Salesforce Acquires Diffeo
June 30, 2020
The announcement appears on the Salesforce Web site. Diffeo.com redirects to the customer relationship management firm’s government and aerospace page at this link. It appears that Salesforce will use the Diffeo technology to enhance its search, retrieval, and analysis capabilities. Plus, there may be some push by Salesforce to market Diffeo to the US government. As more information becomes publicly available, DarkCyber will update its information about this MIT incubator spawned firm.
Stephen E Arnold, June 30, 2020
A Moment of Irony: Microsoft and Facebook Ads
June 30, 2020
I recall reading a story about Microsoft’s purchasing a chunk of Facebook. Recode wrote about the deal in “It’s Been 10 Years Since Microsoft Invested in Facebook. Now Facebook Is Worth Almost As Much as Microsoft.”
I thought about this investment when I read “Microsoft Has Been Pausing Spending on Facebook, Instagram.”
The way I understand this is that Microsoft owns some Facebook shares. Facebook holds meetings for those who own stock. The meetings permit submission of questions from shareholders.
Some questions:
- Has Microsoft asked questions about Facebook’s ad practices at these meetings?
- Has Microsoft contacted Facebook management about its ad-related concerns?
- Has Microsoft management determined that selling its Facebook shares is a good or bad idea?
- Is the “pausing” virtue signaling or something more significant?
Hopefully one of the “real” news outfits will provide some information to help me answer these questions. If I were not so disinterested in Facebook, I could have one of the DarkCyber team jump in. And what about Microsoft’s financial thinking? Did Enron executives actually think about “energy”?
I do like the idea of a company which owns part of another company not liking the company’s policies. The action? Pausing. Yeah, maybe just another word for virtue signaling?
Stephen E Arnold, June 30, 2020
Consumers As Unwitting Data Conduits as Cyberware Flames
June 30, 2020
India and China are not friending one another. The issue I noted today concerns social media services designed — maybe targeted is a more appropriate word — at consumers.
Most users of apps like TikTok of 30 second video renown are not aware and do not want to know about data surveillance, known to some as data sucking or data hoovering. (A Hoover was a vacuum cleaner for DarkCyber readers unfamiliar with such a device.)
Information has been floating around that TikTok and other “authorized” apps available from the Google and from the would-be Intel-killer Apple allow the basic social media function to take place while the app gobbles a range of data. Put something on your clipboard? Those data are now in a server in Wuhan.
“India Bans TikTok As Tensions with China Escalate” reports:
India’s Ministry of Electronics and Information Technology said in a statement Monday that it had received many complaints about misuse and transmission of user data by some mobile apps to servers outside India.
Yes, another Captain Obvious insight. Is Captain Obvious working for one of India’s government services?
For those who have wandered the aisles of some interesting conferences, TikTok data is only the tip of the data iceberg.
In fact, I told one hip real news person that chasing some of the smaller data resellers was like understanding the global nature of agribusiness by talking to a quinoa farmer 20 miles from Cusco.
The information is interesting to DarkCyber for three reasons:
- The insight light bulb is flashing in some government units. That’s a start.
- India is recognizing that consumers going about their daily lives are providing an intelligence windfall of reasonably good size. Consumers use their mobile phones, consumers talk, and consumers enter secure facilities and check out craze dances in the break room.
- Cyber warfare is not just chewing away at juicy servers in Australia or Canada. Cyber warfare is wrapped up in those low cost, feature packed hardware devices which, according to the sticker on the box, are “smart.”
The current time period is one filled with interesting activities. What do you think, Captain Obvious?
Stephen E Arnold, June 30, 2020
Alphabet Wants to Spell Money with Shop-able Ads
June 30, 2020
Yes, YouTube will become more shop-able. The news shocked no one on the DarkCyber research team. YouTube videos are almost unwatchable. Pre-rolls, interstitials, and post-rolls. Auto-playing of ads when autoplace is set to off. Such convenience, such excellent user experience.
“YouTube Launches a New Ad Format That Showcases Product Images” reports:
YouTube created a new ad format that makes the platform more shoppable. The ad format will feature product images for viewers to browse, by integrating company pages into the video platform. Companies can have products displayed through the new ad format by syncing Google Merchant Center with video ad materials. Following that companies can decide which products to feature.
This sounds exciting. Perhaps advertisers taking a break from Facebook will embrace the new platform? What’s next? How about videos which contain zero YouTube creator content. Just one ad surrounded by the “See Also” ads the magic algorithm suggests.
Relevance? Perfect. Efficient. Plus Aerie might get another Google ad research outsourcing contract. The internal professionals are just too darned busy.
Stephen E Arnold, June 30, 2020
Quantum Computing Has Time to Build Some Hype Momentum
June 30, 2020
After artificial intelligence, quantum computing wants to be a leader in the hyperbole arms race. “Value of Quantum Computing Uncertain for at Least 10 Years” makes a case for the quantum cheerleaders to adopt two Stalin five year plans. These can be implemented back to back.
The article quotes an outfit called Lux Research (which I assume connotes expensive information) as learning:
Quantum bits, or qubits, are inherently unstable, thus reducing the accuracy of any computation that relies on them; this is the first major obstacle to commercialization. For this reason, problems that lack clearly defined answers (like machine learning) but still benefit from improved solutions are the best problems to target with quantum computing.
DarkCyber thinks this means that graduate programs and venture capitalists have plenty of time to make their personal and financial investments pay off.
In the meantime, quantum computing cheerleaders can perfect their routine without too much fear of a rival coming up with a show stopper. And conferences? Absolutely.
Stephen E Arnold, June 30, 2020
Security in the Cradle of High-Technology Yip Yap
June 30, 2020
DarkCyber spotted this story:
How Hackers Extorted $1.14m from University of California, San Francisco
One would think that UCSF, an educational institution with tech savvy professionals located in the cradle of the US high-technology industry would have effective security systems in place. Wouldn’t one?
The write up reports:
The Netwalker criminal gang attacked University of California San Francisco (UCSF) on 1 June. IT staff unplugged computers in a race to stop the malware spreading. And an anonymous tip-off enabled BBC News to follow the ransom negotiations in a live chat on the dark web.
The article is one of those “how to be a bad actor” write ups which DarkCyber often finds discomfiting. Do these “real” news people want to provide information, or is there an inner desire to step outside the chummy walls of reporting? DarkCyber does not know.
The BBC points out:
Most ransomware attacks begin with a booby-trapped emaiI and research suggests criminal gangs are increasingly using tools that can gain access to systems via a single download. In the first week of this month alone, Proofpoint’s cyber-security analysts say they saw more than one million emails with using a variety of phishing lures, including fake Covid-19 test results, sent to organizations in the US, France, Germany, Greece, and Italy.
DarkCyber has a few questions; to wit:
- What vendors’ products are safe guarding UCSF?
- Who is in charge of anti phishing solutions at UCSF?
- What specific gaps exist at UCSF?
- What is the total amount of money UCSF spends on cyber security?
- How much “value” has been lost due to direct payment and down time, staff time, and running around not knowing what’s going on time?
- How about some quotes from the cyber security providers’ marketing material regarding the systems’ anti-phishing effectiveness?
Skip the how to, please. Focus on the facts that create the vulnerability. Just a thought.
Stephen E Arnold, June 30, 2020
When You Were a Young Millionaire, Did You Write This Way?
June 29, 2020
I read “Mixer Co-Founder on Microsoft Pulling the Plug, Twitch’s Market Power, and His Startup Journey.” DarkCyber looks at the universes of live streaming services from our observation post in rural Kentucky.
Games are not an all-encompassing world. The travails of Dr. Disrespect, the odd-ball world of ManyVids, or individuals who haunt NoAgendaStream.com.
These services create an opportunity for bad actors, malefactors, and Dr. Jekylls to sell contraband, engage in questionable transactions, and pass messages mostly off the radar of the local country sheriff in Tennessee.
What caught our attention in the GeekWire article was this passage:
“Ultimately, the success of Partners and streamers on Mixer is dependent on our ability to scale the service for them as quickly and broadly as possible. It became clear that the time needed to grow our own livestreaming community to scale was out of measure with the vision and experiences we want to deliver to gamers now, so we’ve decided to close the operations side of Mixer and help the community transition to a new platform.”
The young millionaire and digital nabob may want to consider a job in public relations if he is snubbed by an interesting government agency.
Notable phrases:
- Ultimately
- success is dependent
- vision and experiences
- we’ve decided
- operations side
- help the community
- transition
- a new platform.
Yeah, typical 20 something blog speak.
The conclusions we have reached in the DarkCyber intelligence and forecasting center are:
First, Azure couldn’t deliver. If the Softie’s cloud thing can do JEDI, should Azure deliver streaming games? Sure, but it does not.
Second, Microsoft has been friends sort of with Facebook. Does Facebook have a more resilient, agile, responsive, and efficient video service? Facebook may aspire to be social YouTube, but it has a bit of distance to travel.
Third, Microsoft’s mix up with Mixer makes clear that the me to approach to innovation and the blenderized approach to management at Microsoft cannot tap a hot new sector any better than it can update Windows 10.
Net net: DarkCyber is thinking that on our list of soon-to-be-cold technical dinosaurs, Microsoft may find itself making big plans with Hewlett Packard, IBM, and Oracle, among others.
As for the young millionaire, after the election there may be a need for a person with wordsmithing skills, the vocabulary of a millennial lawyer, and the sentence structure of Cicero without the flair unfortunately.
Stephen E Arnold, June 29, 2020
xx
App Store Curation: Hey, the Method Is a Marvel
June 29, 2020
I don’t think about app store curation policies. One of the DarkCyber researchers was excited about Hey. At lunch, this individual groused about Apple’s editorial review process or what I call curation. Newspapers in the good old days used to do curation. Not so much any more. I still have a headache after my talk with a New York based big time real journalist.
I read “Another 53 iOS Apps Besides TikTok Are Grabbing Clipboard Data.” The write up, if accurate, illustrates how a company can create its own myth from Olympus. Then do exactly what most Silicon Valley companies do; that is, anything that is easy and good for them.
The write up states:
ikTok may be ending its nosy clipboard reading on iOS, but that doesn’t mean other app developers are mending their ways. Security researcher Tommy Mysk told Ars Technica in an interview that an additional 53 apps identified in March are still indiscriminately capturing universal clipboard data when they open, potentially sharing sensitive data with other nearby devices using the same Apple ID. The apps are major titles, too — they’d normally be trustworthy. The behavior is visible in news apps for Fox News, the New York Times and the Wall Street Journal. You’ll also find it in games like Bejeweled, Fruit Ninja and PUBG Mobile.
Did Aristotle cover this type of mental glitch in his Nicomachean Ethics?
Of course he did.
Stephen E Arnold, June 29, 2020
Leo LaPorte Enthusiastically Grabs a New Sponsor
June 29, 2020
Sorry, but I cannot resist. Leo LaPorte, one of the TWIT television stalwarts, has shifted from praising Wasabi and branded his studio in Petaluma. I noted a new advertiser which may suggest that technology companies are responding to the Rona Riot. Unlike NoAgenda, the TWIT outfit depends on advertisers. No Agenda, on the other hand, has built a community. Those in the community support the show: Cash, T shirts, original art, and meet ups.
One surprise for me was that Mr. LaPorte donned a carnival barker attitude and slipped into the erectile dysfunction pitch in a slick way.
Online advertising is pretty annoying. I found the enthusiasm which seemed quite sincere a little warning signal about the direction the outfit is heading.
Give me Wasabi and I will pass on Last Past. The Roman product? That’s for friskier and the young at heart. Tasteful and technical appeal to me. Money is money I assume.
Stephen E Arnold, June 28, 20020
Russian Hacker: Maybe a Tattoo and New Opportunities for Friendship?
June 29, 2020
In my Dark Web 2020 lecture in July for the “now virtual” US National Cyber Crime Conference, I will review some of the information my study team has gathered about Russian digital crime factories. Some of these are hidden in plain sight. Others are less visible. In this interesting world, surprises are not uncommon. “Russian Cybercrime Boss Burkov Gets 9 Years” describes how “a well connected Russian hacker once described as an asset of supreme importance” booked a one-way ticket to prison. The write up explains that:
Aleksei Burkov of St. Petersburg, Russia admitted to running CardPlanet, a site that sold more than 150,000 stolen credit card accounts, and to being a founder of DirectConnection — a closely guarded underground community that attracted some of the world’s most-wanted Russian hackers.
Mr. Burkov (kopa to his Dark Web and hacker colleagues) operated DirectConnection (now offline). If you are interested in the legal explanation of Mr. Burkov’s activities, the indictment was online as of June 29, 2020, at this link. Some documents return cheerful 404 errors, and DarkCyber understands your pain.
Will Mr. Burkov share some of his knowledge about Russian cyber crime, a type of wrong doing that has been ignored by some authorities in Mr. Putin’s government? DarkCyber surmises that he may become a chatty Kathie once he experiences the delights of a sojourn in America.
Stephen E Arnold, June 29, 2020