Amazonia for August 19, 2019

August 19, 2019

Editorial note: Amazonia will not appear in September and October 2019. Due to international travel and conference commitments, it will be able to post this summary each week. If significant Amazon news surfaces and we have access to our publishing system, we will put the item in the daily DarkCyber posts. (The posts between September 10 and September 21, 2019, will be published automatically. Internet access in some of the areas from which the team will be operating may not be available.)

News about Amazon continues to trend toward the happy face side of the spectrum. The flood of “new” and “improved” announcements from the Bezos bulldozer have slowed. With record heat indices, perhaps the giant orange behemoth has overheated and cooling off in a large Amazon warehouse filled with happy, happy Tweeters?

Management, Employees, Immigration, and Religion: A Volatile Mix

DarkCyber noted “Jews Protesting Amazon’s Business with ICE Arrested.” This passage captured the basics of the report:

40 Jews were arrested in New York Protesting Amazon. A protest of Amazon’s work with Immigration and Customs Enforcement (ICE) saw forty Jews arrested in New York City. Close to 700 people were pulled out in the previous week in the agency’s largest-ever raid. The activists rallied together to bring attention to Amazon’s cloud contracts with Palantir Technologies and ICE. Palantir Technologies gives ICE data which they make use of in enforcement actions as well as immigration raids.

The write up included this allegedly accurate factoid:

The protesters weren’t alone. They were joined by 50 other demonstrations which happened across the United States to highlight Tisha b’Av. Tisha b’Av is a Jewish day of mourning and was observed by Jews in the United States to oppose the immigration policy of the United States. The protests took place in many cities such as Washington D.C., Chicago, and Los Angeles.

If true, Amazon faces another staff management challenge. The mixture of religion and law enforcement is complex. DarkCyber will monitor the push back Amazon may be experiencing.

Happy Tweeters

The source of this “real news” is Bellingcat, an online “real news” outfit. We noted this story: “Amazon’s Online Bezos Brigade Unleashed on Twitter.” The thrust of the story is interesting because it reminded DarkCyber of methods employed by those who seek to manipulate the “augmenting” functions of certain social media channels.

The write up asserted:

Last year, Amazon rolled out a program where employees at these fulfillment centers (warehouses) are able to also work as brand ambassadors to describe their experiences working at Amazon. A number of media outlets reported on this new program last year after the first wave of Ambassadors sent out bizarre tweets promoting Amazon’s workplace conditions.

The acronym FC refers to an Amazon fulfillment center or warehouses. There have been allegations about the work environment in these facilities.

DarkCyber finds the report intriguing. If Amazon is manipulating some content streams, would other tech giants use similar tactics? What if search results on Bing, Google, or Yandex were shaped? What if Facebook were tweaking what content appears, where it appears, and when it appears?

DarkCyber has no answer to these questions. But the Amazon operation runs on efficiency and disintermediation, not raw innovation and invention. Therefore, it is possible that the fat bull’s eye of social media content streams may have caught an Amazon whiz kid’s attention.

There’s another approach to the topic in “There’s Something Fishy about Amazon’s FC Ambassadors.”

Amazon Capital One: No Problems

Cyberscoop reported that Amazon found no significant issues at other companies allegedly breached by Paige Thompson. The write up reports that Amazon said:

“As Capital One outlined in their public announcement, the attack occurred due to a misconfiguration error at the application layer of a firewall installed by Capital One, exacerbated by permissions set by Capital One that were likely broader than intended,” Stephen Schmidt, the chief information security officer for AWS, said in an Aug. 13 response to Wyden.

Paige Thompson once worked at Amazon. Amazon will be more proactive going forward. Amazon will “do more to ensure its anomaly detection services “more broadly adopted and accessible in every geographic region.” Otherwise, no problems.

Amazon Uses Old School Leveraging Methods: Vendors’ Choice

Amazon’s alleged vendor management tactics were the subject of “Amazon Offered Vendors ‘Amazon’s Choice’ Labels in Return for Ad Spending and Lower Prices.” The main point of the write up seems to be:

Amazon’s Choice label, which is a mark that denotes that an item is recommended, gives certain products and items higher and more obvious placement in search results. While it’s unclear how exactly the mark is earned, it’s been accepted that it’s generally a mix of product listing and specifications, price and reviews, operated by Amazon’s algorithms. But sources say that Amazon actually offered sellers the chance to bid on the mark back in 2017.

DarkCyber interprets this statement as the long way around a very small barn. The idea may be to use leverage to herd some products shepherds to a Bezos controlled happy valley. There are other terms which might be used to describe this approach. We prefer “leverage” to “strong arm” or “coercion.” If you are curious, the novel “Sophie’s Choice” is available for the Kindle for about $9, or you could buy it in hardcover for a low as $1.50. Look for the small blue price. Your choice.

Amazon: Price Controls for Some Sellers?

Modern Retail published “A Slippery Slope: Amazon Wants to Control Third Party Sellers Product Pricing.” The idea is that sellers in its third party marketplace submits a product to Amazon. Amazon’s smart software prices the product. The article states:

According to Amazon, SBA doesn’t cost anything additional to FBA, which charges sellers a fee to store and ship items from Amazon’s warehouses with Prime Shipping. With SBA, Amazon also exerts control over the product’s sale price, by dynamically pricing products to make sure Amazon’s prices are lowest.

Modern Retail notes:

But sellers should be wary when forfeiting control over any aspect of their business — and particularly pricing — to Amazon.

Slippery slope for whom? Amazon or its partners in the third party special category? The article sidesteps many questions. Hopefully investigators will be more persistent if Amazon’s use of its market position in an improper way becomes a matter of interest.

Amazon and Modern Marketing: Cheap Gasoline

Cops Put a Stop to Amazon’s 30 Cent “Mrs. Maisel Gas Promo” reports that the lure of cheap fuel was indeed a marketing magnet. To promote an Amazon film, Amazon hit upon the idea of using an idea from the 1950s. DarkCyber learned:

Santa Monica police made Amazon suspend a one-day Marvelous Mrs. Maisel promotion that charged people 30 cents for gas at a station to reflect prices in 1959 (when the show is set) due to sheer demand. Apparently, the traffic snarls from lined up cars were so severe that law enforcement had no choice but to shut it down.

Any publicity is good publicity, particularly in the Los Angeles area.

The Lure of India

Amazon Nears Deal for Up to 10% of India’s Second-Largest Retailer” explains that India is important to the Bezos bulldozer. The write up asserts: Inc. is in late-stage talks to acquire as much as 10% of India’s Future Retail Ltd., people familiar with the negotiations said, as the U.S. company moves to bolster its brick-and-mortar presence in one of the world’s fastest-growing retail markets.

This is not a surprise. Amazon will follow the data to nation states where its approach to efficiency is likely to be welcomed. That’s the assumption.

Amazon Does Do Emotion. Not Its. Yours.

Amazon’s policeware capabilities continue to mature. The facial recognition subsystem has added emotion recognition to its capabilities. “AWS Adds Fear to Facial Recognition Repertoire, Draws Immediate Fire.” DarkCyber does not want to speculate about the use case for fear recognition. The write up is fearless and reports:

The public cloud behemoth has also improved accuracy for emotion detection of the other seven emotions it recognizes. These are “happy”, “sad”, “angry”, “surprised”, “disgusted”, “calm”, and “confused. It has also improved age range estimation accuracy.

DarkCyber anticipates more public announcements about the features and functionality of the SageMaker linked facial recognition subsystem; for example, how could age recognition integrate with surveillance of bars and dance clubs?

Amazon Donates Returns

Amazon Will Now Donate Unsold Merchandize by Default Instead of Trashing It” explains that “will donate unwanted products from third-party Marketplace sellers instead of sending them to the garbage dump.” The new program is Fulfilled by Amazon Donations. The write up included this statement:

The goal is to reduce waste and to allow sellers a more environmental friendly and cheaper way to get rid of unsold inventory. Prior to the new program, Amazon charged 35 cents less, or just 15 cents per unit, to dispose of a product rather than donate it.

The article did not comment on the tax upside or downside of the donation program. DarkCyber thinks this may be of interest to some Amazon observers.

Amazon and Publishing: Is a Takeover Underway?

The Amazon Publishing Juggernaut” explains that Amazon may take over traditional publishing. The idea is not a new one. Here’s a summary of where Amazon is in the once chummy world of publishing:

As Amazon Studios does with movies, Amazon Publishing feeds the content pipelines created by the tech giant’s online storefront and Amazon Prime membership program. At its most extreme, Amazon Publishing is a triumph of vertical engineering: If a reader buys one of its titles on a Kindle, Amazon receives a cut both as publisher and as bookseller—not to mention whatever markup it made on the device in the first place, as well as the amortized value of having created more content to draw people into its various book-subscription offerings. (One literary agent summed it up succinctly to The Wall Street Journal in January: “They aren’t gaming the system. They own the system.”)

The idea that Amazon would take over “publishing” is interesting, but once the hot properties are skimmed, what’s left in what has been for many firms a low margin business reduced to begging for dollars, pay walls, and ads which obscure the “real news”?

Amazon Police Interaction: Ring, Ring

Ring Rewarded Users for Reporting Suspicious Activities” provides more allegedly accurate information about Amazon’s burgeoning policeware business. The article states that Amazon

encouraged users to form Watch teams and to post videos on social media to receive promo codes for future devices. It also promised free swag to anyone who recruits 10 new users and to those who blog about Ring “in a positive way,” as well as 50 percent discounts on Ring products to those who can solve a crime with the help of local cops.

More information may be available at this link. Note: Content may be removed and/or a paywall may be in place. DarkCyber does not update links to keep pace with the fluid, uncertain world of free content from “real news” source.

Amazon and Blockchain

DarkCyber noted FXStreet’s article “Amazon Web Services (AWS) CloudFormation Will Be Integrated with the Firm’s Managed Blockchain.” Amazon has indicated that some of its services can perform deanonymization. The article does not address that interesting facet of Amazon’s blockchain activities. Instead the write up focuses on the fact that:

AWS, the firm’s cloud computing division, is going to be supporting Amazon’s blockchain in the management and structuring of all its interconnected networks and member nodes.

Important? Yep.

AWS Fargate Close Analysis

Curious about AWS Fargate? If so, you will want to read “How Far Out Is Fargate?

The key phrase in the write up is “clusterless container orchestration,” which strikes DarkCyber as a useful way to think of this feature/service/function.

Amazon describes Fargate this way:

AWS Fargate is a compute engine for Amazon ECS that allows you to run containers without having to manage servers or clusters. With AWS Fargate, you no longer have to provision, configure, and scale clusters of virtual machines to run containers. This removes the need to choose server types, decide when to scale your clusters, or optimize cluster packing. AWS Fargate removes the need for you to interact with or think about servers or clusters. Fargate lets you focus on designing and building your applications instead of managing the infrastructure that runs them.

The article contains a brief comparison of Fargate and Kubernetes and Fargate and Lambda. Good write up.

A related story is “Basecamp’s Cofounder Explains Why It Ditched Google Cloud for Amazon this summer. Note: you will have to pay to read this rah rah article about Amazon. In a nutshell, risk. Amazon is not cheaper and it is not without its own risks. But Basecamp is willing to deal with more complexity. Logical? The argument did not stop one DarkCyber researcher from asking, “Did Amazon cut this outfit a sweetheart deal to get a PR type article published?” We don’t know, but it seems plausible.


Amazon’s third party business relationships continue to bloom despite the blistering heat in the Lower 48. Here’s a selection of outfits involved with Amazon. Many of these sport extremely creative names:

AutoGrid. The company offers flexibility management software for the energy industry. The company now collaborates with Amazon Web Services (AWS) to bring artificial intelligence-powered distributed energy management to its energy-industry customers. Source: Yahoo

Center for Internet Security. Amazon has a security partner. Apparently Amazon is eager to do more security in the wake of some interesting developments. This particular service is call ATO on AWS. Does anyone remember the Capital One breach? Well, there may be 29 others after the handiwork of a former AWS professional. Source: MarketWatch

CloudHesive. CloudHesive has achieved Premier Consulting Partner status in the Amazon Web Services (AWS) Partner Network (APN). Source: Yahoo

Elastic. Remember the idea that Amazon would bulldoze Elasticsearch. Now Elastic is offering Elasticsearch on AWS in London. Source: Yahoo

Globe and Mail. The publishing company has adopted Amazon’s SageMaker and related service to promote its content. Source: SiliconAngle

Kickdynamic. This company will use TigerGraph on Amazon Web Services (AWS) Cloud to deliver hyper personalized marketing. Does this meaning user tracking? Maybe, and it means that TigerGraph is an Amazon customer. Source: MarketWatch

Rapid7. The company has increased its involvement with Amazon AWS. The company’s growth has come from products, many of which run on AWS. The firm’s consulting revenues declined. Source: Seeking Alpha

Stephen E Arnold, August 19, 2019

Amazonia for August 12, 2019

August 12, 2019

The crushed shrubs and small trees indicate that the Bezos bulldozer rolled through the digital landscape last week. Let’s look at some of the maneuvers the massive crawlers executed.

Amazon Facial Recognition Accuracy

One of the more important reports which appeared last week was “Which Company Does the Best Job at Image Recognition? Microsoft, Amazon, Google, or IBM?” The story, according to one DarkCyber researcher, seemed to be a public relations play. Keep that in mind because the data in the write up are provided without meeting DarkCyber’s factuality scratch test. A sample size of 500 images is unlikely to represent image type (full profile, side view, close up, distance, etc.), different nationalities, lighting conditions, image resolution, and other variables necessary to have confidence in a facial recognition analysis.

The analysis considered four recognition systems: Amazon Rekognition, Google Vision, IBM Watson, and Microsoft Azure (the current name but that can change at any time).

The loser was IBM Watson. DarkCyber found that amusing. Of the three in the race, the winner was — wait for it — Google Vision. Amazon came in second with 77.7 percent “accuracy.” The Orlando Police Department is unlikely to reverse their decision about the Rekognition system. The department appears to have waved goodbye to Rekognition. Microsoft came in “second.”

Here’s the scorecard for the super scientific analysis:


One minor point: The context of studies is important. Sample size and other aspects of “context” make a difference. But IBM Watson?

Reseller Agreement Scrutiny

The US government put its pedal to the metal regarding the dominant positions of some high flying US companies. One of these is Amazon./ According to the Verge (which presents the best podcast in the galaxy), Amazon’s reseller deal with Apple is in the spotlight. The Verge reported:

The deal was first announced last fall, ostensibly as a way for Apple to sell on Amazon in an official capacity and cut down on counterfeit or misleadingly marketed products. However, it had the effect of kicking off hundreds of legitimate sellers that were offering low-cost and refurbished Apple products that were no longer for sale by the company itself.

DarkCyber believes that Amazon and Apple may find themselves making more trips to Washington, DC, in the coming months. The investigation comes at a delicate time in the JEDI procurement process. Amazon might lose out to Microsoft, which has some experience in the antitrust arena.

Arrogance and thinking a company is bigger than a government might prove to be an issue. “Senator Wyden Wants Answers from Amazon on Capital One Hack” wants to understand Amazon AWS’s role (or lack of it) in the Capital One data breach. DarkCyber wonders how long Amazon can “just provide a utility service”, leaving the licensees to figure out how to configure, manage, and secure what is the very complex Amazon Web Services “platform.” A wrong answer might have an impact on the $10 billion JEDI contract award. Will Amazon’s “feet on the street” be called on to testify? DarkCyber hopes so.

Amazon and Blockchain

Coverage of Amazon’s digital currency initiatives has been sparse. In our lectures about Amazon’s policeware, the idea of deanonymizing transactions does not compute. Amazon sells eBooks and T shirts, right? DarkCyber noted this story: “Amazon Hints at Putting Advertising Data on a New Blockchain.” The write up states:

The online retailer is looking for a senior software engineer to work in its “Advertising FinTech team focused on a blockchain ledger,” the job listing reads.

DarkCyber finds this interesting. Is there a connection among Amazon’s Ethereum efforts, policeware, and a financial blockchain? Of course not. Amazon sells can openers and customer surveillance devices. No connections.

AWS As an Attack Platform

DarkCyber noted “Phishing Attacks Enlist Amazon AWS, Microsoft Azure in Ploys.” The write up stated:

Recent phishing campaigns have been spotted boosting their anti-detection efforts by using Amazon Web Services to host their landing pages. It’s a sign of a nascent trend towards using public cloud storage, according to researchers.

The cyber security firm Proofpoint may have been the first company to go public with this information.

DarkCyber finds this interesting and “old news.” More information about bad actors’ possible leveraging of the sprawling AWS platform is presented in our for fee lecture “Amazon’s Policeware Platform.”

If this open source write up is accurate, there may be more information released in the near future by “real news” organizations.

AWS and Azure: Alleged Hosts for Ploys

A “ploy” is a nice way of saying malware, scams, and other interesting cyber applications. “Phishing Attacks Enlist Amazon AWS, Microsoft Azure in Ploys” amplifies the Proofpoint message.

Does Amazon Think Some People Are Stupid?

I read “AWS VP: Old Fashioned Resellers Didn’t Truly Understand Cloud.” I am not sure if the person writing this headline paid attention to his or her fourth grade teacher. One of the DarkCyber research team knew a person whose report card conveyed this hand written message to the child’s parents:

Your child did not understand the concept of exploration and Columbus’ discovery of America.

The write up reports that either the AWS executive or the author of the article is a trifle undiplomatic or politically insensitive.

I noted this passage:

“A lot of the old-fashioned resellers didn’t truly understand cloud,” McCann [an Amazon executive] told CRN in a sit-down last week at the Amazon Spheres, on the technology giant’s headquarters campus in Seattle. “Right now…they’re all learning cloud at high speed.” McCann has been overseeing AWS Marketplace, AWS’ digital catalog of software offerings from some 1,400 independent software vendors (ISVs), since late 2014.

The resellers — at least some of the bright ones — are getting on the Bezos bulldozer.


“Stay abreast,” enjoins Dave McCann, VP of AWS Market Place. DarkCyber is not sure it can measure up to the lofty standards of a company engaged in such delightful and engaging suggestions.

Plus, the write up reports that the “channel” wants services on the AWS Marketplace. Plus people want to sell software on AWS. And Amazon’s consulting partner business is performing. Amazon is poised to roll out a consulting and services business too. Will Amazon go after the ethically challenged blue-chip and mid-tier consulting firms? Perhaps there is a GLG play in the wings too.

The write up ends with another, almost parental warning:

Channel partners trying to stay abreast of new cloud computing technologies should be boning up on machine learning, the internet of things, containers and serverless, according to McCann.

Well, get with the program and try harder. Ah, the promise of an Amazon echoing with the growl of the Bezos bulldozer drivers.

Is there a detention hall if someone does not “stay abreast”?

Amazon and Child Labor

There many ways to become rich. One of them is to seek out low cost labor. Has Amazon followed this path? DarkCyber does not know. IBI Times published “Amazon to Investigate Child Labour Claims Against China Supplier.” Yep, China. I thought there were some tensions between the US and China. It will be interesting to see how an investigation moves along within the interesting Chinese judicial system. The write up asserts:

Tech giant Amazon will investigate its Chinese supplier Foxconn after reports suggested that it resorted to child labor by hiring schoolchildren and forced them into night shifts and overtime work to meet production targets. The school children were inducted in production lines that were making Amazon Alexa devices including smart speakers. The teenagers worked at overtime and night shifts to attain production quotas for Amazon’s Echo, Echo Dot, and Kindle products.

If Foxconn hired kids to build Amazon gizmos, will Amazon be responsible? Probably not. Think in terms of security and AWS responsibility for a licensee’s technical ineptitude.

Moving production is an option, but won’t the same issue arise in other countries where “low cost” labor supports the US consumer thirst for disposable and frequently outmoded gadgets.

DarkCyber has a question, which is probably not important. It is: Will an Amazon investigation work in the manner of the Boeing safety review?

Worth monitoring.

Ah, the Baltics

Amazon may be heading to the Baltic states. “Report: Amazon Mulls Baltic State AWS Expansion” states:

Amazon has registered subsidiaries in Latvia and Estonia called Amazon Data Services Latvia and ADS Estonia, respectively, suggesting that it could be planning a dedicated cloud region for the Baltic states. While Amazon Web Services regions are spread across the world, the current closest facility to the Baltic states are AWS data centers in Stockholm, Sweden.

Latvia and Estonia are close to Russia. What if Russian companies operating via fronts sign up to do business with AWS? What if the interesting Estonian Russian community leverages the AWS infrastructure for selling gold and providing other services to a third party?

Like the US government, perhaps some of the government agencies in Russia would find ways to leverage Amazon AWS resources. An office in Tallinn’s old town might make it easier to interact with some of the more entrepreneurial Russians who live in the city.

TechRepublic provides some possibly accurate information in “Russian Phishing Campaign Using AWS to Host Landing Pages Designed to Avoid Detection.”

Amazon Earnings: Good or Bad?

DarkCyber does not provide financial or investment advice. We did note the Investor Place write up “This Earnings Disappointment Is Another Chance to Buy Amazon Stock.” The key word is “disappointment.” The write up states as “real news”:

Despite 20% growth in sales year-over-year, earnings failed to meet consensus. While operating income was within guidance, the company missed consensus earnings per share of $5.54 by $0.32. Despite this short-term stumble, Inc. continues to be a cash-generating machine.

Those money people can find a way to turn lemonade into lemons. But there was a ray of sunshine peaking through the dark, threatening clouds:

The company’s operating cash flow for the trailing twelve months is up 65% from the prior year. Long-term, Amazon has the dry powder to fund their continued domination of e-commerce (and beyond).

And how did the “disappointment” affect the bulldozer’s chief driver? Check out the “Cashing In” item below. That may provide some — as the Wall Street whiz kids say — color.

Cashing In

We noted a couple of news items about Jeff Bezos’ selling some stock. For pocket money or to pay PR firms to scatter sparklies around those yacht stories. According to My Broadband, published in South Africa, Mr. Bezos sold shares in Amazon worth $2 billion. Other reports peg the dollar return as higher, but $2 billion is a comfortable number. DarkCyber has that amount tucked in a small piggy bank in the Bank of Harrod’s Creek.

We Won’t Listen… We Promise

Information about how the Amazon appliances pay attention and perform some background operations is getting more coverage in the “real news” media. The unbiased MSPowerUser reported that Amazon allows a customer with an Amazon listening and watching and talking device to opt out of voice recordings and the ultra trustworthy human review process. The write up states:

Amazon has been the first to act definitely by allowing users to opt-out of the review process.

We like “the first.” Amazon is a leader.

Non Competes Make News

Amazon seems to have a keen desire to prevent people from getting a job once an individual goes to work for another company. DarkCyber read “Amazon Sues Former AWS Exec for Joining Rival Google Division As Cloud Wars Escalate.” The main idea is that if a person works for a rival, that individual will, knowingly or unknowingly, reveal secrets. Maybe for a Snowden type. Maybe not for a person with a functional ethical compass. Wait. What’s that word? Ethical. I know. A word destined for the lumber room.

DarkCyber noted this statement:

Seattle has become the battleground in the cloud wars as Amazon’s longtime home, with Microsoft just across Lake Washington in Redmond. Google Cloud is moving into a massive campus down the street from Amazon and the two rivals are not off to a very neighborly start. That’s because competition for cloud workers is fierce and the two companies are now wading in the same shallow talent pool.

DarkCyber thinks that this will be a messy legal battle. When elephants fight, the employees get trampled in our experience.

In an increasingly specialized and rarified discipline like cloud computing, will it be possible for a person never to work again.

Just like old school and probably some new school Hollywood producers allegedly scream at a wandering star: “You will never work in this town again!”

Okay, SNAP benefits and sleeping rough seem to be the goal.

Amazon and Data Lake Formation

Venture Beat published “Amazon Announces General Availability of AWS Lake Formation.” The write up reports:

Amazon … announced general availability of AWS Lake Formation, a fully managed service that facilitates the building, securing, and management of data lakes.

The idea is to perform a sequence of tasks (workflow) to federate content and metadata. Once federated, many functions become possible. The automation of content federation is important to many organizations; for example, the CIA, DHS, and GHCQ. What other companies offer similar automation and ancillary services? Maybe Oracle? Who provides database technology to DHS? DarkCyber does not really know. Maybe Oracle? Maybe Voyager Analytics? We will have to wait for a “real news” outfit to answer this question for us, won’t we?

The Elastic Fabric Adaptor

With a data lake and a fabric adaptor, the AWS offerings are starting to evoke the language of Samuel Taylor Coleridge, the Kubla Khan guy. I read “Scale HPC Workloads with Elastic Fabric Adapter and AWS Parallel Cluster.” This statement was reasonably understandable:

EFA is a network interface for Amazon EC2 instances that enables you to run HPC applications requiring high levels of inter-instance communications (such as computational fluid dynamics, weather modeling, and reservoir simulation) at scale on AWS. It uses an industry-standard operating system bypass technique, with a new custom Scalable Reliable Datagram (SRD) Protocol to enhance the performance of inter-instance communications, which is critical to scaling HPC applications. AWS ParallelCluster takes care of the undifferentiated heavy lifting involved in setting up an HPC cluster with EFA enabled.

The write up provides some step by step instructions for those who did not “bone up” on the wonders of the Byzantine AWS service array. There may be a test on the contents of ~/.parallelcluster/config file.

Amazon Channels IBM Watson Marketing

DarkCyber does not want to make too much of this “me too” approach to sales and marketing. But we noted “Amazon’s AWS Will Help Health Researchers Diagnose Patients and Monitor Disease.” The write up explains:

The company’s Amazon Web Services arm is lending its machine learning technology to the Pittsburgh Health Data Alliance to assist in the development of new technologies around diagnosing patients and monitoring disease.

The write up does mention some of Amazon’s other health initiatives; for example:

Amazon has been increasingly pushing its way into public health, most notably with the formation of Haven, a consortium between itself, JPMorgan, and Berkshire Hathaway to experiment with healthcare systems. Last year, Amazon bought mail-order pharmacy PillPack for $753 million, and this year it made Alexa HIPAA compliant, giving it the ability to transmit patient healthcare data.

What’s not covered is the utility of these data to other Amazon business initiatives. On one hand, that’s typical of “real news.” On the other, the failure to connect the dots with regard to medical fraud is indicative of the lack of understanding some have about the Amazon trajectory.

Partners, Resellers, and Consultants

It may be summertime, but the living is not easy for hard working Amazon centric initiatives. Here’s a selection of announcements in the last week:

CloudHesive is now a premier consulting partner in the Amazon Services Partner Network. Source: Yahoo

GigaSpaces has moved its big data analytics processing platform to Amazon. DarkCyber likes the name: InsightEdge.  Source: Yahoo

Amazon Twitch: Curation, Manipulation, or Exploitation Issues?

August 12, 2019

One of the DarkCyber research team plays games. The rest of the group try to ignore the revolution. Someone at Engadget is into games. We determined this by reading “Ninja Calls Out Twitch after His Dormant Channel Highlights Porn.” “Ninja” is an Internet star who plays games. Ninja had a channel or stream on Amazon Twitch. Ninja left Amazon Twitch for Microsoft’s game streaming service. (No, DarkCyber did not know MSFT was into online games, but obviously with a big star like Ninja, MSFT is more than the red ring of death game console.)

The story is a vector for Ninja’s allegations that Amazon Twitch did a bad game player thing. Ninja’s channel — no longer used by Ninja — became a promotional vehicle for other Twitch gamers. The horror apparently was Hollywood all the way. Plus Amazon Twitch’s quite interesting moderation system allowed Ninja’s dormant channel to be to be used by other Twitchers to stream porn. This is bad, it seems, because the Twitch users wanted to watch Ninja play games, not watch actual humanoid interactions.

The write up points out:

We’ve asked Twitch for comment. Whatever its response, this isn’t a great look for the service. It was no surprise that Ninja’s stream would scale back (Twitch partners aren’t allowed to stream on rival services), many only expected it to remain idle, not become a billboard for other broadcasters. It certainly underscores the significance of Ninja’s switch. His leap to Mixer represented a competitive blow, and Twitch clearly wasn’t happy about it. Update 8/11 5:55PM ET: That was fast — Twitch has already reverted Ninja’s old page to a regular offline screen, including chat (where people are roasting Twitch as we write this).

A couple of questions:

  • Does Amazon Twitch have a method to use unused channels to promote other Twitch streams? If so, what is it? Happenstance, a SageMaker function, or a rule book?
  • What will Amazon change to prevent porn from being displayed to the young people who follow popular gamers like Ninja?
  • Does Amazon monetize questionable content; for example, SweetSaltyPeach now banned and brought back as RachelKay and similar streamers who appeal to teen agers?

Amazon Twitch, in its own way, is behaving in a manner which might/could develop into a formal investigation by an appropriate US government entity.

Stephen E Arnold, August 12, 2019


Clever or Clumsy? Attempts to Achieve Lock In from Nervous Giants

August 9, 2019

The master of lock in is Amazon. (Lock in means that a company finds a way to ensure that a customer remains a customer. The term, as DarkCyber uses it, refers to the golden age of IBM. Remember that era?)

Apple and Google don’t have the Prime play. But both companies are trying, and their efforts are interesting. DarkCyber finds these “moves” amusing.

First, Apple is going to annoy customers of iPhones who try to get a battery replaced at a non Apple service location. Beta News explains this stroke of genius in “Apple Is Discouraging the Installation of Third Party Batteries by Displaying Battery Health Warnings.” The “you may get harmed” angle is fascinating. The write up states:

While it could be argued that Apple is concerned that iPhone users might install low quality batteries in their handsets, the more cynical response would be that the company is trying to scare people into buying more expensive batteries direct from Apple rather than a third party. This is not the first time Apple has been caught blocking or discouraging the use of third-party components; similar activity has been seen in relation to replacement screens and  home buttons.

With Apple stores becoming less and less friendly, now an iPhone customer has to deal with a click through annoyance and a message from the Apple chief parent. What’s the goal? Simple. Control, money, and interactions with the customer. Yes, some of the ingredients of lock in. Not an Amazon Prime grade play, but it is interesting and a bit sad for some black turtleneck wearers.

Second, the Google has an anti-Prime play. Amazon charges people to become a member of a virtual Costco. Google pays people to join. Here’s how this works if DarkCyber understands the implicit message in “Google Flights Will Offer Money-Back Price Guarantees.” Uber Gizmo states:

Google has announced that they will be introducing a money-back price guarantee feature to Google Flights. This means that you won’t need to worry about finding the best price as Google will refund you the difference. According to Google, “When we predict the price won’t decrease for select itineraries booked between August 13 and September 2, we’ll guarantee the price won’t drop, and we’ll refund you the difference if it does. We’ll monitor the price for you and if the price drops any time before departure, we’ll send you an email letting you know once your flight takes off–so there’s no work on your end.”

Our conclusion: Use our service, and the Google will provide you with an Amazon Prime type benefit for free. Is the benefit free? DarkCyber does not believe that any Google service is “free.” Google wants traffic, and it wants to provide a cash benefit for trusting Mother Google.

What do these two examples suggest?

  1. Prime envy is real
  2. Apple and Google are trying to generate what DarkCyber interprets as “millennial loyalty”
  3. The “plays” are not exactly subtle.

Net net: Apple and Google have adopted “marketing” tactics which call attention to a a subtle shift from a “power” position to a “threatened” position. Prime case examples, right?

Stephen E Arnold, August 9, 2019

Amazonia for August 5, 2019

August 5, 2019

The Bezos bulldozer has a bell. It goes “ring, ring, ring.” For information on what may be last week’s most important Amazon story, navigate to our DarkCyber story “Amazon and Law Enforcement: Irrelevant or Something Else?” Other items the DarkCyber research team noted in the past seven days:

JEDI Award on Hold: Amazon the Reason

The Inquirer clarified the JEDI contract decision. The UK online information service said:

The Pentagon is holding off on awarding its $10bn JEDI contract while the Defense Secretary reviews whether it was rigged in favor of Amazon. The contract, expected to be awarded to either Amazon or Microsoft later this month, has been criticized by bit-part actor Donald Trump, who argued that the process was biased towards Amazon.

The UK publication noted:

However, the contracting process for the project, which attracted bids from IBM, Oracle, Amazon, Google and Microsoft, has been marred by issues. Google announced its withdrawal from the bidding in October after employees called out the company out for violating its now deprecated “Don’t be evil” motto by supplying technology to the military. Microsoft employees also published an open letter urging the company not to bid on the project, arguing that doing so would “enhance lethality”.

Perhaps Amazon’s low profile, yet robust tactics, may roil the waters of the Potomac swamp. Amazon now has to slog through a different type of equatorial micro climate. There are dangerous creatures in the swamps on which the nation’s capital is constructed.

eBay Accuses Amazon Seller Poaching

The Wall Street Journal (August 2, 2019, Page B 4) published “eBay Says Amazon Staff Poached Sellers.” The online bookstore allegedly engages in tactics one of its competitors and soon to be victims acts in an un-eBay way. The newspaper reports:

Lawsuit accuses three from e-commerce rival of breaking racketeer laws with alleged lure.

The prey — sorry, DarkCyber meant to say “competitor” — filed a lawsuit on July 31, 2019, which asserts that the online bookstore broke Federal racketeering laws. The result was “harm.” According to Mr. Murdoch’s “real news” outlet:

The eBay lawsuit accuses the defendants of providing quotas for Amazon representatives to to recruit eBay sellers.

DarkCyber wonders if Amazon’s aggressive tactics are different from Amazon’s normal tactics; that is, baked into the culture of the online bookstore?

Amazon is attracting considerable scrutiny regarding its business practices, including the “not our fault” issue regarding Capital One data and the not so surprising delay thrust upon the Department of Defense by President Trump.

Has some of Mark Zuckerberg’s success in doing what he wishes influenced Amazon’s senior managers. When filtered down to the alleged interactions with eBay sellers, perhaps governance is being practiced, just in a way different from eBay’s expectations.

Amazon Sues Employee for Taking a Job at the Google

GeekWire published “Amazon Sues Former AWS Executive for Joining Rival Google Division As Cloud Wars Escalate.” Ironic? Nope, just a Bezos bulldozer tactic. The write up explains:

The executive in Amazon’s crosshairs is Philip Moyer, a Pennsylvania-based former AWS sales executive whose past experience includes several CEO roles and a long stint as a manager for Microsoft. Moyer was the chief executive for software-as-a-service companies Edgar Online and Cassiopae, according to his LinkedIn. In 2017, Amazon hired Moyer as a sales executive for AWS focusing on the financial services industry. By the time he resigned in 2019, he had 13 direct reports and managed 100 employees, according to the complaint. When Moyer accepted the job with Amazon, he signed a non-competition agreement, a contract in which an employee agrees not to work for a competitor for a period of time to avoid sharing confidential trade secrets.

Who will win? The lawyers for sure.

Amazon Security: Good, Bad, or Meh?

Amazon was at the center of the Capital One data breach. Amazon was quick to point out Amazon was not at fault. Capital One asserted that the security problem occurred in infrastructure. So was Amazon at fault? DarkCyber has lost track of the number of security breaches occurring because an AWS customer failed to implement appropriate security on the customers’ rented AWS service. The customer is responsible.

Apparently some elected officials want to know more. Business Insider (note that you may have to pony up some cash to read the article) published “Republican Lawmakers Want Answers from Jeff Bezos on Amazon Web Services Security Before the $10 Billion Defense Cloud Contract Is Awarded” suggests that Amazon is the winner of the competition.

The write up reports:

lawmakers say that they want to investigate because the government is on the brink of trusting AWS with some of the nation’s most sensitive data.

Another take on the security problem, which was allegedly not Amazon’s fault, appears in Computing. DarkCyber noted this statement:

Further reports suggested that companies named in the leaked Capital one files, including Ford and Italian bank Unaccredited, may also have been breached. However, Amazon said there is no evidence to support these claims.  Speaking to Bloomberg, a spokesperson for AWS explained that the company had “reached out to the customers mentioned in online forums by the perpetrator to help them assess their own logs for any evidence of an issue”.

DarkCyber opines that Amazon will repeat its mantra: “It’s the customer’s responsibility. We just provide the platform.”

Sound familiar? Does the mantra echo Facebook and Google explanations?

There is the issue of the cat loving, former Amazon AWS employee, the past history of AWS customer data breaches, and the $10 billion.

Amazon Acquires E8

Amazon acquired the Israeli storage company founded in 2014. The company builds gear relying on flash memory. The idea is to reduce latency. This company assembles hardware. According CNBC, E8 “boasts that the company’s hardware products “provide up to 10 times the performance of other all-flash-arrays, with consistently strong performance and low latency.” DarkCyber estimates that the price tag was in the $100 million range, but that’s unsubstantiated except by the burritos I fed my research team after the group produced this number. Will Amazon move more aggressively into hardware? Looks like it.

Amazon Oracle Feud: What’s Next?

I thought Oracle was out of the JEDI competition. Oracle apparently got the memo and elects to disagree. There’s an interesting run down of the latest action in this escalating battle. On one side is the Bezos bulldozer and on the other is the fading Russian fighter pilot, Larry Ellison. “Pentagon Rebukes Oracle As Debate over a Massive Federal Contract Turns Caustic” provides a helpful run down of the latest rebuke to the database company which calls Sea World Way home. Either Amazon or Microsoft will get a contract which could be worth $10 billion over five years. Oracle wants the deal, and unlike Microsoft and Amazon, Oracle could use the revenue.

The write up states:

Oracle alleged in a lawsuit that the Defense Department’s bidding process has been plagued with potential conflicts of interest and rigged in favor of Amazon’s cloud computing business. Oracle’s attempt to block the award was rejected earlier this month, with the judge in charge of the case explaining his reasoning in a lengthy document unsealed Friday. But in his decision, the judge posed new questions about the Pentagon’s legal argument for awarding one big contract. DoD spokeswoman Elissa Smith noted in a statement that the judge also affirmed that the Pentagon was “reasonably justified” to award a single contract. Despite the “tension” in the judge’s ruling, the department is planning to move ahead and award the contract in August, nearly a year and a half after it was announced.

Like Oracle’s fight with Google over Java, the old school database company won’t go quietly into that good night.

Just Walk Around Money

DarkCyber’s researchers walk around with a few dollars in pocket, backpack, or purse. Jeff Bezos requires more. “Jeff Bezos Sells $2 Billion in Stock after 4% Stake Transfer.” The money appears to be related to Mr. Bezos’ divorce settlement. MacKenzie Bezos is “official Amazon’s second largest individual shareholder,” according to Bloomberg. (You may have to pay to read the fluff around this factoid.)

Amazon Boxes and Boxes Earn Vendors Boxed Ears

We are fascinated with the matruska doll approach to packaging for some our Amazon orders. “Amazon Will Fine Sellers Who Ship Products in Oversized Packaging” explains that change is coming for offenders of Amazon’s “size” rule. (Will Amazon warehouses follow this rule? DarkCyber does not know. Humans under pressure to package do some interesting things we have heard.)

Amazon Smart Software

Amazon wants its software to be smarter or appear to be smarter. The company revealed a new method for making sense of certain humanoid related actions. The technique allegedly combines text-based search and a custom-built knowledge graph. You can get the Amazon explanation at this link.

Amazon Adds to Its Policeware Data Repository

Gizmodo alleges that “Cops Are Giving Amazon’s Ring Your Real Time 911 Caller Data.” DarkCyber finds this interesting. The online information service states:

The California-based company is seeking police departments’ permission to tap into the computer-aided dispatch (CAD) feeds used to automate and improve decisions made by emergency dispatch personnel and cut down on police response times. Ring has requested access to the data streams so it can curate “crime news” posts for its “neighborhood watch” app, Neighbors.

Good neighbors are important. Community building is a plus. Cross correlated with other data in Amazon’s policeware system could yield some interesting insights.

Amazon Market Position

DarkCyber noted this number: 50 percent and more. The number refers to the AWS share of the public cloud infrastructure market. The capitalist tool pegs the dollar value at over $32 billion so Amazon controls $16 billion or more. The write up says the data come from the Gartner Group. Believe the number or not.

Amazon and Big Cars

Getting Under the Hood of Amazon’s Auto Ambitions” is mostly Amazon cheerleading. The write up explains that Amazon is active in many facets of the automobile industry. The springboard is AWS, robots, policeware, and alliances. The stakes are high. Apple and Android are in autos, but no company has locked down the “Amazon approach” to market monopolization.

The write up states:

A Reuters analysis of more than 5,000 patents granted to Amazon from December 2016 through May 2019 by the U.S. Patent and Trademark Office indicates at least 210 of those patents cover transportation-related topics from drones to automated ground vehicles. The auto-related patent push outpaced tech rivals Apple Inc and Alphabet Inc’s Google, whose sister company Waymo is a self-driving pioneer.

But patents are not the principal thrust. The ace in the hole is Amazon’s designs on becoming the provider of an “industrial cloud.” Procurement, management, back office services, and more are part of the plan.

Amazon and Tiny Cars

TechCrunch, which appears to be covering more Amazon information,  published “Why AWS Is Building Tiny AI Race Cars to Teach Machine Learning.” According to the write up:

[The “tiny car” play] was really about how do we put machine learning in the hands of every developer and data scientist.

Before you open the door, be sure to check the price tag: $399.

Amazon Emulates Google

Google kills services. Amazon is following in the footsteps of the online advertising company. If you are a fan of the push to order Dash button, find a new shopping pleasure jolt. According to GeekWire,

Amazon will turn off capabilities for Dash buttons on Aug. 31.

The physical buttons are not as slick as talking to an Amazon home device. Geekwire says:

Amazon still operates the Dash Replenishment program for connected appliances that automatically reorder items when supplies are low. The company also created a virtual version of the Dash Button on its website. In addition, Amazon has built out voice shopping capabilities for Alexa, the digital brain that powers Echo devices.

Amazon Speech Engine Gets a New Speaker

AWS’ New Text to Speech Engine Sounds Like a Newscaster” explains that Amazon’s speech engine sounds like a — well, hmmmm — a newscaster. DarkCyber has heard some pretty interesting newscasters, but we assume that the newscasters are people like the talking heads on US cable television or the morning shows in the UK. Sorry, BBC, with your changes, we can’t understand some of the newscasters getting air time.

The write up reports:

The new newscaster style is now available in two U.S. voices (Joanna and Matthew) and Amazon is already working with USA Today and Canada’s The Globe and Mail, among a number of other companies, to help them voice their texts.

We are disappointed that the North Korean newscaster who recently retired has not been pressed into duty.

The article includes an audio of the Amazon Polly Newscaster. We love that Polly name. Very Victorian. Proper. No association with a parrot, of course.

Amazon and Images: Some Ethical Insight?

We noted “Man Interviewed at Amazon, Didn’t Get the Job, but They Used His Photo on Their Jobs Site,” not for the grammar errors, but for the interesting privileged approach of the world’s largest online bookstore.

The write up reported in good enough English:

…Jordan Guthmann, a VP at Edelman PR, interviewed for a job at Amazon. While he was on the company campus chatting with folks, someone asked to take his photo and he kindly obliged. Guthmann didn’t get the gig, but apparently he at least looked like the right person for the job: Until a few days ago his photo appeared on Amazon’s Talent Acquisition website.

The good news is that Amazon swapped out the photo. The bad news is that the Amazonian behavior reveals a tiny insight about the ethical compass at Amazon. There is no true north, just whatever direction is expedient maybe?

Going Green

Amazon reminds me of a jungle. Green, in this case, evokes renewable energy, not the life and death struggle in the Amazon landscape. USA Today reports that the world’s largest online bookstore is “launching renewable energy projects in Virginia and Ireland.” Perhaps the Bezos bulldozer is turning over a leaf?

Digital Currency

Amazon supports a number of digital currency inspired activities. One of the newer initiatives is putting $100,000 into a competition designed to “Change the Face of Blockchain.” Solve this problem and collect the money:


Yahoo includes this explanation from a content sparkplug:

“You are going to need people who are really good at hardware design, but also people with algorithmic skills,” he said. “My guess is the winning team will have a combination of that expertise.”

DarkCyber thinks that the point of the competition may be to identify potential hires for those supporting the event. Once again: DarkCyber speculation because the environmental impact of digital currency related activities may become grist for someone’s water mill.

Amazon High Performance Cluster You Have Always Wanted

A rah rah article which begins, “…Building an HPC system can be complex”, is a must read. HPCWire explains that “High performance computing customers love the breadth of services offered by AWS and the flexibility offered by the cloud to address their computational challenges. AWS provides you with the opportunity to innovate quickly and accelerate your workflow thanks to a virtually unlimited capacity.”

Although a trifle one sided, the article provides a teaser for the more complex explanation which is located on the Amazon AWS pages at this link. Easy? Absolutely. How does DarkCyber know? The word “simple is used to index the page.”

Dash Slows and Then Halts

Amazon has many ordering options. One can talk at Alexa. One can use the Amazon eCommerce Web site. But the Dash button is dashed. DarkCyber learned that Dash has crashed. “Amazon is terminating the Dash button on August 31” said:

The Dash button was created to allow consumers to instantly order a product with the push of a button. The ease of use made it perfect for consumables you often need restocked, such as laundry detergent or paper towels, but served little purpose outside of that.

Killing off dud products or products developers don’t want to work on is a Google tactic. Should Amazon be viewed through Google goggles?

Consultant, Partner, Reseller News

Cerner. The health information technology company has partnered with Amazon. According to MedCity News: “The collaboration will boost the business of both companies against the backdrop of tech giants like Amazon, Google and Microsoft vying for healthcare market share in the industry’s shift to cloud-based infrastructure.” For additional color about Amazon healthcare, navigate to “Amazon Web Services Exec Partovi on Where the Biggest AI Opportunities Are in Healthcare.”

KCF Technologies. The tie up with Amazon AWS “a simple-to-use, fully automated, cloud-based backup and recovery solution for Cassandra databases on Amazon Web Services (AWS).” Source: Business Insider

MapleTech. This vendor of property and insurance services has migrated to Amazon AWS. Thus, its customers are now Amazonians. Source: Virtual Strategy

Motion Picture Academy Software Foundation. Amazon has joined. An official of the organization said: “Our membership has almost doubled since we launched the Academy Software Foundation a year ago, and we’re grateful that both studios and software vendors are seeing the value in having a neutral home for collaboration and shared development of open source software.” Source: The Hollywood Reporter

SoftServe. The company has announced an expanded relationship with Amazon Web Services (AWS) extending SoftServe’s offerings for media and entertainment enterprises. Source: Yahoo

VeChain rolls out is VeChain Thor Blockchain solutions. The venue was Amazon’s Beijing “global” summit. Why’s this important? Beijing. Blockchain. Global. Source: Yahoo

WiPro. This consulting company has teamed with Amazon to create a “co innovation center.” Where is the innovation center in case you want to mosey over and introduce yourself?

This state-of-the-art ‘innovation-in-action’ center, located in Wipro’s campus at Kodathi, Bengaluru…

And what’s cooking in the center:

The center will serve as a multi-disciplinary customer showcase hub for specialized teams to ideate, collaborate, develop and deliver futuristic solutions, leveraging AWS Cloud services in the areas of artificial intelligence (AI), machine learning (ML), analytics, Internet of Things (IoT), blockchain, augmented and virtual reality, among others.

Source: CIOL

Amazon and Apple: Two Anti Trust Investigation Attractors

The Verge reported that “Amazon cut a deal with Apple to bring direct iPhone sales to its platform for the first time. Now, that deal is coming under scrutiny from the Federal Trade Commission.” The main idea is that the deal nuked the market for other Amazon sellers and helped Apple put a dent in folks who were repairing in an un Apple-like way Apple devices.

DarkCyber noted this chunk of the write up:

Still, experts say the Apple-Amazon deal could easily be grounds for an antitrust complaint. According to Sally Hubbard, an antitrust expert and the director of enforcement strategy at the OpenMarkets Institute, the practice of cutting a deal with a brand to shut out third-party sellers who may be peddling counterfeit products or simply just lower-cost versions is called “brand gating.” It’s rampant on Amazon, and it may be illegal, she argues. “You put a gate around the brand and say all the third-party sellers of whatever that brand is get a notice saying you can no longer sell this product on our platform unless you get authorization from the brand,” Hubbard tells The Verge. “But of course the brand is not going to let you sell if you’re under the [minimum advertised price]. Problem is that it’s illegal under antitrust law.”

Fair? You and the legal eagles decide.

Grab Your Popcorn: Re:Inforce 2019 Videos Online

You can get the information presented at one of Amazon’s upscale conferences on your computing device. Just bring popcorn and patience. There’s nothing like low contrast slides and jargon to tell a story. Here’s the link you need.

Amazon Is Number One in IaaS

IaaS means infrastructure as a service. As if Amazon’s revenues and tidal waves of AWS announcements were not enough, now IT Pro Portal makes it official: “Amazon Keeps Top Spot in IaaS Market.” True, the data come from a very objective source, the Gartner Group. Who’s number two? Microsoft. What happens if Microsoft wins JEDI as Amazon fires bullets into its feet? Gartner’s very objective analysts will reveal the truth in a world of fake news.

Amazon Twitch Watches a Star Leave the Ecosystem

I know you are heart broken that Ninja has jumped from Twitch to Mixer. DarkCyber thinks more of these future Clark Gabels will head for greener pastures. Twitch is cracking down and the changes are annoying the talent who make the service thrive. Source: The Verge

Stephen E Arnold, August 5, 2019

Capital One and Surprising Consequences

August 4, 2019

DarkCyber noted the ZDNet article “GitHub Sued for Aiding Hacking in Capital One Breach.” According to the “real news” outfit:

While Capital One is named in the lawsuit because it was its data that the hacker stole, GitHub was also included because the hacker posted some of the stolen information on the code-sharing site.

Github (now owned by Microsoft) allegedly failed to detect the stolen data. Github did not block the posting of Social Security numbers. These follow a specific pattern. Many text parsing methods identify and index the pattern and link the number to other data objects.

What law did Github violate? Management lapses are not usually the stuff that makes for a good legal drama, at least on “Law and Order” reruns. The write up reports:

The lawsuit alleges that by allowing the hacker to store information on its servers, GitHub violated the federal Wiretap Act.

DarkCyber thanks ZDNet for including a link to the complaint.

Lawyers, gotta love ‘em because we have a former Amazon employee, a financial institution with a remarkable track record of security issues, and a company owned by Microsoft. What about the people affected? Oh, them. What if Github is “guilty”? Perhaps a new chapter in open source and public posting sites begins?

Stephen E Arnold, August 4, 2019

Amazon and Law Enforcement: Irrelevant or Something Else?

August 1, 2019

I have given lectures about Amazon’s policeware initiative. The information about this facet of the online bookstore’s work has attracted little attention. Rumor has it that one big time reporter tried to ask questions about Ring doorbells and related technologies and found a “No Entry” sign posted.

DarkCyber’s approach is to rely on real news stories. It appears that the Bezos bulldozer has revved its engine with regard to the role of the Ring doorbell and a handful of law enforcement entities. (Yes, DarkCyber perceives an alleged 200 tie ups as a handful. We are talking about the Bezos bulldozer’s pulling capacity. Think in terms of larger numbers. Think Five Eyes. Think financial regulators around the world.)

If the information in Ars Technica is accurate, DarkCyber learned:

Amazon reportedly provides marketing scripts to more than 200 police partners.

If true, this is indeed interesting. LE and intel professionals are not too keen on publicity. Amazon, a master of financial reporting to the SEC, is not like a Hollywood producer using communications to make a dead duck fly.

The write up “Amazon Writes Scripts for for Cops to Sling Ring Home Cameras, Report Says” cites another publication which reproduces an allegedly “real” email. The email includes this text:

Hi, all,

Appreciate your patience here as we are currently hashing out some across the board approaches for these exact scenarios. Given that this has been in the works for quite some time and the circumstances you describe, can we agree on the following timeline of events as a compromise:

Wed, June 5th, Boca PD Onboarding to Neighbors Portal (PS can use portal by commenting and engaging, no external promotion or discussion of portal beyond that)

Thurs, June 6th: Boca Foundation Subsidy Launch Event

Mon, June 24th: Earliest day for any Boca PD neighbors Portal external, public facing announcement (to be coordinated with Ring and reviewed in advance to ensure appropriate messaging and not conflated with Subsidy program)

Please, let us know if this timeline is acceptable! This will allow PD to become familiar and state using portal while given the subsidy program full public attention and greatest chance for success. While sticking with our strict policy of not conjoining the two in practice or in presentation.

This text comes from Engadget.

DarkCyber’s attempt to make sense of this alleged Amazon email to someone in the Boca PD is hypothetical. Here’s what the research team derived from the text of the allegedly “real” email, our open source information about Amazon policeware, and suppositions and rumors floated at conferences.

First, Amazon is providing funds to jump start the “program.” This marketing method is just like the LexisNexis “make the legal information available to law school students.” The goal is to condition young attorneys to use the for fee LexisNexis when they get an job in a law firm, government agency, or non profit. The subsidy essential makes it possible for cash strapped police departments to get access to technology and data. The approach may have some other benefits like good PR for Amazon, police departments, and city officials.

Second, the approach appears to minimize the law enforcement value of the Ring video doorbell to law enforcement. That’s okay, but Amazon appears to view the Ring project as a way to control information flows and decision making within “independent” law enforcement entities. This strikes DarkCyber as a variation of the methods spelled out in the classic “How to Sell Anything to Anybody.” Getting the customer to say “yes” or do what the sales person wants is one theme of this decades old classic.

Third, Amazon is not “connecting the dots” for its policeware system. (If you want a for fee webinar for your team about Amazon policeware, write us at darkcyber333 at yandex dot com.) A key part of the Amazon way to present discrete services as islands which are loosely coupled. In order to connect these islands, one has to be [a] told about the connections by Amazon, [b] take Amazon AWS training and become Amazon certified, [c] grunt around for open source information which is written to make the larger connections in the Amazon policeware system difficult to discern.

DarkCyber finds the Ars Technica write up, the allegedly “real” memo from Amazon to a police department, and the lack of understanding by many Amazon observers interesting.

Amazon sells cameras, dog food, and T shirts, right?

Absolutely, but it also is working overtime to create an Oracle Axiom dominator plus a few other minor things. Definitely “minor.”

Stephen E Arnold, August 1, 2019

Capital One, Amazon, Cats, and the Common Infrastructure Play

July 31, 2019

I read “Hacking Suspect Acted Oddly Online.” (Note: the online story is paywalled by Rupert Murdoch. You may  be able to get a peek at the dead tree version of this story in the Wall Street Journal for July 31, 2019.) Yep, Internet cat angle, self incrimination, and public content dissemination. That’s a plot hook which may make a great Lifetime or Netflix program. Amazon is likely to pass on funding the film version of this now familiar story.

Here’s the plot:

There’s the distraught financial institution, in this case, the lovable Capital One. This is the outfit known for “what’s in your pocket”? Good question. The financial outfit teamed up with Amazon in 2015, and according to the “real news” outfit:

In 2015, Capital One Chief Information Officer Rob Alexander said, “The financial services industry attracts some of the worst cyber criminals. So we worked closely with the Amazon team to develop a security model, which we believe enables us to operate more securely in the public cloud than we can even in our own data centers.”

That sounds darned good, but data affecting about 100 million people was breached. That number has not been verified to my satisfaction, and DarkCyber awaits additional data. But 100 million is a good enough number for the story.

Next we have a protagonist with some employment history at Amazon. Remember that this is the cloud service which was in the chain of data compromise. But — and this is important — Amazon was not at fault. The security problem was a is configured bit of “infrastructure.” Plus, the infrastructure which was the point of weakness is “common to both cloud and on premises data center environments.”

The story ends with a suspect. If the program becomes a mini series, we will follow the protagonist with empathy for cats through a trial, and perhaps a variation on the story weaving of “Orange Is the New Black.”

What’s missing from the analysis in the “real news” outlets? Here in Harrod’s Creek, Kentucky, we think of Amazon as an outfit with nifty white Mercedes Benz vans and fast moving van drivers.

But a couple of the pundits lounging in the convenience story / tavern floated some ideas:

  1. Why is Amazon not providing a system to address misconfiguration? It seems that 100 million people are now aware of this dropped ball.
  2. Why is an Amazon person, presumably with Amazon expertise, behaving in a manner that appears problematic? If the person was hired, what’s the flaw in the Amazon hiring process? If the person was terminated for a germane reason, why was the person not given appropriate “support” to make the transition from Amazonian to a person with unusual online activities? How does Amazon prevent information from being used by a former employee? What can be improved? Are there other former Amazon employees who are able to behave in an allegedly problematic way?
  3. Why is the problem “common” to use Capital One’s alleged word quoted in the WSJ story? There are dozens upon dozens of firms which are marketing themselves as cyber safeguard providers. Are these services used by Amazon, or is Amazon relying on home grown solutions. There are indeed Amazon’s own security tools. But are these findable, usable, reliable, and efficacious? Security may be lost in the thicket of proliferating Amazon products, services, and features. In effect, is it possible that Amazon is not doing enough to prevent such security lapses associated closely with its cloud solutions.

Stepping back, let’s think about this incident in a cinematic way:

  1. A giant company offering services which are so complex that problems are likely to result from component interactions, blundering customers, and former employees with a behavior quirk.
  2. A financial services firm confident of its technical competence. (Note that this financial firm with a previous compliance allegation which seemed to pivot on money laundering and ended with a $100 million fine. See “Compliance Weaknesses Cost Capital One $100M”, October 23, 2018. You will have to pay to view this allegedly accurate write up.
  3. A protagonist who seemed to send up distress flags via online communication channels.

What’s the big story?

Maybe there’s a “heart of darkness” with regard to security within the Amazon jungle.

To which jungle was Joseph Conrad, author of the “Heart of Darkness” referring?

“Nowhere did we stop long enough to get a particularized impression, but the general sense of vague and oppressive wonder grew upon me. It was like a weary pilgrimage amongst hints for nightmares.”

Psychological, digital, or financial? With the JEDI contract award fast approaching, will the procurement officials interpret the Capital One breach as a glimpse of the future. Maybe Oracle is correct in its view of Amazon?

Stephen E Arnold, July 31, 2019

Amazon Flaw Presented Gently, Very Gently

July 30, 2019

If you are an avid Amazonoid, you don’t want to hear bad news. “Amazon as Experiment” tries to explain a flaw, but the write up goes about the task carefully.

The main idea is that if you know what you want and know the terms used to describe that which you want to buy, view, or listen to — Amazon delivers.

The write up points out:

Amazon, of course, is the Sears Roebuck of our time, but it’s more than that. Amazon is systematically going through every branch of the idea tree around what retail is, and doing it without any pride.

I agree. The Bezos bulldozer is doing old things more MBA-ishly. (I pronounce this em-bee-a-ish-lee. The term means get money and skate as close to the edge of appropriate behavior as humanly possible. I love those MBAs, don’t you?)

The write up draws a parallel with the Google, another outfit which does things and then tries to figure out how to maximize return.

Now the flaw, presented gently:

This has always been the gap in the Amazon model. It’s ever more efficient at finding what you already know you want and shipping it to you, but bad at suggesting things you don’t already know about, and terrible whenever a product needs something specific—just try finding children’s shoes by size. This is probably inherent in the model.

What’s this mean? The experience of wandering around an olive market in Paris or poking into stalls in Istanbul’s indoor market are not part of Amazon.

In short, without a mechanism that allows finding something, deciding it has value, and in some cases touching the product — Amazon has become sterile.

Now, Amazonoid, does that matter? Wall Street wants to see growth. Discovery to an MBAish person means more money. What about Amazon’s competitors? Are they able to deliver discoverability?

Why do people wander around looking at stuff in cities? Why do professionals attend conferences and visit booths? Why do people expose themselves to different contexts?

The answer is, DarkCyber believes is to discover. An algorithm does not discover. It presents probable matches.

What will Amazon do to remediate this problem presented gently?

Stephen E Arnold, July 30, 2019

Amazonia for July 29, 2019

July 29, 2019

Summertime, the bulldozing is easy. Money is flowing, and regulators are hopping. There was some Amazon news despite the heat waves and the rumblings of impending monopoly investigations in the US and elsewhere.

JEDI Excitement

President Donald Trump, according to the semi paywalled, “insider” news service delivered a stunning rumor in “President Donald Trump Reportedly Wants to ‘Scuttle’ the $10 Billion Pentagon Cloud Contract That Amazon and Microsoft Are Fighting Over.” Let’s assume this report is spot on, accurate, and wrapped in factualities. Several questions pop up:

  • How happy will Oracle be with this decision?
  • How unhappy will Amazon be if it receives zero Department of Defense JEDI work?
  • How will Microsoft make Azure sort of work? (DarkCyber asks this question because some of Microsoft’s software has been — how shall I phrase it? — problematic?)

More than a week ago, Nextgov reported that “Trump ‘Looking Into’ Pentagon’s JEDI Contract.” There was swamp mist swirling around an assertion that some Republicans wanted the JEDI contract issued. Why? Love of Amazon? Love of Microsoft? Love of DoD procurement processes? Nope. “National security.”

Also, Amazon allegedly snapped up a modest 270,000 square feet of office space in lovely, 21st century Herndon, Virginia. There is no congestion near Sunrise Drive, some told DarkCyber. The company has a modest 400,000 square feet on the Dulles Access Road between Dulles Airport and the once sylvan Reston, Virginia. Source: Biznow

Fox News (an outstanding “real” news outfit published “Lawmakers Urge Trump to Delay $10B Defense Contract over Amazon Conflicts Probe.” The write up states:

The lawmakers who signed Tuesday’s letter are all Republicans and include Florida Rep. Matt Gaetz and Wisconsin Rep. Sean Duffy. Florida Sen. Marco Rubio sent a similar letter to national security adviser John Bolton last Thursday, seeking a delay to the awarding of the JEDI contract due to a “lack of competition.”

The article did not include a quote from Amazon’s Washington, DC executive. Non government gray would have been enriched with local color.

Amazon Quarterly Report

Amazon’s quarterly revenue was $63 billion. The number of interest to DarkCyber is that AWS revenue was up 37 percent to $8.4 billion which works out to a $30 billion plus business for a 12 month period. MarketWatch has some additional details. Net net: Amazon will tighten the thumbscrews on merchant partners, vendors, and AWS customers. The Bezos bulldozer needs a new coat of paint, so price hikes will be needed.

DarkCyber wants to point out that the Gartner Group, an outstanding crystal ball outfit, predicts that Amazon can deliver a surprise for customers who don’t keep their eye on:

  • Amazon costs and prices
  • Amazon’s features
  • Amazon’s competitive behavior.

Does Gartner Group advise the Secretary of the Treasury?

Amazon Health Care

Curious as to Dr. Jeff Bezos’ medical acumen? There’s some information tucked into “Amazon Web Services Exec Partovi on Where the Biggest AI Opportunities Are in Healthcare.” In the interview / essay, we spotted this statement:

On the patient side, the value that cloud brings is that you can do predictive modeling. By applying machine learning and predictive modeling to data, it allows you to predict patient health events.

Perfect for health insurance and other services which could benefit from smart software and some cross correlation.

To put this interview in context, Amazon has rolled out a Web services center in Houston. Wasn’t that city interested in IBM Watson before those using the system realized it did not work the way doctors did? Source: Houston Chronicle

Retail on the US Government’s Mind

About that Department of Defense JEDI contract? What happens if the current Administration continues to find fault with Amazon? What about real estate values in Alexandria, Arlington, and other “close to the jungle” locations?

We noted “US Treasury Secretary Steven Mnuchin Says Amazon Has Destroyed Retail.” At the same time, US government professionals are gearing up for inquiries.

The write up stated:

Treasury Secretary Steven Mnuchin said he supports the Justice Department’s formal antitrust review of the country’s largest tech companies, particularly Amazon, which he said has ruined retail. In an interview Wednesday with CNBC, Mnuchin said the company has “destroyed the retail industry across the United States” and said there’s “no question they’ve limited competition.”

DarkCyber does not speculate about procurement, but could the JEDI deal go to Microsoft?

Big News: Amazon Offers Sellers a Deal

I worked in New York City sort of for several years. I was from a small town in Illinois, and I had to learn how to speak “New York.” One of the first phrases I learned was, “Such a deal.”

Amazon may be offering “a deal” to its sellers. The Wall Street Journal (paywall, gentle reader) appears to have blown the whistle on a new program for sellers and merchants who use the Amazon ecommerce site to move their products. The idea is simple:

  1. Independent merchants can get Amazon’s help with marketing
  2. Amazon can then purchase the merchant’s brand for $10,000
  3. The merchant gets to find another product to convert into a winner.
  4. Jump to Line 2

Such a deal.

Amazon’s Accelerator will accelerate all right. A faster path to monopolistic dominance of whatever product sells. I also learned another New York phrase, “Have I got a deal for you.” Sure you do.

A related item is that Amazon’s suspension policy contributes to “partner” stress. See this link.

Amazon Facial Recognition Leaves Disneyesque Orlando

Orlando Police Department has allegedly ended its Amazon Rekognition facial recognition test. The Orlando Weekly reported:


Orlando’s two-phase pilot with Amazon to try out real-time facial recognition software ended Thursday, capping 15 months of technical lags, bandwidth issues and uncertainty over whether the controversial face-scanning technology actually works.

The termination was allegedly due to resources. DarkCyber believes that this statement is accurate, but it may not include a spectrum of issues associated with facial recognition.

We noted the inclusion of this statement as well:

Matt Cagle, a technology and civil liberties attorney at the ACLU, congratulated OPD for “finally figuring out what we long warned – Amazon’s surveillance technology doesn’t work and is a threat to our privacy and civil liberties.” “This failed pilot program demonstrates precisely why surveillance decisions should be made by the public through their elected leaders, and not by corporations secretly lobbying police officials to deploy dangerous systems against the public,” Cagle said.

The report noted:

Orlando is the only city in the country to openly test Amazon’s fledgling real-time facial recognition software. Washington County Sheriff’s Office in Oregon is the only other known client using a variant of the software, where deputies can upload a photo of an unidentified suspect and run it through a database of images for a possible match long after an incident occurred.

Was Orlando a success or failure? It seems the thrill ride may have ended.

Amazon India: Bulking Up

AWS Can Be a Great Enabler for India to Jump a Tech Gen in AI and ML: Amazon Internet Services’ Rahul Sharma” is a rah rah article about Amazon’s growing interest in India. The write up reports:

AWS wants to lead India into becoming a cloud-first economy. From providing streams of open data and offering easy-to-use AI/ML services to skilling millions of youth, the company is out to service its biggest customer: the Indian citizen.

DarkCyber ignored the social good handwaving and focused on the meat of the push into India: Govtech.

Amazon and Israel

A new data center and a play for Israeli government contracts? Seems logical. Data Center Dynamics reports:

In September, Israel’s Finance Ministry and the Government Procurement Administration said that they planned to issue a tender in 2019-2020 for the supply of services based on a public cloud platform, servicing multiple government organizations

Amazon Chatbots: Still Chattering

ZDNet report that Amazon has rolled out a chatbot which issues system alerts to developers, through Slack and its own Chime app. The write up states:

Under the current AWS Chatbot Beta, notifications can be provided from Amazon Cloud Watch, AWS Health, AWS Budgets, AWS Security Hub, Amazon GuardDuty, and AWS CloudFormation.

Yep, notifications.

AWS Lightsail How To

Want to build a virtual machine in AWS Lightsale. The “real news” outfit TechRepublic has published a how to in “How to Create a Virtual Machine Using Lightsail in AWS.” The write up is a very upbeat presentation of Amazon help page content. We liked this phrase too: “…Just a few mouse clicks.” There’s a free white paper available too. Just click this link. Plus, Lightsail is a deal, just $3.50 per month. DarkCyber believes that each customer’s costs will vary. TechRepublic is quite helpful to Amazon. DarkCyber wonders if there is any “consideration” or “inclusion” assessment associated with this story. Probably not. Just “real news”.

Reeling from Surprise AWS Costs?

Some help may be on the way. According to Silicon Angle, DarkCyber learned that EC2 Resource Optimization Recommendations helps users to optimize the Amazon Elastic Compute Cloud resources they use. Allegedly the new service:

[will] find idle or underused instances so customers can adjust their usage patterns to save on costs. Should the tool find an idle instance, which Amazon defines as one that has less than 1% maximum central processing unit utilization, it will recommend that users simply shut it down. And when it finds an underused instance, it will recommend different-sized instances to which customers can switch to fit their usage pattern better and get more bang for their buck.

Yes, You Can Control a Car with Amazon

DarkCyber spotted this video: “Controlling a Car with Artificial Intelligence – AWS Deep Racer.” If you are a fan of serial content acquisition in non text form, here’s the url you need. For Amazon’s explanation of the use of its smart software, navigate to “Developers, Start Your Engines.” Vroom, vroom.

Amazon and Financial Information

We read “Amazon Echo Banking: Get Alexa to Check Your Balance, Make Payments and More.” DarkCyber liked the word “more.” How much more? One can imagine if the online bookstore has access to one’s bank accounts: Checking, savings, home loans, etc. Shove these data into any other personal information Amazon has. What pops out of the Alexa enabled microwave? How about a competitor to Oracle’s data service?

The write up ignores the big picture and states:

Linking your Echo to your account is quick and private. Don’t worry, you’re not sharing your personal banking info with Amazon when you connect it to the Alexa app. Just make sure you feel comfortable with the people who might be within earshot when Alexa responds.

There you go. Secret info from the outfit which records and retains data transmitted via Echo. How useful would such “unretained” data be to an investigator, an outfit doing a credit check, or to an insurance company? Probably above average.

Surfing on Weaveworks?

TechRepublic, an outfit which writes very positively about IBM, has turned its reportorial rapier on Amazon. “The Clearest Sign of AWS’ Open Source Success Wasn’t Built by Amazon” seems negative at first glance. But, no, TechRepublic seems to love Amazon as much as it does IBM. We noted this statement in the write up:

As AWS executive Matt Wilson put it, “As a very early adopter of Free and open source software (going back to migrating from Unix to Linux in 2002!), folks at Amazon have extensive understanding of Open Source, and also how developer communities of all types grow around technology.”  With Firecracker, this shows, because Weaveworks, not AWS, built Weave Ignite. That’s how good open source ecosystems grow.

A new jungle to bulldoze.

Pop That Trunk for Deliveries

DarkCyber wonders if law enforcement officers will find this Amazon delivery option helpful?

Amazon Will Now Deliver to the Trunk of Your Honda” states:

Amazon keeps on expanding its delivery options, perhaps to ensure that you won’t have an excuse not to buy that thing you’ve just carted. In 2018, it launched an in-car delivery service for GM and Volvo owners, which it also eventually offered to Ford and Lincoln vehicles. Now, the e-commerce giant is giving select Honda models access to Key by Amazon In-Car delivery, as well, so you can have your package dropped right inside your car wherever it is you’ve parked.

DarkCyber has heard that certain other models are supported in Europe.

There are some limitations, but the upside seems evident to Engadget’s expert:

While the HondaLink app itself is free, the Remote Services package will set you back $110 per year after a 3-month trial. Key by Amazon doesn’t cost anything on top of that, though, so it’s a nice perk if you’re already paying for the add-on.

Yes, a nice perk. Particularly if an authority watches the delivery person open a trunk long enough for the officer to peer inside.

Amazon Accused for Requiring Officers to “Shill” Rekognition

Vice seems unhappy with Amazon. The company provides a trial system so law enforcement can get some hands on (better yet, eyes on) time with the Rekognition imaging system. Vice points out: “Amazon Requires Police to Shill Surveillance Cameras in Secret Agreement.”

The write up states:

The Lakeland, Florida police department is required to “encourage adoption” of Ring products as part of a secret agreement with the company.

We noted:

Amazon is convincing people to self-surveil through aggressive, fear-based marketing, aided by de facto police endorsements and free Ring camera giveaways. Consumers are opting into surveillance. And police are more than eager to capitalize on this wealth of surveillance data. The result of Ring-police partnerships is a self-perpetuating surveillance network: More people download Neighbors, more people get Ring, surveillance footage proliferates, and police can request whatever they want.

China’s government has implemented this type of approach. In the US, Amazon appears to be providing a similar service to the government. DarkCyber is interested in this approach to generating data for the Bezos bulldozer’s policeware platform.

Now the “secret”. A contract is a document which may have terms and conditions. If Vice obtained such a document; therefore, the document is not secret. Or is it?

Partners / Resellers
  • Brightloom uses AWS for its restaurant services business. Starbucks just signed up, not just for the service but for an ownership stake. Source: Forbes
  • Equinix has increased the bandwidth of its AWS direct connections. Source: SDxCentral
  • Sigma rolls out support for live debugging in its integrated development environment for AWS. Source: Yahoo
  • Stackery streamlines AWS server development on local machines. Source: GeekWire
  • Uptime has developed a single sign on service for AWS. Source: Yahoo
  • Zendesk makes ASW customer support services more actionable. Source: Yahoo

Stephen E Arnold, July 29, 2019

Next Page »

  • Archives

  • Recent Posts

  • Meta