Google Filtering: How Smart Is Software?
October 27, 2020
I included a screenshot illustrating YouTube search results which make it clear how to obtain without charge copy-protected commercial software. You can read that story and see the screen shot at this link. I want to document a Reuters’ report called “Italy’s Communications Watchdog Fines Google for Betting Ad.” The news item documents that Google was fined for running gambling ads. The DarkCyber research team has been monitoring some of the questionable video streaming sites. Advertisements are appearing on these sites in greater numbers. What vendors are providing these paid messages? At this time, there’s no open source information about the intermediaries involved.
Questions:
- Why doesn’t filtering by key word work for Google advertisements? Gambling seems to be a no brainer.
- Why are Google YouTube search results providing recently updated links to video content which appears to violate a number of rules and regulations? The word “crack” is like gambling a seemingly obvious yellow caution light.
- What are the names of the ad agency intermediaries providing advertisements to what appear to be illegal video streaming sites?
Interesting? The DarkCyber research team finds the subject engaging. Smart software seems to have some blind spots.
Stephen E Arnold, October 27, 2020
Two Palantir Profiles: Some Peculiar Omissions
October 26, 2020
Not long ago, I was interviewed for a “real” news story about Palantir which appeared in New York Magazine in late September 2020. That story — “Techie Software Soldier Spy: Palantir, Big Data’s scariest, most secretive unicorn, is going public. But is its crystal ball just smoke and mirrors?” — was chock full of information about Palantir Technologies. [1] Alas, the New York Times’s reporter never called me, but what’s new? On Sunday, October 25, 2020, the Times’s profile “The All Seeing Eye: Palantir became a tech giant by helping governments and law enforcement decipher vast amounts of data. Is it dangerous to let this software know so much?” appeared in print. Yep, another “real” news report about the company, and this one has nifty graphics.
There are some similarities between the two write ups. First, the origin story of Palantir is similar. For practical purposes, they are close enough for horse shoes. What seems to have slipped through the cracks is the information the Silicon Valley-centric team formed around Peter Thiel has been ignored. Some of these “founders” are quite fascinating individuals. Palantir was less a seeing stone than a step beyond what is now IBM’s i2 Analyst’s Notebook, one of the grandpeople of today’s policeware and intelware systems. [2] The differences between Analyst’s Notebook and Palantir Gotham can still trigger inter-agency memo battles among LE and intel professionals. But in terms of functionality, both ingest information and provide outputs useful to those interested in entities (banks, people, and other proper noun type things). Palantir anchored its system on techniques in use at a US intelligence agency more than a decade ago. i2 Ltd. based its approach around the work processes of UK law enforcement. Similar but different. Again, the differences are not germane beyond the point that i2 refined the use of software to assist UK LE. Palantir tailored an i2-type method for US intel professionals. That’s important to me and probably no one else.
Another similarity is that the theme of doing good runs through both write ups. Based on my limited knowledge, the “doing good” thing is indeed a factor for those working on Analyst’s Notebook and Palantir Gotham. Most people involved in LE and intel embrace the idea that bad actors can exert a negative influence on some society cohorts. Specialized software like i2 clones are useful, and they are not code confections I want to see available to bad actors. However, the “doing good” is often cheek by jowl with “making money.” Keeping control of proprietary features is also important. Plus, dropping a shroud over what these intelware systems can deliver is quite important in my opinion. Both write ups keep that shroud in place. That’s good.
A final similarity is the Lord of the Rings’ trope. The name Palantir, the seeing stone, the wonky fantastical terminology appear in both write ups. The angle of attack, however, is different in each story. The “real” journalist at the New York Times Magazine seems to have leaned heavily on what Alex Karp conveyed as the truth about himself and the company’s 17 year journal to the promised land of the IPO. The New York Magazine profile pulled information from Beltway insiders and old-fashioned research, none of that “we were classmates stuff.” Score one for New York Magazine team. But the net net is the same: Hard charging Palantirians labored to overcome established government contractors and won over the hearts and minds of LE and intel professionals.
When I reread both articles Sunday, October 25, 2020, I noted some factoids that did not appear in either write up. It is entirely possible that my 76 year old eyes missed or my creaky brain ignored some polished sentences. For that, I apologize.
Here’s what I noted as missing in action:
- I recall mentioning a couple of historical item’s about Palantir’s stroll to its IPO. Neither of these items merited inclusion in the final version of the article which was published and disseminated online. Did the New York Times’s journalist fail to uncover or elect to discard these events?
- Palantir’s method of working around established US government procurement procedures. Sure, there are references to providing software to those in theater, but that’s a darned important fact. It’s a bit like “move fast and break things” methods which have delivered the fine environment in which Silicon Valley companies thrive. i2, on the other hand, was and is a “play be the rules” outfit. That approach has been maintained by IBM even as today’s owner of Analyst Notebook has been unable to keep pace with other, more zippy investigative software solutions.
- Palantir ended up in court over the Dot ANB file format. This was a trade secret of i2 Ltd. I know because I did some tiny, unimportant work for i2 before it was sold off by its founder. In order to import Dot ANB files into Gotham, the seeing stone outfit needed a short cut. Palantirians found a semi-clever way to obtain this file format information. i2 Ltd. found out about file format fancy dancing, and a court battle ensured. Information about the litigation is scant, but the hassle was settled out of court and the terms of the deal were sealed. Some information is available in this Reuters’ story. Odd that this important litigation escaped the attention of the “real” journalists. It provides some insight into the actions of the hard-charging Palantirians.
- Palantir also allowed itself to become embroiled in what I call the HBGary misstep. You can wade through the unfamiliar players and locate the references to Facebook data and Palantir in “ChamberLeaks: Military Contractors Palantir And Berico Under Scrutiny.” Since Palantir presents a corporate story about law and order, the HBGary incident suggests that “law” and “order” may have a different meaning to some Palantirians in the “shire.”
None of these stories has been given an X-ray procedure. Why? [3] The research and analysis required to make sense of interface similarities and differences, legal jousting about file formats, or deals among the specialized services companies that serve LE and intel professionals are not going to find their way into “real” media. Maybe one of the crack MBA mills will produce a motivated whiz kid who will explore these three topics. (Guess what? There are more to uncover.)
From my point of view, Palantir’s current origin story in both Karp tales is entertaining. But like the omissions about Google (another Silicon Valley paragon), the information no one “remembers” or bothers to unearth reveal more about the Palantirians and their organization than the creative revisionism now circulating. What about those protests in front of Palantir’s Palo Alto office? I think it is like people conveniently not remembering the Google Yahoo settlement regarding ad technology?
To some Silicon Valley, “in the same dorm” outfits, the past and its impacts are irrelevant to the thumbtyping generation. The here and now is what matters. With some stakeholders rolling in dough, the past may not exist.
What’s the history of policeware and intelware history tell us about the future of Palantir Technologies? I am no master of prediction. I can’t predict if I will be around to see the end of the pandemic or the end of the week for that mater. Let me pose some questions, which are what got Socrates terminated with extreme poeticism.
- Will Palantir be able to generate sufficient sustainable revenue to produce a profit? Note: It’s been 17 years to lose only half a billion if the published data are accurate? Plus, there are dozens of startups chasing the same modest pool of whales known to consume policeware and intelware.
- Will Palantir be able to catch up with vendors of intelligence software systems which have leapfrogged Gotham? (My estimates suggest there are about 300 customers on the scale of the CIA globally, and newcomers like some startups in Herzliya and suburban Virginia who are a heck of a lot less expensive to license, support, and tune. Deals with the fish bigger than carp are locked up and not in play. Some countries want their own equivalent to Analyst’s Notebook and Palantir Gotham. A deal may be unlikely no matter how much high school French a Silicon Valley pitch person uses in a presentation in Paris. There is competition today. In the late 1990s, Analyst’s Notebook faced fewer competitive threats.)
- Will Palantir, even with its move from Silicon Valley, become a Denver-type company with all the healthy goodness of a firm breathing fresh mountain air and rooting for the Broncos? Note: You can take the people out of Silicon Valley, but removing the Silicon Valley DNA may be like beating down Covid 19.
The Lord of the Rings was a fantasy if I recall a painful reading assignment from a class taught at the one-horse university I attended. I think this observation is semi-accurate: Where Palantir is concerned, magic and a rainbow are necessary. Some financially savvy humans are helpful as well.
The reality of Palantir’s dogged slog for 17 years is a bit more banal despite the “with it” persona of its public-facing wizard. The glow of that seeing stone’s glow is sufficiently bright to make it possible to read the digits on those cash accounts. What else is necessary?
Stephen E Arnold, October 26, 2020
Blog notes:
- i2 Ltd. was sold to a venture firm. Then IBM bought i2. Today’s Analyst’s Notebook is called “IBM i2 Analyst’s Notebook.”
- The “lack of context” about competition, market size, revenue, and number of customers is fascinating. But neither writer had room for such irrelevancies.
- My question is, “What is the logic of editorial decisions to omit factual actions about the business processes of Palantir Technologies?”
Microsoft: The Joy of Figuring Out What Code Can Do
October 26, 2020
DarkCyber finds Microsoft in an interesting spot. On one hand, Microsoft wants to be open sourcey. The idea of community created and community supported software provides a useful source of ready-to-microwave code nuggets, hints about whom to hire, and an opportunity to reduce the maintenance cost of certain components.
On the other hand, monitoring what’s on GitHub and, more importantly, how code can be used is a sticky wicket.
“RIAA Blitz Takes Down 18 GitHub Projects Used for Downloading YouTube Videos” explains:
Microsoft-owned GitHub has removed today 18 projects from its code-hosting portal following a legal request filed by the Recording Industry Association of America (RIAA)….In a letter sent to GitHub, RIAA argued that the “clear purpose of this source code [the youtube-dl library]” was to “circumvent the technological protection measures used by authorized streaming services such as YouTube” and to allow users to “reproduce and distribute music videos and sound recordings […] without authorization.”
The issue is likely to be a thorny one. Code can be used for many things:
- To perform a function
- A way to learn how to do a task
- Create software unrelated to the GitHub offering.
Microsoft has removed the “offending” software. But the problem could become the seed of a giant junk maple in the main Redmond campus green space. The article makes this point, and it is an important one:
RIAA isn’t alleging the library infringed on its rights, but that the library is illegal in itself.
Just as Microsoft wants to get open sourcey and more social, it finds itself in an interesting spot. Who or what will fertilize and water this tiny take down seed? Exactly what can code do? Exactly to what purposes can code be put? What about software which includes code which can do something a third-party defines as illegal? So many questions for the JEDI knights.
Stephen E Arnold, October 26, 2020
Google Publisher Payoff is Murdoch Approved
October 26, 2020
Back in 2018, News Corp. Executive Chairman Rupert Murdoch took Google and Facebook to task for publishing news sites’ content on their platforms without compensation. News Corp has also consulted on a number of investigations into these companies’ practices and pressed for new regulations. Now, though, it looks like Google’s recent move to appease regulators has the news magnate convinced that company is ready to play fair. Axios reports, “News Corp. Changes its Tune on Big Tech.” Writer Sara Fischer tells us:
“One of the biggest news publishing companies in the world has slowly backed away from its harsh public criticism of Big Tech platforms, as companies like Google and Facebook have begun to open up their wallets to news companies.
“Why it matters: News Corp. has for years been the driving force behind much of the regulatory scrutiny of Big Tech and its impact on the publishing industry. Now it’s becoming a beneficiary of the massive pockets of several of the largest tech companies.
“Driving the news: News Corp. CEO Robert Thomson put out a statement lauding Google’s new efforts to pay publishers around the world more than $1 billion to license and curate their content last week. ‘There are complex negotiations ahead but the principle and the precedent are now established,’ he wrote.”
In fact, News Corp already has profitable partnerships with Facebook, Apple, Twitter, Spotify, Snapchat, and Amazon. Google may just be next to fall in line. Fischer observes:
“There was a time several years ago that media companies, with proper investment and scale, could demand big ad dollars via traffic from platforms like Google and Facebook. Today, media companies with value and investment can pull something even more sustainable from those platforms: licensing fees.”
There is nothing like a boost to the bottom line to change one’s point of view.
Cynthia Murrell, October 26, 2020
How-To Information from a Low Profile Company
October 26, 2020
Terminating fake social media profiles, especially on Facebook, has been a high priority since the 2016 US presidential election. Social media companies have task forces that diligently remove scam accounts (supposedly), but as technology advances bad actors always find ways to keep the fakes rolling. It comes as a surprise that a social media monitoring company actually created an instruction manual on fake profiles. Vice has the story: “Surveillance Company Explains How To Keep Facebook From Detecting Fake Accounts In Leaked Manual.”
British owned Blackdot Solutions developed the open source based online investigations platform Videris. Videris is used by government organizations, banks, and other businesses. Motherboard obtained a user manual from Blackdot Solutions that instructed its customers how to create fake Facebook and LinkedIn accounts to collect people’s information. The manual also explains how to avoid Facebook detection.
The guide offered a very insightful behind-the-scenes look at how social media monitoring tools work from a layman’s POV.
More and more businesses and law enforcement agencies use social media monitoring tools to collect information. One common tactic is befriending people of interest on social media to work around privacy settings.
When confronted with the leaked manual, a Blackdot Solution spokesperson denied being aware of its existence and Videris was not used in such a manner:
“Videris does not unravel private networks. It can’t do anything that users couldn’t do themselves if they were to log into social networks in the normal way,” Adam Lawrance-Owen, Blackdot’s head of product, said in an email. “The advantage of our software is twofold. It allows for more effective investigations to help catch fraudsters, money-launderers and terrorists. And it allows those investigations to be carried out in the most secure and discreet way possible, which is absolutely essential when dealing with these sorts of matters.”
The user manual proved otherwise. Videris makes any scrapped data readable and it also includes colorful charts and graphs. Blackdot Solutions has since remained mum about the manual.
Whitney Grace, October 26, 2020
Google: Small, Irrelevant Services?
October 26, 2020
I noted “Google Shuts Down Trusted Contacts App, Will End Support By December 1.” The idea is that a user can share his or her location during an emergency. No more. This service became available in 2016. Five years is a long time for the Google.
A possibly related announcement was reported in “Google Confirms the Nest Secure Has Been Discontinued”. The Android Police write up reports:
Google released the Nest Guard in 2017 as a simple security system with motion sensors and a keypad, but it never received an upgrade, even as other Nest devices were updated again and again. Google has now confirmed to Android Police that the Nest Guard is discontinued, though it will continue functioning.
Perhaps Google will find other security related products to terminate? A trend in the time of Rona? Social unrest, a pandemic, financial stress, and individuals lacking money for essentials – who needs security? Is there a way to hook advertising into home security?
Stephen E Arnold, October 26, 2020
IBM: The Great Entertainer
October 25, 2020
The media never stops reporting news and technology never stops revolutionizing the media. The newest upgrade for media brands and publishers is AI says Advanced Television in the article: “IBM Brings AI At Scale To The Media Industry.” IBM wants to remain one of the leading AI developers and suppliers, especially when they have Watson to do the scaling. As part of IBM’s easy array of industry solutions, the company now offers three new products for brands and publishers. The new products focus on reaching consumers while respecting their privacy. IBM already has an all star client list for its new AI product line, including Beeswax, MediaMath, Nielsen, LiveRamp, Xandr/AT&T, and Magnite.
IBM SVP of Cognitive Applications and Blockchain Bob Lord stated that the advertising industry is undergoing a major transformation when it comes to consumer privacy. Major changes are elimination of some third party cookies, mobile identity, and increased demand in transparency, and increased compliance and regulatory shifts. In order for the advertising agency to respect consumer privacy, but also generate revenue Lord explained AI will be invaluable:
“He added: ‘We believe AI will be the ‘backbone’ of the new era as the industry prepares for the next generation of advertising. We’re using AI to help solve problems across the advertising industry, just like IBM has in countless other industries like Healthcare, Financial Services and Retail. Our work will be a step forward in our evolution to meet the advertising industry’s upheaval, and we are proud to help the advertising industry advance with the value of AI.’”
The newest AI upgrades are for IBM’s Watson Advertising Accelerator, Watson Advertising Social Targeting with Influential, and Watson Advertising Weather Targeting. IBM developed these tools for the advertising industry to regain consumer trust. Consumers are upset about the amount of spying and selling of their personal data, not to mention the amount of targeted ads that reach them through their phones, computers, tablets, and televisions.
IBM is using AI to help brands and publishers make sense of the amount of data in the digital space to make wise business decisions. The other goal is to regain consumer trust and respect individuals’ privacy as technology becomes more entwined in society.
IBM, AI, and declining revenues: Take the show on the road.
Whitney Grace, October 25, 2020
Cyber Sins: Part of the Human Condition Permanently
October 24, 2020
Business operations have secrets and maybe sins. Medium explains “The Seven Deadly Sins Of Cybersecurity.” Using the metaphor of the biblical seven deadly sins: greed, gluttony, lust, envy, sloth, wrath, and pride, the article compares social media platforms to the digital manifestation of them. The write up argues that cybersecurity is demonized by seven deadly sins.
What’s a sin?
Covid-19 has made cyber security more important than ever as people are forced to work from their homes. Organizations need cybersecurity to protect their information and the pandemic exposes all weaknesses in organizations’ cybersecurity culture, if any exists. Another sin is believing a layered, complex solution equals a decent security plan. Complexity actually creates more problems, especially when plans involve too much overhead management and talking about “doing something” instead of taking action.
Credential abuse is also a deadly sin. One commits credential abuse in the over reliance of simple passwords. People love simple passwords, because they are easy to remember and they hate complex credential systems because they are annoying. It might be better to find an alternative solution:
“So what solutions should you start exploring? Identity & Access Management, Privileged Access Management (PAM), Just-In-Time/Just-Enough Administration, Role-based access controls, Multi-Factor Authentication, and more. What about Single Sign-On? Federated Identity management? everyone must adhere to secure credential management without exception…In climbing, free-soloing might be the epitome of cool, but when you fall, you’ll wish you had a belay.”
The article advises to be aware that you cannot treat all of your information the same way. The example the article uses is treating a mobile number differently than a credit card number. It is important to be aware of how any information posted online could be potentially harmful.
Then an ultimate sin is not paying attention to blind spots:
“Many threats “hide in plain sight” and we don’t have the time, energy, and resources to look for them, let alone know where to start.This problem is due to complexity, a lack of resources, and too many gaps and overlaps.”
The key to absolving this sin is discovering the blind spots, then developing solutions.
Sin, however, is part of the human condition. Bad actors sense opportunities and exploit them. Cyber crime continues to thrive and become more pervasive.
Whitney Grace, October 24, 2020
Algorithm Tuning: Zeros and Ones Plus Human Judgment
October 23, 2020
This is the Korg OT-120 Orchestral Tuner. You can buy it on Amazon for $53. It is a chromatic tuner with an eight octave detection range that supports band and orchestra instruments. Physics tune pianos, organs, and other instruments. Science!
This is the traditional piano tuner’s kit.
You will need ears, judgment, and patience. Richard Feynman wrote a letter to a piano tuner. The interesting point in Dr. Feynman’s note was information about the non-zero stiffness of piano strings affects tuning. The implication? A piano tuner may have to factor in the harmonics of the human ear.
The Korg does hertz; the piano tuner does squishy human, wetware, and subjective things.
I thought about the boundary between algorithms and judgment in terms of piano tuning as I read “Facebook Manipulated the News You See to Appease Republicans, Insiders Say”, published by Mother Jones, an information service not happy with the notes generated by the Facebook really big organ. The main idea is that human judgment adjusted zeros, ones, and numerical recipes to obtain desirable results.
The write up reports:
In late 2017, Zuckerberg told his engineers and data scientists to design algorithmic “ranking changes” that would dial down the temperature.
Piano tuners fool around to deliver the “sound” judged “right” for the venue, the score, and the musician. Facebook seems to be grabbing the old-fashioned tuner’s kit, not the nifty zeros and ones gizmos.
The article adds:
The code was tweaked, and executives were given a new presentation showing less impact on these conservative sites and more harm to progressive-leaning publishers
What happened?
We learn:
for more than two years, the news diets of Facebook audiences have been spiked with hyper conservative content—content that would have reached far fewer people had the company not deliberately tweaked the dials to keep it coming, even as it throttled independent journalism. For the former employee, the episode was emblematic of the false equivalencies and anti-democratic impulses that have characterized Facebook’s actions in the age of Trump, and it became “one of the many reasons I left Facebook.”
The specific impact on Mother Jones was, according to the article:
Average traffic from Facebook to our content decreased 37 percent between the six months prior to the change and the six months after.
Human judgment about tool use reveal that information issues once sorted slowly by numerous gatekeepers can be done more efficiently. The ones and zeros, however, resolve to what a human decides. With a big information lever like Facebook, the effort for change may be slight, but the impact significant. The problem is not ones and zeros; the problem is human judgment, intent, and understanding of context. Get it wrong and people’s teeth are set on edge. Unpleasant. Some maestros throw tantrums and seek another tuner.
Stephen E Arnold, October 23, 2020
Open Source: A New Slogan Emerges. No Poster Art Yet
October 23, 2020
I read “Huawei’s Open Source Innovation Inspired by Of All, By All, for All.” Interesting. Microsoft is interested in open source. Amazon is semi interested in open source. Google is probably still interested in open source unless the team working on open source lost interest. But Huawei? Huawei is interested in open source. The write up reports:
Huawei has acknowledged the importance of open source and the role it plays in accelerating innovation within the software industry, stating that ecosystems such as openEuler, openGauss, openLooKeng, and MindSpore have created an ecosystem of open source basic software projects….The openEuler, openGauss, openLooKeng and MindSpore open source communities are all ‘led’ by Huawei as the company seeks to lay the groundwork for full-stack hardware and software collaboration.
Does Huawei’s support of open source fit into the strategic plan for Chinese technology?
The article provides a partial answer:
Huawei Cloud & AI Open Source business general manager Du Junping says that open source enables organizations to create innovation and value in an environment that is ‘open, fair, transparent, and secure’. Huawei says it is inspired by the mindset of fostering a sustainable, open source basic software ecosystem ‘Of All, By All, For All’.
Catchy: Of all, by all, for all. Very egalitarian and kumbaya-ish. Is it similar to “Smash the gang of four” or “Have fewer children, raise more pigs”? No, of course not.
Stephen E Arnold, October 23, 2020