fortunes have ballooned. Now, in addition to working with intelligence, military, and law enforcement agencies, the data-mining firm has contracted with the Department of Health and Human Services. The Daily Beast reports, “Team Trump Turns to Peter Theil’s Palantir to Track Virus.” Sources say the company will contribute a major aspect of the HHS Protect Now platform, perhaps even its core element. That element is rumored to be the existing Foundry data integration and management platform. The CDC has been using Foundry to track hospitals’ efforts to cope with the surge in COVID-19 patients.
Reporters Erin Banco and Spencer Ackerman write:
“The HHS Protect Now platform, which is set to be unveiled later this week, pulls data from across the federal government, state and local governments, healthcare facilities, and colleges, to help administration officials determine how to ‘mitigate and prevent spread’ of the coronavirus, according to a spokesperson for the department. HHS told The Daily Beast that the department was working with the Centers for Disease Control and Prevention (CDC) and the Federal Emergency Management System (FEMA) on scaling the HHS Protect Now project, which became operational on April 10. … HHS said it has 187 data sets integrated into the platform, with inputs that include hospital capacity and inventories, supply chain data from the government and industry, diagnostic and geographic testing data, demographic statistics, state policy actions, and coronavirus and flu-like emergency department data. The spokesperson also said HHS was relying on ‘private sector partner contributions of data.’”
The tool generate models to predict the spread of the disease as well as the impact of decisions by the administration’s task force, state governments, and local leaders.
Cynthia Murrell, April 28, 2020
Remote Work and Enterprise Search: Implement Now!
April 28, 2020
The US and other countries has been shut down for more than a month. Companies of all sizes are struggling for revenue. The shift to WFH (work from home) is not exactly going on as smoothly as paint at a pre lockdown Peugeot plant.
The enterprise search idea articulated by a person once affiliated with IBM Watson is a stunner. You can get the full scoop in the online publication RTInsights. (No, this RT is not part of the Russian propaganda system.)
“Making Remote Work More Effective with Enterprise Search” argues that the WFH crowd can be productivity pythons. Forget the kids, the loneliness, the hassles with shopping, the security goblins, and the fear of losing one’s job. Put them out of your mind, WFH’ers. You can be a productivity python.
Sort of.
First, your employer — assuming you have one — must have an enterprise search in place. Failing that, your employer must spend money to license a suitable service. Hey, why not Sinequa, the French system which also does Big Data, analytics, and phenomenal marketing.
Now there are a couple of very minor issues to address; for example:
- Conducting a content inventory, determining what information can be accessed by an authorized WFH’er.
- The security and access controls must be defined, put in place, tested, and deployed.
- The indexing cycles must be determined because WFH’er presumably put in their 12 hour days across time zones, from a variety of computing devices, and in chunks. (Someone has to remove the Amazon packages from the door step before a bad actor removes the inviting parcels with a smile logo.)
- A workflow for getting employee generated content into the system and then getting the “real time indexing” which vendors stress their system performs to index in a reliable manner.
- Assisting employees who use the WFH system and cannot find the document a colleague said was in the system on the Zoom call that ended five minutes ago. The basic questions are, “Where is the document? When will it be available? Who’s in charge of this clown car?
Second, candidate information must be located, vetted, and converted to a format that the enterprise search system can process. Videos, audio files, images, and proprietary file formats may be a bit of a challenge in terms of time and resources.
Third, the system must be made to work. No, I mean it, deliver results employees or authorized users need. How many enterprise search systems deliver on this final point?
The write up explains:
Almost all knowledge-intensive organizations have a digital workplace that includes enterprise search, which connects employees to the content they need to complete a given task. Companies typically either deploy a rudimentary open-source kit that relies on search queries using keywords or a larger ecosystem like Microsoft, Google, or IBM, which tend to exclude content and data stored outside of the ecosystem.
What?
Oh, here’s the point:
Now is the time for organizations to think about the way employees access content platforms and how that is impacting employee productivity, knowledge sharing, and competitive advantage.
Based on the research Martin White and I did for oru book Successful Enterprise Search Management, the time required to deploy an enterprise search system was measured in months, often years. Tossing in the WFH requirement is going to add more time and cost to those sensitive to data access, indexing cycles, optimization, and other easy-to-ignore factors.
The benefits of providing enterprise search for WFH’ers remind me of the IBM Watson promises about smart software: Failure and massive costs, a loss of stakeholder value, and the distinction to be removed from Houston’s cancer hub.
To sum up, Sinequa’s sales pitch wrinkled the DarkCyber forehead a tiny bit:
- Glittering generalities about off site access to certain content is not something one just “thinks about.” Real management effort is required to avoid loss of trade secrets, sensitive information, and data which may be subject to government restrictions.
- The data supporting the assumption “better, faster, cheaper search yields more productivity (whatever that is). There is zero evidence that WFH’ers will be more or less productive if enterprise search is available. Right now, finding information is more like a Zoom call, not a session online hunting through results lists and waiting for results lists to appear.
- Phishing and other exploits. Security is not automatic. Security takes work. Oracle tried to sell its search system with Oracle security. No one in my experience was prepared to go through the hoops necessary to implement secure search. The result silos. What’s the cost for the WFH cohort? Probably more than some organizations are able to pay. (The May 12, DarkCyber video news program profiles a free-for-now open source solution to certain types of exploits. That’s a solution for those with handy infosec skills.)
Most applications used by WFH’ers include some type of search function. When information is not available, send an email or, better yet, hop on a Zoom call. And don’t forget Google, the millennials’ Swiss Army knife for information, or some social media scanning.
Enterprise search has not created productivity pythons in the more than 50 years information retrieval systems have been available.
Net net: Using Covid, WFH, and rusted buzzwords like enterprise search may not move the revenue meter. Invoking the tired, cheers-for-hire outfits like Gartner and IDC won’t do the job either. New types of information access systems are available. For examples, check out CyberOSINT: Next Generation Information Access. Even millennials will find some of these newer systems a refreshing findability option. As for enterprise search, its day in the sun faded with vendors’ inability to deliver results for licensees. Don’t believe me? Just ask former customers of Delphis, Entopia, Fast Search & Transfer, and the other precursors of today’s laborers in the search-and-retrieval Incan potato terraces.
Stephen E Arnold, April 28, 2020
IBM and Ethical AI: Are Wrong Answers Acceptable? But What Is Incorrect?
April 28, 2020
IBM can be surprising. A new president, the fizzle of IBM Watson’s Houston cancer initiative, and the blaming of the firm’s financial woes on Covid19.
Have these issues dampened IBM’s taste for grandstanding?
“IBM’s Pandemic Plan: Supercomputing, New Inventions and Tracking Employees” illustrates what may be the company’s fresh, new approach to becoming really, really relevant.
According to the write up, IBM signed the Pope’s call for AI Ethics. The IBM executive tapped to be the thought leader for ethics, a murky, contentious Philosophy 101 concept, is John Kelly III, an executive charged with making the IBM Watson Health unit perform like a Seal Team 6 professional.
Here are a couple of observations Mr. Kelly made in an interview, which comprise the core of the article cited above:
Here’s one about the value of AI, supercomputing, and great leadership:
We said, “Here’s more compute power than anybody’s ever had access to, for free: Go find solutions to the problems.” They told us that the rate of discovery is just off the charts.
The only hitch in the git along is that none of the AI wizards, including IBM’s and its computing power, has delivered a fix for the virus. In fact, the lack of tangible results makes the virtue signaling claims of IBM and others look silly.
How about this statement?
The trouble is that when you lift the hood, everybody’s reporting it in a different way. We used artificial intelligence two to four times a day to scrape all of their data, which is in different formats — sometimes it’s an Excel file, sometimes it’s a PDF, sometimes it’s a handwritten piece of paper — we scrape it, and then we post it, just like we post a weather map. We post a coronavirus map by county in the U.S.
The problem is that one of the more useful methods of displaying virus-related data comes from Avi Schiffmann, a teenager in Seattle, developed NCoV2019.live. Also the founders of Instagram have delivered Rt Covid 19, which is quite useful. Neither service has supercomputers, Watson, or the Weather Channel to help. Maybe IBM should hire these people? The bottom-line is that IBM can do sort of what social media innovators and a high school junior did. Come on, IBM.
I circled this IBM statement in yellow:
We’ve taken the position that it has to be an opt-in. We should not — based on those ethical principles from the Vatican — track people’s locations, and I should not try to find out that you were next to Adam last Tuesday night, for example. It’s not ethical.
Maybe Mr. Kelly has not read the email about IBM’s cyber division, checked out the Analyst Notebook feature set, or probed into the IBM CyberTap system? DarkCyber wonders, “Are there different definitions of ethics for each unit of IBM?”
And, finally, this statement is intriguing:
The coronavirus, as bad as it is, it’s not Ebola, as an example.
With research data in flux, it is interesting to consider why an IBM VP would offer this clear differentiation. What other distinctions can IBM draw between Covid19 and Ebola? In fact, what did IBM do in the midst of the Ebola outbreaks?
Is IBM ethical? Just ask one of the professionals over 55 RIFFed in the last few years? Is Watson ethical if it outputs incorrect or misleading information about a cancer protocol? Is it ethical to buy back stock to put a shine on a pick up truck designed to deliver mainframes?
Let’s go back to the teen in Seattle. Maybe he could be hired to put IBM Watson to work?
Stephen E Arnold, April 28, 2020
CFO Surprises: Making Smart Software Smarter
April 27, 2020
The Cost of Training NLP Models is a useful summary. However, the write up leaves out some significant costs.
The focus of the paper is a:
review the cost of training large-scale language models, and the drivers of these costs.
The cost factors discussed include:
- The paradox of compute costs going down yet the cost of processing data goes up—a lot. The reason is that more data are needed and more data can be crunched more quickly. Zoom go the costs.
- The unknown unknowns associated with processing the appropriate amount of data to make the models work as well as they can
- The wide use of statistical models which have a voracious appetite for training data.
These are valid points. However, the costs of training include other factors, and these are significant as well; for example:
- The directs and indirects associated with creating training sets
- The personnel costs required to assess and define retraining and the information assembly required for that retraining
- The costs of normalizing training corpuses.
More research into the costs of smart software training and tuning is required.
Stephen E Arnold, April 28, 2020
Amazon and Data Privacy
April 27, 2020
Some people are snoops. I was in Sarande, Albania. The only Internet café open featured a dozen computers and so-so bandwidth. Three young men were busy duplicating US DVDs of motion pictures. I know because I stood next to the group and asked, “What are you doing?”
There was one other person in the storefront. That individual kept peering around the side of his plywood divider to check up on me and what the young men were doing.
Yep, a natural born snoop.
Why’s this relevant?
In a big operation like Amazon, there will be snoops. Some will be following the protein pulses of their DNA and others are doing what someone thought was [a] cool, [b] their job, or [c] no big deal.
I thought about Albania when I read “Amazon Tapped Sellers’ Data to Launch Competing Products.” (Page A1 and A9 in the dead tree edition of the WSJ on April 24, 2020, and at this link online.) My mind works in unusual ways: Albania and Amazon. Hmmm.
I noted:
Amazon.com Inc. employees have used data about independent sellers on the company’s platform to develop competing products, a practice at odds with the company’s stated policies.
That strikes me as a statement of fact, not an “allegedly” needed.
Okay, based on the Albania experience, there are people who ask questions directly and there are snoops. But what’s Amazon’s source? I asked the question in Albania, and I directly observed the snoop’s peeking.
The source of the factoid is:
Interviews with more than 20 former employees of Amazon’s private label business and documents reviewed by the Wall Street journal
How many employees? Who were these people? Why are they no longer working at Amazon? What documents “were reviewed”? Why not include images of these documents?
What’s going on is that a damning story lacks information I could use to verify the factoid.
I think that snoops exist at Amazon. I think that data seeps. I don’t feel comfortable with this type of behavior, but the behavior exists in Albania to Zimbabwe (yep, I have seen some interesting data behaviors there too, including violent acts for the purpose of seizing another person’s farm). A to Z of data snooping I suppose.
Nevertheless, the core of the direct statement about Amazon’s misbehavior rests upon anonymous sources of information.
Sure, the WSJ researchers and journalists reviewed online information about Amazon’s alleged activities. “Experts” were quoted but statements like this come from unnamed sources:
“We would work backwards in terms of the pricing,” said one of the people who used to obtain third party data.
The reliance on anonymous sources opens the door to making up or tweaking a comment to make it better is troubling.
Which is better? Snooping or hiding behind anonymous sources.
Both are bad; neither makes me comfortable.
Stephen E Arnold, April 27, 2020
HPE Signals That Its Channel Partners Cannot Move Product and Services
April 27, 2020
I was not surprised when I worked through “HPE Outlines Additional Channel Partner Relief Measures.” The language of the write up worked overtime to dodge the basic message: Channel partners cannot move HPE’s products and services.
This is a surprise?
The write up explains:
The HPE Partner Ready program has suspended revenue target thresholds so partners can keep their eligibility for the 2021 program, as well as Aruba’s Partner Ready for Networking Program.
and this:
HPE Financial Services has also allocated $2 billion towards helping customers and partners. Initiatives include providing liquidity for buying partners, virtual solutions for partner enablement, and hybrid IT solutions for partners and customers.
or this:
HPE aims to provide liquidity to partners, particularly in North America and Europe through early pay discount terms and factoring terms. The company has not stated whether these also apply to Asia Pacific partners. The company has also suspended or reduced strategic development initiative targets in most geographies – however, this incentive does not apply to partners in Asia Pacific and China (APAC). Hybrid IT solutions for partners and customers include the free-of-charge use of remote server management Integrated Lights-Out Advanced. It will be offered free for the remainder of 2020. Additionally, HPE is working to support service provider partners by providing increased business continuity services to customers, via a centralised Spotlight page on Cloud28+.
The angles of this particular nine-ball pool game are challenging.
But taken as whole cloth, the moths appear to be ruining the fabric in which HPE wanted to craft a new prom gown.
What will the HPE partners’ wear? Maybe Amazon AWS or Google Cloud t shirts?
Stephen E Arnold, April 27, 2020
Facebook Chokes NSO Group: Will NSO Group Tap Out?
April 27, 2020
Facebook has become a digital world unto itself. From the insouciance demonstrated during the Cambridge Analytica matter to the cheerful attempt to create a global currency, Facebook has was some might call digital schnorrer. Take data and do what’s necessary to get as much as possible for nothing. Pay for data? Nah. Testify so elder statesmen can understand? Nah. Make it easy for consumers to manage their free Facebook accounts? Nah.
These are fascinating characteristics of a social media company eager to bring people together. But the company has another characteristic, and it is one that certainly surprised the hapless researchers at DarkCyber.
Cyberscoop reported that the Facebook legal eagles are doubling down on the bet that they can squeeze the NSO Group. Is it for cash? Is it for power? Is it to make darned clear that Facebook is more powerful than a company which develops specialized software for government agencies? DarkCyber doesn’t know, but it is clear, if the information in “Facebook: NSO Group Used U.S.-Based Servers in Operations against WhatsApp” is accurate, Facebook is ready to rumble.
The write up states:
In court documents, Facebook-owned WhatsApp claims NSO Group used a server run by Los Angeles-based hosting provider QuadraNet “more than 700 times during the attack to direct NSO’s malware to WhatsApp user devices in April and May 2019.”
The article points out that:
The filing is a blow to NSO Group’s claims that its signature product, Pegasus, isn’t capable of running operations in the United States.
What’s remarkable is that the lawsuit has become increasingly high profile. Dust ups related to what DarkCyber calls intelware and third parties usually keep a lower profile. A good example is the efforts expended to keep the lid on the interesting litigation between Analyst’s Notebook and Palantir Technologies. This matter, if mentioned at a conference, evokes the question, “What? When?”
The Facebook NSO Group dispute is getting media traction. Cyberscoop includes the full 35 page document via link in its article.
DarkCyber’s view is:
- There are some ironic factors in Facebook’s pursuit of this matter; for example, allegedly Facebook wanted to license NSO Group’s Pegasus. Is Facebook a bride left at the alter?
- Is Facebook trying to deflect attention from its own data policies? ( It is helpful to keep in mind that Facebook has to pay $5 billion for its Cambridge Analytica adventure.)
- Facebook’s own behaviors have been troubling to some individuals due to its own privacy and data actions; for example, exposing friends of friends without oversight to Facebook partners.
- Facebook’s shift from the privacy procedures users assumed were in place to a more Wild West approach to data as the social media firm sought to expand its revenues and user base.
Intelware companies are not new, but they are small compared to today’s Facebook. Intelware companies are like some flowers which die in direct sunlight. A special climate controlled environment is necessary for survival.
Facebook may be waking up to the fact that certain government agencies want access to Facebook data. Specialized firms, not just NSO Group, have the ability to work around, under, and through whatever shields Facebook puts in place to keep Facebook data for Facebook. And when Facebook does play nice with government agencies, Facebook plays by its own rules and brings the ball and the referee to the game.
DarkCyber’s perception is that Facebook was and is offended by what it thinks NSO did or does. DarkCyber assumes that Facebook wants it own NSO Group-style capabilities and is defending itself in order to be the Facebook everyone knows and loves.
With the Facebook – NSO Group matter moving forward, the path each company, the lawyers, and possibly government officials will explore will be interesting to chart.
Plus who knows whether Facebook is fighting hard to protect its customers or fighting another battle.
Also, NSO Group may, like a WWE star, have a masked helper waiting in the wings eager to join the fray.
Stephen E Arnold, April 27, 2020