Interesting Dating App Not Publicly Loved by the EU
January 13, 2022
Anyone wishing to keep up with decisions regarding the EU’s General Data Protection Regulation (GDPR) can turn to the GDPRhub wiki. Unfortunately, articles posted there are not always the easiest to read, especially after being machine-translated from one language to another. We slogged through the tortured prose in Norway authority Datatilsynet’s article 20/02136-18 regarding a recent fine imposed upon Grindr. The introductory summary states:
“In January 2020, the Norwegian DPA received 3 complaints against Grindr from the Norwegian Consumer Council (NCC) in collaboration with noyb [European Center for Digital Rights] regarding the sharing of data between the Grindr app and advertising partners MoPub, Xandr, OpenX Software, Ad Colony and Smaato. The complaint was based on the report ‘out of control’ prepared by the company mnemonic, and commissioned by the NCC. The NCC’s inquiry showed that Grindr shared certain categories of personal data to several advertising partners, including advertising ID, IP address, GPS, location, gender, age, device information and app name. The data was shared through software development kits (SDKs).”
The rest of the post outlines the technical details about the case, including issues of jurisdiction, guideline violations, and assessment of the 65,000,000 NOK ($7,345,000) fine. The key issue is Grindr’s user agreement, which did not give users enough control over their personal data to meet GDPR requirements. See the article for an extensive discussion of that reasoning. Basically, it looks like Grindr just did what it wanted and assumed it could beg for forgiveness. It was sadly mistaken. Let this be a lesson to other companies looking to distribute their apps in Europe. Fines that Google, Facebook, and Amazon weather as a matter of course could break smaller outfits.
Cynthia Murrell, January 11, 2021
ShadowDragon Profiled by Esteemed Tech Expert Kim Komando
January 13, 2022
This is an interesting turn of events. Policeware vendor ShadowDragon has been profiled by computer guru-ette Kim Komando on her Tech Refresh podcast episode, “Software Tracking Everything You Do, New iPhone, Alexa on Wheels.” The video’s description reads:
“Have you heard of ShadowDragon? It collects data from 120 major sites going back a decade. Yes, 10 years of info about YOU. Plus, the iPhone 13 and iOS 15 are here, along with Amazon’s new smart home gear, including Astro, the Echo on wheels.”
Yes, we have heard of ShadowDragon. The security company mines data from more than 120 social-media websites, archives results for a decade, and shares the information with its law-enforcement clients around the world. ShadowDragon boasts its software can take an investigation down “from months to minutes.” The podcast starts discussing the company at timestamp 13:05, warning one would have to refrain from social media altogether to avoid its reach. The inclusion seems to support our prediction that reporters are becoming more aware of, and reporting more on, such specialized service vendors. This will make it harder for such firms to keep their generally preferred low profiles. Based in Cheyenne, Wyoming, ShadowDragon was founded in 2015.
For those curious, that podcast episode also discussed the newest iPhones, covered some weird news stories, and reviewed smart floodlights, among other wide-ranging topics. Their coverage of Amazon’s Astro home robot caught the attention of this Alexa-wary writer—apparently the device is so thirsty to identify folks with facial recognition it will (if left in “patrol” mode) follow guests around until it can identify them. It also, according to Motherboard, tracks everything owners do.
Cynthia Murrell, January 13, 2021
OSINT for Amateurs
January 13, 2022
Today I had a New Year chat with a person whom I met at specialized services conferences. I relayed to my friend the news that Robert David Steele, whom I knew since 1986, died in the autumn of 2021. Steele, a former US government professional, was described as one of the people who pushed open source intelligence down the bobsled run to broad use in government entities. Was he the “father of OSINT”? I don’t know, He and I talked via voice and email each week for more than 30 years. Our conversations explored the value of open source intelligence and how to obtain it.
After the call I read “How to Find Anyone on the Internet for Free.”
Wow, shallow. Steele would have had sharp words for the article.
The suggestions are just okay. Plus it is clear that a lack of awareness about OSINT exists.
My suggestion is that anyone writing about this subject spend some time learning about OSINT. There are books from professionals like Steele as well as my CyberOSINT: Next Generation Information Access. Also, attending a virtual conference about OSINT offered by those who have a background in intelligence would be useful. Finally, there are numerous resources available from intelligence gathering organizations. Some of these “lists” include a description of each site, service, or system mentioned.
For me and my team’s part, we are working to create 60 second videos which we will make available on Instagram-type services. Each short profile of an OSINT resource will appear under the banner “OSINT Radar.” These will be high value OSINT resources. Some of this information will also be presented in a new series of short articles and videos that Meg Coker, a former senior telecommunications executive, and I will create. Look for these in LinkedIn and other online channels.
Hopefully the information from OSINT Radar and the Coker-Arnold collaboration will provide useful data about OSINT resources which are useful and effective. Free and OSINT can go together, but the hard reality is that an increasing number of OSINT resources charge for the information on offer.
OSINT, unfortunately, is getting more difficult to obtain. Examples include China’s cut offs of technology information and the loss of shipping and train information from Ukraine. And there are more choke points; for example, Iran and North Korea. This means that OSINT is likely to require more effort than previously. The mix of machine and human work is changing. Consequently more informed and substantive information about OSINT will be required in 2022. The OSINT for amateurs approach is an outdated game.
Coker and Arnold are playing a new game.
Stephen E Arnold, January 13, 2022
Some Want YouTube to Check Facts: A Fantastical Idea
January 12, 2022
I wanted to look up a function for the DaVinci Resolve “scripting” feature. I spotted a YouTube video about the subject. The information in the video was incorrect. Is Google responsible for this factual misstep? Is DaVinci’s owner Black Magic going to rush to the editing room to create an accurate programming video? Will DaVinci users revolt, hold a protest, burn a pile of Black Magic video switchers? Nope.
“An Open Letter to YouTube’s CEO from the World’s Fact Checkers” states:
What we do not see is much effort by YouTube to implement policies that address the problem [Covid information]. On the contrary, YouTube is allowing its platform to be weaponized by unscrupulous actors to manipulate and exploit others, and to organize and fundraise themselves. Current measures are proving insufficient. That is why we urge you to take effective action against disinformation and misinformation, and to elaborate a roadmap of policy and product interventions to improve the information ecosystem – and to do so with the world’s independent, non-partisan fact-checking organizations.
Okay, facts about Covid. How are those “facts” about Covid weathering the often conflicting flow of data? Government officials and Covid experts descend into primary school playground arguments. I love the use of visual aids too. What about the factual errors in many videos on YouTube? Who exactly is able to identify an error and take or recommend a specific action?
This is a fantastical idea, and it is one that may lead to online discussions, legal kerfuffles, and some videos being removed.
The notion of free hosting and streaming of videos means that unless YouTube gates the uploads or starts charging for storage and streaming, the volume is likely to overwhelm the world’s fact checkers. My hunch is that there are more wanna be YouTube stars than fact checkers. Perhaps Google’s stellar under content diving machine will automate the process using close enough for horse shoes methods? Perhaps will just hire an editorial team and operate in the manner of the late and much needed traditional newspaper industry despite the taint of yellow journalism, advertorials, hobby horses, and reportorial bias.
Net net: Nice letter but after a meeting the missive will be handed over to Google legal and PR. YouTube shall accept and stream as usual.
Stephen E Arnold, January 12, 2022
The Use Case for Digital Currency
January 12, 2022
A question I have been asked by those in my law enforcement lectures is, “What’s digital currency good for?” This question is easy to answer, and I think the officers in my sessions know the answer. The question is designed to elicit my opinion as a student of intelware. The former world chess champion Gary Kasparov says that crypto means freedom. Why? Math protects you.
Okay, but the answer I give is, “Criminal activity.”
Sure, one can gild the lily and say that digital currency offers an alternative to traditional legal tender. Digital currency is a way to work around the traditional banking system. Digital currency is a way to automate many financial transactions via smart contracts.
The reality is that digital currency solves one big problem for bad actors: Keeping otherwise noticeable financial transactions less visible to government entities and financial institutions.
What’s the factual basis for my view?
Navigate to “Crypto Crime Trends for 2022: Illicit Transaction Activity Reaches All-Time High in Value, All-Time Low in Share of All Cryptocurrency Activity.” Here’s the relevant statement:
Cryptocurrency-based crime hit a new all-time high in 2021, with illicit addresses receiving $14 billion over the course of the year, up from $7.8 billion in 2020.
The write up adds:
Cryptocurrency usage is growing faster than ever before. Across all cryptocurrencies tracked by Chainalysis, total transaction volume grew to $15.8 trillion in 2021, up 567% from 2020’s totals. Given that roaring adoption, it’s no surprise that more cybercriminals are using cryptocurrency. But the fact that the increase was just 79% — nearly an order of magnitude lower than overall adoption — might be the biggest surprise of all.
The answer to the question, in my opinion, is, “Criminal activity.”
Stephen E Arnold, January 11, 2022
Amazon: A Decision Imposed and A Practice Challenged
January 12, 2022
Alexa.com, purportedly named for legendary bastion of knowledge the Library at Alexandria, has been a go-to tool for traffic-based web rankings, APIs, and other website information for 25 years. Now, however, Amazon is pulling the plug on the subsidiary. Bleeping Computer announces, “Amazon Is Shutting Down Web Ranking Site Alexa.com.” Perhaps Alexa the AI assistant wanted the name all to itself. New subscriptions have been halted, but existing subscribers will have access to Amazon data and SEO tools until May 1, 2022. Amazon APIs will be retired on December 8, 2022. Writer Mayank Parmar reports:
“In addition to the global website ranking system, Amazon’s Alexa.com also offers a full suite of SEO and competitor analysis tools with its paid subscriptions. In a new support document, Amazon says that it will be discontinuing the Alexa.com platform in May 2022 and no new monthly stats will be released going forward. ‘Twenty-five years ago, we founded Alexa Internet. After two decades of helping you find, reach, and convert your digital audience, we’ve made the difficult decision to retire Alexa.com on May 1, 2022. Thank you for making us your go-to resource for content research, competitive analysis, keyword research, and so much more,’ the company stated.”
Meanwhile, Reuters tells us good old Italy is trying to fight back against the Amazon behemoth in, “Italy Fines Amazon Record €1.3 Bln for Abuse of Market Dominance.” Reporters Elvira Pollina and Maria Pia Quaglia write:
“Italy’s watchdog said in a statement that Amazon had leveraged its dominant position in the Italian market for intermediation services on marketplaces to favor the adoption of its own logistics service – Fulfillment by Amazon (FBA) – by sellers active on Amazon.it. The authority said Amazon tied to the use of FBA access to a set of exclusive benefits, including the Prime label, that help increase visibility and boost sales on Amazon.it. … The antitrust authority also said it would impose corrective steps that will be subject to review by a monitoring trustee.”
This comes as the EU Commission is pursuing two of its own investigations into Amazon. One involves the use of sensitive data from independent retailers. The other considers whether the company elevated its own retail offers and those of sellers that use its logistics and delivery services over offers from other vendors. The €1.13 billion fine is one of the largest to be levied on a US tech company by a European entity, but will it be enough to give Amazon pause? Along with its compatriots/rivals Google and Facebook, the company has a history of shrugging off what seem to most like large fees and carrying on with business as usual.
Cynthia Murrell, January 12, 2022
The Fast Descent to Mediocrity Revealed
January 12, 2022
I read “Google’s Director of Engineering Hiring Test.” I love these inside looks at what Google thinks is important to the company’s success. I email several questions from the decades of GLAT to a Fancy Dan financial whiz. He was unable to make sense of any of the wonky questions. Since the whiz kid and Google are wallowing in financial oceans filled with molecules of money, I am not sure there is much value in certain types of smart filters.
Tucked into the questions and answers, however, is considerable insight into what the company thinks is funny like the GLAT or why a firm is accelerating its ski slope ride to meh. Here’s the statement that caught my attention:
Hiring people that know things that you don’t know helps more than hiring people who merely know what everybody knows.
My hunch is that the issues at Google — for instance, the new phone that doesn’t do phone stuff — is an example of making assumptions about what’s right. Apply this to super duper automated content indexing for machine learning training sets and what happens? Perhaps you get a variation of the phones that don’t do phone stuff? Smart software may end up learning what it already knows. Great for cost reduction but not so great for finding one’s way through a snow storm near Tahoe.
Stephen E Arnold, January 12, 2022
Search Quality: 2022 Style
January 11, 2022
I read the interesting “Is Google Search Deteriorating? Measuring Google’s Search Quality in 2022?” The approach is different from what was the approach used at the commercial database outfits for which I worked decades ago. We knew what our editorial policy was; that is, we could tell a person exactly what was indexed, how it was indexed, how classification codes were assigned, and what the field codes were for each item in our database. (A field code for those who have never encountered the term means an index term which disambiguates a computer terminal from an airport terminal.) When we tested a search engine — for example, a touch of the DataStar systems — we could determine the precision and recall of the result set. This was math, not an opinion. Yep, we had automatic indexing routines, but we relied primarily on human editors and subject matter experts with a consultant or two tossed in for good measure. (A tip of the Silent 700 paper feed to you, Betty Eddison.)
The cited article takes a different approach. It is mostly subjective. The results of the analysis is that Google is better than Bing. Here’s a key passage:
So Google does outperform Bing (the difference is statistically significant)…
Okay, statistics.
Several observations:
First, I am not sure either Bing’s search team or Google’s search team knows what is in the indexes at any point in time. I assume someone could look, but I know from first hand experience that the young wizards are not interested in the scope of an index. The interest is reducing the load or computational cost of indexing new content objects and updating certain content objects, discarding content domains which don’t pay for their computational costs, and similar MBA inspired engineering efficiencies. Nobody gets a bonus for knowing what’s indexed, when, why, and whether that index set is comprehensive. How deep does Google go unloved Web sites like the Railway Retirement Board?
Second, without time benchmarks and hard data about precision and recall, the subjective approach to evaluating search results misses the point of Bing and Google. These are systems which must generate revenue. Bing has been late to the party, but the Redmond security champs are giving ad sales the old college drop out try. (A tip of the hat to MSFT’s eternal freshman, Bill Gates, too.) The results which are relevant are the ones that by some algorithmic cartwheels burn through the ad inventory. Money, not understanding user queries, supporting Boolean logic, including date and time information about the content object and when it was last indexed, are irrelevant. In one meeting, I can honestly say no one knew what I was talking about when I mentioned “time” index points.
Third, there are useful search engines which should be used as yardsticks against which to measure the Google and the smaller pretender, Bing. Why not include Swisscows.ch or Yandex.ru or Baidu.com or any of the other seven or eight Web centric and no charge systems. I suppose one could toss in the Google killer Neeva and a handful of metasearch systems. Yep, that’s work. Set up standard queries. Capture results. Analyze those results. Calculate result overlap. Get subject matter experts to evaluate the results. Do the queries at different points in time for a period of three months or more, etc., etc. This is probably not going to happen.
Fourth, what has been filtered. Those stop word lists are fascinating and they make it very difficult to find certain information. With traditional libraries struggling for survival, where is that verifiable research process going to lead? Yep, ad centric, free search systems. It might be better to just guess at some answers.
Net net: Web search is not very good. It never has been. For fee databases are usually an afterthought if thought of at all. It is remarkable how many people pass themselves off as open source intelligence experts, expert online researchers, or digital natives able to find “anything” using their mobile phone.
Folks, most people are living in a cloud of unknowing. Search results shape understanding. A failure of search just means that users have zero chance to figure out if a result from a free Web query is much more than Madison Avenue, propaganda, crooked card dealing, or some other content injection goal.
That’s what one gets when the lowest cost methods to generate the highest ad revenue are conflated with information retrieval. But, hey, you can order a pizza easily.
Stephen E Arnold, January 11, 2022
TikTok: Redefines Regular TV
January 11, 2022
What do most people under the age of 30 want to watch? YouTube? Sure, particularly some folks in Eastern Europe for whom YouTube is a source of “real news” and tips for surviving winter in Siberia. (Tip: Go to Sochi.)
“TikTok videos Will Be Playing at Restaurants, Gyms, Airports Soon” reports:
TikTok partnered with Atmosphere to bring short-form videos to the background of your next gym session, restaurant meal, or airport visit. Startup Atmosphere streams news and entertainment to commercial locations such as restaurants, airports, hotels, doctors’ waiting rooms, and other venues. That content is sourced from a host of free, ad-supported networks, including YouTube, Red Bull TV, AFV TV, World Poker Tour, The Bob Ross Channel, and, now, TikTok—making its out-of-home video service debut.
The airport venue may not be A Number One with a Bullet today, but it has promise, particularly when paired with those surveillance centric smart TVs from some folks in South Korea and elsewhere.
My thought is that the short form video looks like the future of entertainment. Instead of smash cuts, the new programs will be structured like TikTok videos. The idea will be to create an impression with the individual videos providing the shaped or weaponized content.
Dystopia? Nah, just the normal progression of information when new tools, techniques, capabilities, and methods become available. In the case of TikTok, the addition of a China-linked approach adds spice. Perhaps it is time to think in terms of managing the content streams which are set to displace what Boomers and other old timers find reliable.
That requires understanding, will, and commitment. Those are qualities on display in many seats of government, aren’t they?
Stephen E Arnold, January 11, 2022
Google: Negative Externalities
January 11, 2022
I read “The Internet Is Rigged In Big Tech’s Favor.” Published in the capitalist tool, the article includes a wonderful phrase for anti-competitive, allegedly monopolistic behavior, and collusion with fellow travelers like Apple. Here’s the passage:
this isn’t to say that Google, Facebook and the rest of the major tech companies haven’t done a lot to improve the lot of a substantial portion of the human population, but their continued growth and evolution requires critical scrutiny and some sort of framework to reduce negative externalities.
The phrase at which I marvel is “negative externalities.” Yep, negative externalities. At least the capitalist tool strives to suggest that Google and a handful of other companies have had what some might call a negative impact on certain sectors of business and upon some individuals.
The write up states:
When it comes to Alphabet, Google’s holding company, at least they are better at pretending. CEO Pichai is great at explaining why the company’s focus is on improving user experience to the maximum that his algorithms and artificial intelligence allow it. Yet, behind the scenes the company’s top priority continues to be its bottom line.
Okay, say one thing, do another. This is new? Nope, what’s “innovative” is the Forbes is starting to critique the companies which have been among the most adept at manipulating capitalist tools: Market control, PR spin, and the principles of that outstanding pioneer JP Morgan.
Right on time with insightful criticism. Great euphemism too: Negative externalities. Yep, when the Internet to some is big tech, magic happens: Misdirection.
Stephen E Arnold, January 10, 2022
-
- Subscribe to Beyond Search
Feature archive
News archive
-
