One More Reason to Love Microsoft Windows 10 Updates: Malware
October 23, 2020
The pushing of updates reflects two things. First, the generally low quality of software. Second, a crazed desire to lock in customers. Microsoft seems to be working hard to deliver on both counts. However, there is more to love about the silent, unwanted Windows update processes, a topic not covered in Microsoft’s free report about its loss of 250 million items of customer data. Curious? You can download the report at this link.
“This Nasty Malware Has Disguised Itself As a Windows 10 Update”, if accurate, suggests there are other issues with the JEDI warriors’ online systems. We learned:
Emotet, the malware campaign that has been causing havoc for computer systems all over the world, has reappeared with a new approach to infecting devices. An email attachment claiming to be from Windows Update and instructing users to upgrade Microsoft Word is now being used to lure unsuspecting victims into downloading the malicious software. The malware works by first sending spam emails that contain either a Word document attachment or a download link. Victims will then be prompted to ‘Enable Content’ to allow macros to run on their device, which will install the Emotet Trojan.
Seems like phishing to us. Are there steps Microsoft could take to minimize risks to their millions of long suffering customers? Sure, but it may not be a priority. JEDI, you know. Beating off Amazon and Google, you know.
The reports about security are nice. But maybe something more than a free marketing document is needed if the “nasty malware” story is on the money? You know?
Stephen E Arnold, October 23, 2020
Tactical AI: Research for the 21st Century
October 23, 2020
The company is Tactical Analysis Intelligence. The acronym is Tactical AI. The url is tactical-ai.com. Clever. Indexing systems will glom on the “ai” and the name suggests advanced technologies. The company’s business is, according to its Web site:
a premier boutique information search provider of numerous public and non-public internet sources. Our proprietary deep search system and monitoring service has a proven track record of providing businesses with the data they need to make informed, critical business decisions.
The company performs “deep Web search.” The idea is that when you search via Bing, Google, or Swisscow, you are doing shallow search. The company also delivers Dark Web breach monitoring. The idea is that the increasingly small Dark Web requires specialized skills.
I learned about this company via a link to its “white paper” or article called “Going Undercover for Your Company on the Dark Web? Read This First.” The article provides some information which leads some readers to the conclusion that Dark Web research requires an expert. That’s where Tactical Analysis Intelligence enters. The company’s article by the same name is a link to a Department of Justice document. That’s okay, just a surprise.
After scanning the company’s Web site, some librarians before the Great Disintermediation decimated their ranks should have had Tactical’s marketing know how.
Keep in mind that:
- Forums, discussion groups, and digital watering holes are no longer confined to the Dark Web
- The “regular” Web houses a surprising amount of information, including facts about companies which do classified work and do their level best to remain invisible; for example, ATA in Albuquerque, NM.
- Chat tools like WhatsApp, Telegram, and others have become alternatives now that the Dark Web is getting tinier.
What services provide access to threat intelligence from these sources? That’s a good question.
The experts in cyber open source intelligence might be able to help. Is it possible the author of CyberOSINT could offer some guidance? No, doubtful.
Stephen E Arnold, October 23, 2020
Mindfulness Meets High School Science Club Management Methods
October 23, 2020
I read “Silicon Valley’s Corporate Mindfulness Hypocrisy.” I found my “mind” full of thoughts. The main point is that consulting savants are booking engagements and billing for educational sessions which teach employees how to be mindful. (No, I don’t know what that means, and, to be frank, I am not particularly interested in the snake oil coated academic guruish explanations.
The essay contains an interesting sentence:
Corporate mindfulness is a poor substitute for organizational change. By reframing structural and systemic problems as an individual-level pathology, by putting the onus of responsibility all on individuals – telling them, “Just do this mindfulness practice” –is akin to victim-blaming.
The bound phrase which I noted is “organizational change.”
Why on earth would a Silicon Valley company making money, keeping the funding sources at bay, and employees working from home want substantive change.
The purpose of high school science club management methods is to institutionalize anti-adult behavior. Entitlement, money, and Clubhouse fame are goals. The other stuff like the well being of the lucky people who get paid to filter content that semi smart software cannot be trusted to block is not a big deal.
In my opinion, HSSCMM are the norm, and they seem to be working for some outfits. Change is hard. Let the employees learn how to channel their inner demons. The top dogs want to check out the new Porsches.
If you don’t get it, you don’t belong to the science club, and you probably won’t be noticed.
What’s the science club saying about the upcoming Congressional hearings in late October? Scary, right?
Stephen E Arnold, October 23, 2020
Google: Simplifying Excellence
October 22, 2020
Almost everyone knows Google. I spotted an eclectic write up in Entertainment Overdose (an estimable publication). The article “Eric Schmidt, Who Got YouTube for a Premium, Assumes Social Media Networks Are Amplifiers for Idiots” contains a quote. This is an alleged statement attributed to Eric Schmidt, the overseer of Google until 2018.
Here’s the alleged pearl of wisdom:
The context of social networks serving as amplifiers for idiots and crazy people is not what we intended.
But it happened with YouTube, right? Who was running the company at this time? I think it was Mr. Schmidt.
It seems that Mr. Schmidt’s social world view is divided into those who are not crazy (possibly Google employees and those who share some Google mental characteristics but are in some way in touch with reality) and those who are crazy. Crazy means mentally deranged, which may be a bad thing. Plus, the “crazy” group uses social media as “amplifiers.” This seems to suggest that anyone using social media falls into the crazy category. Is this correct?
Note the “we”. The royal “we” appears to embrace the senior management of Google.
Now check out the Rupert Murdoch “real” news Wall Street Journal for October 22, 2020. The story to which I direct your attention is called “Google Ex-CEO Hits DOJ As Antitrust Battle Looms.” [When the story is posted to wsj.com, you will have an opportunity to purchase access. Until then, hunt for the dead tree edition and look on Page A-1.]
The write up reports that Mr. Schmidt said:
There’s a difference between dominance and excellence.
Is the idea may be that operating like a plain vanilla monopoly not acceptable. This suggests that monopoly delivering “excellence” is a positive for everyone.
Is YouTube dominant or excellent? Are those who post links to children’s playgrounds to the delight of individuals with proscribed tendencies idiots? (There are other, more suitable terms I believe.)
Quibi and Its Open Letter: An Idea Probably Not Considered
October 22, 2020
I spotted Quibi’s “An Open Letter…”. The write up states: “…we are winding down the business and looking to sell its content and technology assets.”
I circled this passage: “… we’ve considered and exhausted every option available to us.”
Every option. That’s a categorical affirmative. No black swans, please.
Think of this brilliant observation: “The price of inaction is far greater than the cost of a mistake.” Who said that? Maybe Meg Whitman?
How will those who bet about $1.75 billion on quality content delivered to a mobile device react to my idea which I don’t think the dynamic team of Katzenberg and Whitman thought about?
But here’s the “script” of the overlooked idea. It is very Hollywood-Silicon Valley with graphics, audio, and jazzy Hollywood techniques.
KATZENBERG: We need to do a follow up to my 1992 smash cartoon Aladdin.
WHITMAN: What’s the title?
KATZENBERG: Aladdin 2: Magic Just Happens.
WHITMAN: Dear Jeffrey, what’s the title?
KATZENBERG: Picture this:
1. A poor but motivated duo (that’s us, the dynamic management and creative duo of Katzenberg and Whitman) lose a brief red ink battle with the sinister Dr. Tik Tok.
2. At a yard sale, we (that’s us, the dynamic duo of Katzenberg and Whitman) are looking for quality knick knacks. Whitman spots a copper lamp.
3. A coffee shop in Westwood, perspicacious Meg stroke the lamp.
4. Flash of light. A magic genie appears and orders a cappuccino
5, The dynamic duo gets one wish: To undo the Titanic failure of Quibi.
6. Poof. The genie makes Michael Lynch, founder of Autonomy plc, the cause of Quibi’s failure.
7. A court room: A “Law and Order trial” and — Mr. Lynch guilty.
8. Cut to.. A charity event to fight global warming at the Top of the Mark. The dynamic duo pays investors back.
WHITMAN: Winner!
Yes, an idea possibly not considered. But it may be too late for a quick bite. Lights out.
Stephen E Arnold, October 22, 2020
Amusing, That Facebook: Born to Curate
October 22, 2020
Facebook loves it when users share news, photos, and opinions, unless they speak ill of the social media platform. Vice explains how Facebook limits free speech in: “Facebook Just Forced Its Most Powerful Critics Offline.”
Facebook does not like the Real Facebook Oversight Board, a group founded in September 2020 when the social media company failed to run its own oversight board in time for the US presidential election. Because Facebook did not like the Real Facebook Oversight Board, they used their legal clout to force the group offline. Facebook wrote the group’s ISP to remove its Web site and succeeded.
What is the Real Facebook Oversight Board?
“The group is made up of dozens of prominent academics, activists, lawyers, and journalists whose goal is to hold Facebook accountable in the run-up to the election next month. Facebook’s own Oversight Board, which was announced 13 months ago, will not meet for the first time until later this month, and won’t consider any issues related to the election.”
Facebook complained the Real Facebook Oversight Board was involved in phishing scams. Usually when a request to remove a Web site reaches an ISP, there is a despite resolution process that takes months and ultimately a court order must be obtained to terminate the site. Facebook had another Web site owned by the Real Facebook Oversight Board removed in the past.
Facebook denied responsibility stating the Real Facebook Oversight Board’s Web site was taken offline because it contained the word “facebook” and violated copyright. Email documentation from Facebook proves otherwise. The company is shaping reality in order to protect its public image and troll its critics. Is Facebook’s editorial process veering away from bright, white lines?
Whitney Grace, October 22, 2020
Persistent: Enterprise Search and Cloud Expertise
October 22, 2020
I checked my enterprise search files. Sure enough, Persistent Systems is in the enterprise search game. You can get a sense of the firm’s consulting orientation if you download and study “An Essential Primer on Enterprise Search Evaluation.” Yep, evaluation. Most organizations have employees who need to locate information: Text, videos, PowerPoints on clever sales professionals’ work laptops, documents generated by the less-than-forthcoming legal department, and information about recreational softball in the Era of the Rona. We noted that the company acquired Capiot. This is a company which provides integration services. To sum up, “enterprise search” appears to be a consulting services operation at Persistent. With a workable search solution available as open source, renting people who can allegedly make search perform magic tricks seems logical. But what about rich media, tweets, silos of data, and uncooperative sales professionals who tweak slide decks moments before making a pitch to up the chances for a sale? Let’s not dig too deeply into the contents of the “Essential Primer,” shall we? Enterprise search appears to be a synonym for “consulting.”
Stephen E Arnold, October 22, 2020
Free Book Plus a Data Vacuum
October 22, 2020
DarkCyber spotted an innocuous item offering a “free” book about Microsoft Office 2019, a product the research team no longer uses. TextMaker works just fine, thank you. Curious about the pitch and how trade publishers are responding to the challenge traditional niche publications and publishers are dealing with the impact of thumb typers on print, one of the DarkCyber team filled in the form.
Here’s what we learned. Start the process by navigating to this link.
We received the download link from this link.
Then an online form requires name, address, email, and other useful marketing bits.
The system from TradePub.com then matches the book to specialist topics and titles and displays books in a category, which in this case had a technology slant:
Click a title and the fun begins. Each title gathers substantially the same information. One can repeat this process a number of times to obtain free magazines. Some are in theory still in print and will be delivered to the DarkCyber offices.
So what?
Several observations:
- The data collection is overt
- Data must be entered multiple times
- The download link did not arrive.
Bummer.
TradePub does not operate from the business capital of the rust belt. According to the firm’s Web site, the firm is in California. The company says:
TradePub.com is owned and operated by NetLine Corporation. NetLine Corporation empowers B2B Marketers with the reach, technology, and expertise required to drive scalable lead generation results and accelerate the sales funnel. Operating the largest B2B content syndication lead generation network, NetLine’s AudienceTarget™ technology drives prospect discovery, quality customer lead acquisition, and buyer engagement from real prospect intent as professionals consume content directly across the network. Superior quality, on demand access, and advanced campaign reports enable all clients to achieve lead generation success. Founded in 1994, NetLine is privately held and headquartered in Campbell, California.
For more information about TradePub.com navigate to this link.
How much junk mail will arrive at the “real” DarkCyber email address? Monitoring is underway. The DarkCyber researcher reported that within 10 minutes of registering, three email spam items were received by the “real” DarkCyber email address.
Since the marketing set up has been in operation for a quarter century, why haven’t trade publications and specialist publications outperformed their stakeholders’ expectations?
This is a good question which some study from home, soon to be MBA may want to answer. At least the approach is not chock full of search engine optimization goodness. That’s a plus.
DarkCyber was able to download the book. It is an 800 page tome, which is definitely going to become the research team’s night time read. One of the DarkCyber research crew observed, “This outfit should pay me to read this book.”
Unlikely, right?
PS. The “free” book? It contains zero information about inserting images and controlling their location in the document. Minor point? No, representative of the value of “free.”
Stephen E Arnold, October 22, 2020
Buzzwords and Baloney: Insecurity Signals? No Way. Do You Like My Hair?
October 22, 2020
People like to sound smart and impressive. The belief is if they appear smart and impressive they will rub shoulders with the best of the best. The Next Web says otherwise in the article: “Using Jargon To Sound Smart? Science Says You’re Just Insecure.”
Apparently people who use too much jargon-use are insecure. Relying on a specialized vocabulary momentarily inflates their ego. This long known truth was proven by the study “Compensatory Conspicuous Communication: Low Status Increases Jargon Use.” The study found that professionals low on the corporate ladder used more acronyms in their written communication and relied on jargon usage when interacting with higher ranks.
All industries have their jargon, but it is alienating to people outside the specific industry. It is even more alienating to others within the industry, because if they are unfamiliar with the term they will not admit it.
Does this mean people on every corporate ladder rung has insecurity? Yup.
Unfortunately you cannot beat jargon users so it is better to join the herd:
“As much as it’s annoying and superfluous, jargon is unlikely to go away. So you literally have two choices: you can embrace it or ignore it. I’m of the opinion that if you can’t beat them, you join them. How? By using a technology bullsh*t generator — yes, you’ve read that correctly. This tool won’t change your life but you’ll definitely have some fun.”
Another fun thing to do with jargon enthusiasts is make up words. It takes practice, but if you speak confidently enough you will soon be “proclaving” [sic] people. Cloudify too.
Whitney Grace, October 23, 2020
Amazon Rekognition: Helping Make Work Safer
October 22, 2020
DarkCyber noted Amazon’s blog post “Automatically Detecting Personal Protective Equipment on Persons in Images Using Amazon Rekognition.” Amazon discloses:
With Amazon Rekognition PPE detection, you can analyze images from your on-premises cameras at scale to automatically detect if people are wearing the required protective equipment, such as face covers (surgical masks, N95 masks, cloth masks), head covers (hard hats or helmets), and hand covers (surgical gloves, safety gloves, cloth gloves). Using these results, you can trigger timely alarms or notifications to remind people to wear PPE before or during their presence in a hazardous area to help improve or maintain everyone’s safety.
The examples in the Amazon write up make sense. However, applications in law enforcement and security are also possible. For instance, consider saying, “Hands up” to a person of interest:
The system can detect objects held by an individual. You can get more information in the blog post. Policeware and intelware vendors working with Amazon at this time may generate other use cases.
Stephen E Arnold, October 22, 2020