Salesforce, Alibaba, and China: Is an Enterprise Superapp the Goal?

August 4, 2022

I read an announcement about a tie up among Salesforce, Alibaba, and whoever is over-seeing the high profile online outfit. “Salesforce Shutters Hong Kong Office, Leans on Alibaba in China” reports:

As a result of its tightened partnership with Alibaba, Salesforce is “optimizing our business structure to better serve the Greater China Region” and “opening new roles while eliminating some others,” the spokesperson said. The company’s career page shows it’s currently hiring a product management director and a senior software engineer in the southern Chinese city Guangzhou, where it placed its tech team.

The cited article points out:

Salesforce’s interest in China lies in serving international businesses localizing in China, but it can’t do it alone due to the country’s intricate regulatory restrictions.

What will Alibaba do?

Alibaba will be taking over the firm’s sales in mainland China and Hong Kong, while Taiwan will fall under the management of its Singapore office…

Several observations:

  1. Like Oracle, Salesforce is taking steps to make sure it is able to operate in some acceptable way in China
  2. The technology for these deals is probably sealed in a quantum secure container so that “partners” are unable to learn what’s in the black boxes. (Well, that’s the hope?)
  3. China faces some challenges, and it is possible that Alibaba’s overseers could make helpful suggestions which make this tie up less or completely unattractive.

What happens if Alibaba integrates Salesforce functionality into its apps and services? Will we have a commercial superapp purpose built for China and companies permitted to operate in the Middle Kingdom?

Net net: Nah, just “lean on” and lean in.

Stephen E Arnold, August 4, 2022

Forget Fragile: The Future of Tech Means Failure … Maple Leaf Own Goal

August 4, 2022

Canada presages the future. Syrup, uranium mines, tar sands, and Rogers — The backbone of Canada. Maybe I should not include Rogers in the list after reading “How a Coding Error Caused Rogers Outage That Left Millions Without Service.” I learned:

a coding error was introduced that triggered a cascade of events, resulting in a massive outage that left millions of Canadians without cellphone, internet or home phone service for at least a day. The shutdown of one of Canada’s dominant telecommunications networks created widespread chaos.

Now Rogers is not along with the own goal problem. I noted “Major Microsoft 365 Blackout Raises Tough Questions for Software Giant.” And lest we forget “Google, Oracle Cloud Servers Wilt in UK Heatwave, Take Down Websites.”

I know I have heard presentations in which really rich people have explained that chaos creates opportunities. These people should know. I was an advisor to an individual who had at one point more than $9 billion. (Alas, he has been removed from the hockey game of real life. Maybe a rest home near a lake? I have lost track of the wizard.)

Yep, chaos, disruption, problems that scream for solutions. An investment wonderland, but what about those who simply empty the trash in wonderland?

The future, it appears, rests with individuals who are responsible for a single keystroke. Put the == in the wrong place and one does not output user satisfaction. According to the Rogers’ story, one gets no emergency phone service, no WiFi (pronounced in some parts of Canada wee fee which I love), dead Interac debit machines, and – of course – no phones. (Teens with Rogers mobile services were apparently unhappy.)

And the promised fix?

This Sunday [July 24, 2022], in an open letter to customers, Rogers CEO Tony Staffieri vowed to invest more in testing, oversight and artificial intelligence to improve the reliability of the company’s networks. He put the price tag of the changes at around $10-billion over three years.

Yeah, smart software and oversight. By whom? GenXers and GenYers? Perhaps the tooth fairy?

Several observations:

  1. The cloud services like Rogers apparently believe their own marketing babble about fail over, redundancy, and uptime. Belief is, as the article makes clear, is not reality in the zippy world of big time telco clouds and services.
  2. The idea that the best, the brightest, and the smartest technical professionals work tirelessly to keep the service online earned an F as in Failure. No front row seat in the advanced class for these whiz kids.
  3. The customers who missed tornado warnings, a report about a dangerous person, or what to pick up from Canadian Tire en route to the the campground in Saskatchewan were in the communications dark.

Net net: Big companies forget the statement”

For want of a shoe, the horse was lost. For want of a horse, the rider was lost. For want of a rider, the battle was lost. For want of a battle, the kingdom was lost, And all for the want of a horseshoe nail.

The nail was a single error in a single line of code. Thus, the future: Chaos or opportunity. You choose. I am glad — thrilled, in fact — that I am old and will miss the future. Have fun!

Stephen E Arnold, August 4, 2022

FinFisher Videos: How Long Will These Be Available via YouTube?

August 4, 2022

If you are interested in intelware and similar specialized software, you may find the sequence of videos  available at this link interesting. The videos are a decade old, but the basic ideas expressed are applicable today. We spotted this content in Spy News via a Medium post. The visuals in the video compilation are — well — weird. Spy News says:

The videos are for: FinTraining, FinSpy, FinSpy Mobile, FinFly ISP, FinFly LAN, FinFly Web, FinIntrusion Kit (including FinTrack), FinFireWire, and FinUSB.

The jargon in the videos is entertainingly cyber-babble; for example, TrueCrypt container, FinFly, FinIntrusion, etc. An intrepid open source expert may be able to locate other Gamma Group/FinFisher information on the information superhighway. Keep in mind that the procedures in the decade old videos are similar to comparing an electric Ford 150 to a 2011 Ford Ranger.

But why “fin”? Think about sharks near a beach and a GenX or GenY person floating on a rubber raft. The fin is a sign to some that a finny friend is near and might grab lunch.

Stephen E Arnold, August 4, 2022

Surprise! Undisclosed Sponsorships Abound on TikTok

August 4, 2022

Would you consider this weaponized information or just Madison Avenue in the digital era? Vox reveals, “TikTok Is Full of Shady Secret Advertisements.” Regulations specify social media influencers must disclose if they are being paid to endorse or display a product, but many fail to do so. And with issues like privacy protection taking top priority, the FTC is hard pressed to stop them. Though the problem has existed across social media platforms for years, TikTok has taken it to a new level. Reporter Sara Morrison writes:

“It’s pervasive because it’s easy: With the internet and social media, there is a seemingly infinite supply of content to regulate and almost no transparency, which makes it exceedingly difficult for the agencies charged with enforcing the rules to know when they’re being broken. … But TikTok’s undisclosed ad problem seems to be particularly bad. The app is believed to be especially addictive, with users spending far more time on TikTok than on competitors’ apps. And everything is younger: the users, the creators, and the platform itself. TikTok is only now encountering some of the regulatory and legal growing pains its social media platform peers faced years ago. TikTok is also very popular with a desirable and elusive demographic: Gen Z. And brands know that influencers can be a great way to reach them.”

See the article for several examples and some of the factors making it difficult for regulators to curb such “sponcon.” Sponsors and influencers might be underestimating Gen Z, however, and this tactic may eventually backfire. Most of those born after 1997 have enough digital savvy to know when they are being sold to and resent attempts at trickery. Though it sounds like an oxymoron to older folks, members of this generation value authenticity in their virtual interactions. If TikTok continues to let sponsorship violations slide, it might just see its treasured target audience slip away.

Cynthia Murrell, August 4, 2022

Big Tech: Is Big Change Next to Impossible?

August 3, 2022

I read “The Disproportionate Influence of Early Tech Decisions.” The article adds some specificity to the notions of technical debt and why the Roman empire ended up with people wearing fur in the summer recycling stone from gigantic weird buildings jammed together. There are nifty quotes about the nature of things. (Lucretius and De Rerum Natura, right?)

The more recent article states:

… everybody knows that it’s hard to migrate a database or rewrite code in a new language, so this status quo wouldn’t be surprising anywhere you find it….What is more surprising is that it’s not only the big stuff that has a tendency to stay fixed. It’s the small and medium-sized elements as well.

I interpret these observations to the plight of the Silicon Valley type of big tech outfits. I believe that the observation applies to pinnacles of technological capability like the US air traffic control system and the Internal Revenue Service. If you have a backlog, just shred it. Effective. Simple. No big tech needed.

The article illustrates how expedient (maybe just bad?) initial decisions persist through time. There are examples of fixing and adding, but the persistence of initial conditions is a characteristic of some companies’ products and services.

The point which resonated with me was:

Simply this: software has inertia.

Bingo!

I noted these statements too:

quality is more of a sliding scale than it is a good or bad dichotomy, and I’d argue that many small companies optimize too much in favor of speed by trading away too much in terms of maintainability by shipping the first thing that was thrown at the wall. And this fails the other way too, where major believers in academic-level correctness agonize over details to such a degree that projects never ship, and sometimes never even start.

So what?

The people and time required to figure out how to implement meaningful technical change impose a significant cost. Cost translates into management’s need to kick the can down the road, change jobs, or ignore the mounting problems. Early decisions manifest themselves in systems whose problems cannot be addressed; management decisions which to an outsider appear to be downright wacky; and big companies struggling to escape their past.

I never “meta” a high tech outfit that I could not google or rely on a one day delivery that stretches to 10 days or more or an operating system unable to print a copy of this blog post.

Vulnerable? You bet.

Stephen E Arnold, August 3, 2022

Closing the COPPA Loophole

August 3, 2022

We need updated legislation to protect children from their own phones and tablets, according to the Washington Post, because “Your Kids’ Apps Are Spying on Them [paywall].” Reporter Geoffrey A. Fowler writes:

“Apps are spying on our kids at a scale that should shock you. More than two-thirds of the 1,000 most popular iPhone apps likely to be used by children collect and send their personal information out to the advertising industry, according to a major new study shared with me by fraud and compliance software company Pixalate. On Android, 79 percent of popular kids apps do the same. Angry Birds 2 snoops when kids use it. So do Candy Crush Saga and apps for coloring and doing math homework. They’re grabbing kids’ general locations and other identifying information and sending it to companies that can track their interests, predict what they might want to buy or even sell their information to others.”

The article elaborates on the problem with details from that Pixalate study and other research. It emphasizes:

“Children’s privacy deserves special attention because kids’ data can be misused in some uniquely harmful ways. Research suggests many children can’t distinguish ads from content, and tracking tech lets marketers micro-target young minds. This is why kids are at the center of one of America’s few privacy laws, the 1998 Children’s Online Privacy Protection Act, or COPPA. It said that companies aren’t supposed to gather personal information about kids under 13 without parental permission.”

So if COPPA prohibits this data grab, why is it happening? Because of the “actual knowledge” loophole. App makers must simply pretend they do not know children are using their software. Preschool-type games featuring cute cartoon animals? Grade 3 homework helpers? We are supposed to believe those are meant for ages 13 and up. To make matters worse, Apple’s and Google’s app stores make it difficult for parents to find apps that do comply with COPPA. Instead, due diligence means combing through each and every app’s obfuscatory privacy policies.

Fowler notes several ways tech companies could prohibit apps they sell from gathering data on children, if only they wanted to. Sadly, they are unlikely to put children over profits unless forced to by an updated COPPA. One has been proposed by Senator Ed Markey, one of original bill’s authors, and Representative Kathy Castor. Will this or a similar bill ever become law? Or have tech giants amassed so much power we cannot even protect our kids from data scroungers?

Cynthia Murrell,August 3, 2022

TikTok: Is Joe Rogan the Person to Blow the Whistle on Chinese Surveillance?

August 3, 2022

TikTok has been around since 2015 as A.me and Douyin. If you want to scrape below the shiny surface of the TikTok rags-to-riches story, there something called Musical.ly which surfaced in 2014. In 2018, the Musical.ly management team decided that selling to ByteDance was a super great idea. Then TikTok was created to entertain and log data. Few talk about the link to certain entities in the Chinese political structure. Even fewer think that short videos were bad. Sure, there were allegations of self harm, addiction, erosion of self worth, and students who preferred watching vids pumped at them by a magical algorithm. Nobody, including some Silicon Valley real news people with an inflated view of their intellectual capabilities said, “Yo, TikTok is a weaponized content delivery and surveillance system.” Nope. Just cute videos. What’s the problemo?

Who is now concerned about TikTok? The NSA? The CIA? The badge-and-gun entities in the US Federal government? Well, maybe. But the big voice is now a semi-real sports event announcer. “Joe Rogan Warns Americans about TikTok: China Knows Every … Thing You type.” Hey, Joe, don’t forget psychographic profiling to identify future insider operators, please.

The article reports:

Rogan listed the other data being collected by the popular platform. “‘User agent, mobile carrier, time zone settings, identifiers for advertising purpose, model of your device, the device system, network type, device IDs, your screen resolution and operating system, app and file names and types,’” he said. “So all your apps and all your file names, all the things you have filed away on your phone, they have access to that.” He continued: “‘File names and types, keystroke patterns or rhythms.’”

Hot intel, Mr. Rogan.

Where did this major news originate? From Mr. Rogan’s wellness infused research?

Nope. He read the terms of service.

The estimable newspaper pointed out:

… the tech news site Gizmodo reported that leaked internal documents from TikTok showed the extent to which the app sought to “downplay the China association.” The documents, labeled “TikTok Master Messaging” and “TikTok Key Messages,” detail the social media giant’s public relations strategy during a period of mounting scrutiny from regulators and lawmakers over its parent company ByteDance and its ties to the Chinese Community Party.

Gizmodo? Is this Silicon Valley type “real news” outlet emulating Cryptome.org?

According to the cited New York Post story:

TikTok has pledged to “publish insights about the covert influence operations we identify and remove from our platform globally to show how seriously we take attempts to mislead our community.”

That sounds good just like a cyber security firm’s PowerPoint deck. Talk, however, is not action.

Maybe Mr. Rogan can use his ring announcer voice to catch people’s attention? I am not sure some of the TikTok lovers will listen or believe what Mr. Rogan discovered in the super stealthy terms of service for TikTok.

That’s real open source intel. Put Mr. Rogan on a panel at the next OSINT conference, please. I mean TikTok has a 10 year history and it seems to be quite new to some folks.

Stephen E Arnold, August 3, 2022

Time Travel in the Datasphere: Lock In Is Here Again

August 3, 2022

“Lock in” was a phrase I associated with my university’s data processing and computer center in 1962. I was a 17 year old freshman, and I got a tour of the school’s state of the art IBM mainframes located in one of the buildings in the heart of the campus. Remember I went to a middling private college because I fooled some scholarship outfit into ponying up money to pay for tuition and books. That still amazes me 60 years later.

I do remember looking at the IBM machines lined up inside a room within a room. A counter separated the “user” from the machines. Another room held three keypunch machines. There was a desk with a sign in sheet and a sign that said, “Help wanted.” Hey, even then it was clear that money was to be had doing the computer thing.

The tour was uneventful. Big machines blinked and hummed. The person giving the tour did not want to explain anything to a small group of students who qualified to enter the digital sanctuary. No problem. I got it. If a person wanted to use a computer, one had to work in the computer center. It was infinitely better to work behind the counter, wear a white lab coat, and stuff the front pocket with pencils. I was in. I even wore a slide rule strapped to my belt like Roy Rogers with a math fetish. Quick log, Stephen was my moniker.

I learned very quickly that using computers was done the IBM way. Don’t bend, fold, spindle, or mutilate. Don’t push buttons on the keyboard unless you knew what that key press did. Don’t think about learning anything about any of the other computing devices. IBM was the way. Why? The funding for the computer center and much of the engineering department came from an outfit engaged in manufacturing equipment to produce big holes in the ground or eliminate pesky trees from the path of the Trans Amazon Highway. The company was an IBM outfit.

Ergo, lock in. My mind was locked into IBM. Even today if someone mentions an MIT LINC, I am quick to snort. Hey, big iron.

Well, lock in is back, and there are many Millennials, GenXers, and whatever other category marketers use to describe young people who don’t know about lock in. Navigate to “A Third of Businesses Feel Locked In to Major Cloud Providers.” The write up explains that lock in is here again:

new research from Civo shows that 34 percent of users feel locked into the services these major providers deliver, with 65 percent of these saying that data transfer costs are too expensive for them to move off their current cloud.

This is the goal of lock in. Switching costs are too high. A lousy economy provides an endless parade of people who think that those low entry fees for the cloud will persist. Then the lucky customers discover the joy of per unit transactional pricing. Now the deal is more expensive than other ways to access computers and software. But to kick the cloud habit, one has to do more than spend a month in rehab. One must reengineer, invest, plan, and be smart enough to actively manage complex systems.

Yep, lock in.

That 33 percent figure may be bogus. But one thing is absolutely certain. More companies will embrace the cloud and find them with me, back in the university’s computer center, learning that there is one way to do computers. What’s amusing is that lock in is here again. Too bad IBM was not able to become the big dog. But the IBM notion of lock in lives on. And for some today, it is a fresh and new as a Rivian truck. There is one difference. That 1962 computer set up was actually pretty reliable. Today’s cloud systems are a work in progress. Choose cloud providers wisely. Digital divorces, like real world divorces, can be messy, expensive, and damaging.

Stephen E Arnold, August 3, 2022

Accidental News: There Is a Google of the Dark Web.

August 2, 2022

Yesterday one of the research team was playing the YouTube version of TWIT which is Silicon Valley acronym speak for “This Week in Tech.” The program is hosted by a former TV personality and features “experts”. The experts discuss major news events. The August 1, 2022 (captured on July 31, 2022) has the title “The Barn Has Left the Horse — CHIPS Act, Earnings Week, FTC Sues Meta, Twitter Blue Price Hike.” The “experts” fielding questions and allegedly insightful observations by Mr. LaPorte can be viewed at this link. The “experts” on the “great panel” for this program included:

In the midst of recycled information and summaries of assorted viewpoints, there was what I thought was information warranting a bit more attention. You can watch and hear what Dan Patterson says at 2:22:30. A bit of context: Mr. Patterson announced that he is the Editorial Director at Cybersixgill, [supplemental links appear below my name at the foot of this blog post] a firm named after a shark and with, until now, a very low profile. I think the outfit is based in Tel Aviv and it, as I recall, provides what I call specialized software and services to government entities. A few other firms in this particular market space are NSO Group and Voyager Labs, among other. Rightly or wrongly, I think of Herliya as the nerve center for certain types of sophisticated intercept, surveillance, analytic, and stealth systems. Thus, “low profile” is necessary. Once the functionality of an NSO Group-type system becomes known, then the knock on effect is to put Candiru-type firms in the spotlight too. (Other fish swimming unseen in the digital ocean have inspired names like “FinFisher,” “Candiru,” and “Sixgill.”)

So what’s the big news? A CBS technology reported quitting is no big deal. A technology reporter who joins a commercial software and services firm is not a headline maker either.

This is, in my opinion, a pretty remarkable assertion, and I think it should be noted. Mr. Patterson was asked by Mr. LaPorte, “So CyberSixgill is a threat intelligence…” Mr. Patterson added some verbal filler with a thank you and some body movement. Then this…

CyberSixgill is like a Google for the Dark Web.

That’s an interesting comparison because outfits like Kagi and Neva emphasize how different they are from Google. Like Facebook, Google appears to on the path to becoming an icon for generating cash, wild and crazy decisions, and an emblem of distrust.

Mr. Patterson then said:

I don’t want to log roll…. I joined the threat detection company because their technology is really interesting. It really mines the Dark Web and provides a portal into it in ways that are really fascinating.

Several observations:

  1. Mr. Patterson’s simile caught my attention. (I suppose it is better than saying, “My employer is like an old school AT&T surveillance operation in 1941.”
  2. Mr. Patterson’s obvious discomfort when talking about CyberSixgill indicates that he has not yet crafted the “editorial message” for CyberSixgill.
  3. With the heightened scrutiny of firm’s with specialized software causing outfits like Citizens Lab in Toronto to vibrate with excitement and the Brennan Center somewhat gleefully making available Voyager Labs’s information, marketing a company like CyberSixgill may be a challenge. These specialized software companies have to be visible to government procurement officers but not too visible to other sectors.

Net net: For specialized software and services firms in Israel, Zurich, Tyson’s Corner, and elsewhere, NSO Group’s visibility puts specialized software and services company on the horns of a dilemma: Visible but not too visible. These companies cannot make PR and marketing missteps. Using the tag line from a “real” journalist’s lips like “a Google for the Dark Web” is to me news which Mr. LaPorte and the other members of the panel should have noticed. They did not. There you go: “Like a Google for the Dark Web”. That’s something of interest to me and perhaps a few other people.

Stephen E Arnold, August 2, 2022

Notes:

1 “Sixgill” is the blunt nose “six gill” shark, hexnchoid (Hexanchus griseus). It is big and also called the cow shark by fish aficionados. The shark itself can be eaten.

2 The company’s product is explained at https://www.cybersixgill.com/products/portal/. One “product” is a cloud service which delivers “exclusive access to closed underground sources with the most comprehensive, automated collection from the deep and dark Web. The investigative portal delivers the threat intel security teams need: Real time context and actionable alerts along with the ability to conduct cover investigations.” Mr. Patterson may want to include in his list of work tasks some rewriting of this passage. “Covert investigations,” “closed underground sources,” and “automated collection” attract some attention.

3 The company’s blog provides some interesting information to those interested in specific investigative procedures; for example, “Use Case Blog: Threat Monitoring & Hunting.” I noted the word “hunting.”

4 The company received a fresh injection of funding from CrowdStrike, Elron Ventures, OurCrowd, and Sonae. According to CyberGestion, the firm’s total funding as of May 2022 is about $55 million US.

5 The Dark Web, according to my research team, is getting smaller. Thus, what does “deep web”? The term is undefined on the cited CyberSixgill page. “Like Google” suggests more than 35 billion Web pages in its public index. Is this what CyberSixgill offers?

Wikipedia and Legal Decisions: What Do Paralegals Really Do for Information?

August 2, 2022

I read an interesting and, I think, important article about legal search and retrieval. The good news is that use of the go to resource is, so far, free. The bad news is that if one of the professional publishing outfits big wigs reads the cited article, an acquisition or special licensing deal may result. Hasta la vista, Wikipedia maybe?

Navigate to “How Wikipedia Influences Judicial Behavior.” The main idea of the article is that if a legal decision gets coverage in Wikipedia, that legal decision influences some future legal decisions. I interpret this as saying, “Lawyers want to reduce online legal research costs. Wikipedia is free. Therefore, junior lawyers and paralegals use free services like Wikipedia for their info-harvesting.

The write up states:

“To our knowledge, this is the first randomized field experiment that investigates the influence of legal sources on judicial behavior. And because randomized experiments are the gold standard for this type of research, we know the effect we are seeing is causation, not just correlation,” says MIT researcher Neil Thompson, the lead author of the research. “The fact that we wrote up all these cases, but the only ones that ended up on Wikipedia were those that won the proverbial “coin flip,” allows us to show that Wikipedia is influencing both what judges cite and how they write up their decisions. Our results also highlight an important public policy issue. With a source that is as widely used as Wikipedia, we want to make sure we are building institutions to ensure that the information is of the highest quality. The finding that judges or their staffs are using Wikipedia is a much bigger worry if the information they find there isn’t reliable.”

Now what happens if misinformation is injected into certain legal write ups available via Wikipedia?

The answer is, “Why that can’t happen.”

Of course not.

That’s exactly why this article providing some data and an interesting insight. Now is the study reproducible, in line with Stats 101, and produced in an objective manner? I have no idea.

Stephen E Arnold, August 2, 2022

« Previous PageNext Page »

  • Archives

  • Recent Posts

  • Meta