Bank App Does Not Play Well with Tor Browser

December 22, 2016

Bank apps are a convenient way to access and keep track of your accounts.  They are mainly used on mobile devices and are advertised for the user on the go.  One UK bank app, however, refuses to play nice with devices that have the Tor browser, reports the Register in the article, “Tor Torpedoed!  Tesco Bank App Won’t Run With Privacy Tool Installed.”

Tesco is a popular bank present in supermarkets, but if you want to protect your online privacy by using the Tor browser on your mobile device the Tesco app will not work on said device.  Marcus Davage, the mainframe database administrator, alerted Tesco patrons that in order to use the Tesco app, they needed to delete the Tor browser.  Why is this happening?

The issue appears to be related to security. Tesco’s help site notes that the Android app checks for malware and other possible security risks (such as the phone being rooted) upon launching and, in this case, the Tor software triggers an alert.  The Tor Project makes two apps for Android, the aforementioned Orbot and the Orfox browser, both of which allow users to encrypt their data traffic using the Tor network. According to the Play Store, Orbot has been downloaded more than five million times by Android users.

App developers need to take into account that the Tor browser is not malware.  Many users are concerned with their online privacy and protecting their personal information, so Tor needs to be recognized as a safe application.

Whitney Grace, December 22, 2016

Tor Phone to Take on Google

December 13, 2016

Tor users have nil or very limited options to surf Underground Web anonymously as Android-powered phones still manage to scrape user data. The Tor Project intends to beat Google at its own game with Tor-enabled smartphone.

An article that appeared on arsTechnica and titled Tor Phone Is Antidote to Google “Hostility” Over Android, Says Developer, says:

The prototype is meant to show a possible direction for Tor on mobile. We are trying to demonstrate that it is possible to build a phone that respects user choice and freedom, vastly reduces vulnerability surface, and sets a direction for the ecosystem with respect to how to meet the needs of high-security users.

The phone is powered by custom-made CopperHead OS and can be run only on Google Nexus or Pixel hardware phones. Of course due to high technicalities involved, it is recommended only for Linux geeks.

For voice calls, according to the article:

To protect user privacy, the prototype runs OrWall, the Android firewall that routes traffic over Tor, and blocks all other traffic. Users can punch a hole through the firewall for voice traffic, for instance, to enable Signal.

Google’s Android is an Open Source platform that OEMs can customize. This creates multiple security threats enabling hackers and snoopers to create backdoors. CopperHead OS, on the other hand, plugs these security holes with verified boot and also stops Google Play Store from overriding native apps. Seems the days of mobile Tor are finally here.

Vishal Ingole, December  13, 2016

Digital Reasoning Releases Synthesis Version 4

December 9, 2016

Digital Reasoning has released the latest iteration of its Synthesys platform, we learn from Datanami’s piece, “Cognitive Platform Sharpens Focus on Untructured Data.” Readers may recall that Digital Reasoning provides tools to the controversial US Army intelligence system known as DCGS. The write-up specifies:

Version 4 of the Digital Reasoning platform released on Tuesday (June 21) is based on proprietary analytics tools that apply deep learning neural network techniques across text, audio and images. Synthesys 4 also incorporates behavioral analytics based on anomaly detection techniques.

The upgrade also reflects the company’s push into user and ‘entity’ behavior analytics, a technique used to leverage machine learning in security applications such as tracking suspicious activity on enterprise networks and detecting ransomware attacks. ‘We are especially excited to expand into the area of entity behavior analytics, combining the analysis of structured and unstructured data into a person-centric, prioritized profile that can be used to predict employees at risk for insider threats,’ Bill DiPietro, Digital Reasoning’s vice president of product management noted in a statement.

The platform has added Spanish and Chinese to its supported languages, which come with syntactic parsing. There is also now support for Elasticsearch, included in the pursuit of leveraging unstructured data in real time. The company emphasizes the software’s ability to learn from context, as well as enhanced tools for working with reports.

Digital Reasoning was founded in 2000, and makes its primary home in Nashville, Tennessee, with offices in Washington, DC, and London. The booming company is also hiring, especially in the Nashville area.

Cynthia Murrell, December 9, 2016

 

 

 

Dawn of Blockchain Technology

November 24, 2016

Blockchain technology though currently powers the Bitcoin and other cryptocurrencies, soon the technology might find takers in mainstream commercial activities.

Blockgeeks in an in-depth article guide titled What Is Blockchain Technology? A Step-By-Step Guide for Beginners says:

The blockchain is an incorruptible digital ledger of economic transactions that can be programmed to record not just financial transactions but virtually everything of value.

Without getting into how the technology works, it would be interesting to know how and where the revolutionary technology can be utilized. Due to its inherent nature of being incorruptible due to human intervention and non-centralization, blockchain has numerous applications in the field of banking, remittances, shared economy, crowdfunding and many more, the list is just endless.

The technology will be especially helpful for people who transact over the Web and as the article points out:

Goldman Sachs believes that blockchain technology holds great potential especially to optimize clearing and settlements, and could represent global savings of up to $6bn per year.

Governments and commercial establishment, however, are apprehensive about it as blockchain might end their control over a multitude of things. Just because blockchain never stores data at one location. This also is the reason why Bitcoin is yet to gain full acceptance. But, can a driving force like blockchain technology that will empower the actual users can be stopped?

Vishal Ingole, November 24, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Word Embedding Captures Semantic Relationships

November 10, 2016

The article on O’Reilly titled Capturing Semantic Meanings Using Deep Learning explores word embedding in natural language processing. NLP systems typically encode word strings, but word embedding offers a more complex approach that emphasizes relationships and similarities between words by treating them as vectors. The article posits,

For example, let’s take the words woman, man, queen, and king. We can get their vector representations and use basic algebraic operations to find semantic similarities. Measuring similarity between vectors is possible using measures such as cosine similarity. So, when we subtract the vector of the word man from the vector of the word woman, then its cosine distance would be close to the distance between the word queen minus the word king (see Figure 1).

The article investigates the various neural network models that prevent the expense of working with large data. Word2Vec, CBOW, and continuous skip-gram are touted as models and the article goes into great technical detail about the entire process. The final result is that the vectors understand the semantic relationship between the words in the example. Why does this approach to NLP matter? A few applications include predicting future business applications, sentiment analysis, and semantic image searches.

Chelsea Kerwin,  November 10, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Is the Cloud Really Raining Dollar Signs?

October 5, 2016

Cloud computing offers people the ability to access their files from any place in the world as long as they have a good Internet connection and a cloud account.  Many companies are transferring their mainframes to the cloud, so their employees can work remotely.  Individuals love having their files, especially photos and music, on the cloud for instantaneous access.  It is a fast growing IT business and Forbes reports that “Gartner Predicts $111B In IT Spend Will Shift To Cloud This Year Growing To Be $216B By 2020.”

Within the next five years it is predicted more companies will shift their inner workings to the cloud, which will indirectly and directly affect more than one trillion projected to be spent in IT.  Application software spending is expected to shift 37% towards more cloud usage and business process outsourcing is expected to grow 43%, all by 2020.

Why wait for 2020 to see the final results, however?  2016 already has seen a lot of cloud growth and even more is expected before the year ends:

$42B in Business Process Outsourcing IT spend, or 35% of the total market, is forecast to shift to the cloud this year. 25% of the application software spending is predicted to shift to the cloud this year, or $36B.

Gartner is a respected research firm and these numbers are predicting hefty growth (here is the source).  The cloud shift will surely affect more than one trillion.  The bigger question is will cloud security improve enough by 2020 that more companies will shift in that direction?

Whitney Grace, October 5, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

 

Google and the Future of Search Engine Optimization

September 30, 2016

Regular readers know that we are not big fans of SEO (Search Engine Optimization ) or its champions, so you will understand our tentative glee at the Fox News headline, “Is Google Trying to Kill SEO?” The article is centered around a Florida court case whose plaintiff is e.ventures Worldwide LLC, accused by Google of engaging in “search-engine manipulation”. As it turns out, that term is a little murky. That did not stop Google from unilaterally de-indexing “hundreds” of e.ventures’ websites. Writer Dan Blacharski observes:

The larger question here is chilling to virtually any small business which seeks a higher ranking, since Google’s own definition of search engine manipulation is vague and unpredictable. According to a brief filed by e-ventures’ attorney Alexis Arena at Flaster Greenberg PC, ‘Under Google’s definition, any website owner that attempts to cause its website to rank higher, in any manner, could be guilty of ‘pure spam’ and blocked from Google’s search results, without explanation or redress. …

The larger question here is chilling to virtually any small business which seeks a higher ranking, since Google’s own definition of search engine manipulation is vague and unpredictable. According to a brief filed by e-ventures’ attorney Alexis Arena at Flaster Greenberg PC, ‘Under Google’s definition, any website owner that attempts to cause its website to rank higher, in any manner, could be guilty of ‘pure spam’ and blocked from Google’s search results, without explanation or redress.

We cannot share Blacharski’s alarm at this turn of events. In our humble opinion, if websites focus on providing quality content, the rest will follow. The article goes on to examine Google’s first-amendment based stance, and considers whether SEO is even a legitimate strategy. See the article for its take on these considerations.

Cynthia Murrell, September 30, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

 

 

Open Source CRM Galore for Salespeople, Manufacturers, and Even Freelancers

September 26, 2016

The article titled Top 10 Open Source CRM on Datamation weighs the customer relationship management (CRM) options based on individual needs in addition to features and functions. It highlights certain key benefits and points of strength such as EspoCRM’s excellent website, SugarCRM’s competitive edge over Salesforce, and the low cost of Dolibarr. The typical entry reads like this,

EPESI – The last in this list of Linux compatible CRM options is called EPESI. What makes it unique is the ability to take the mail page of the CRM and rearrange how things are laid out visually…it’s pretty nice to have when customizing ones workflow. In addition to expected CRM functionality, this tool also offers ERP options as well. With its modular design and cloud, enterprise and DIY editions, odds are there is a CRM solution available for everyone.

What strikes one the most about this list is how few familiar names appear. This list is certainly worth consulting to gain insights about the landscape, particularly since it does at least allude now and then to the specialty of several of the CRM software. For example, Dolibarr supports freelancers, Compiere is based around the needs of warehousing and manufacturing companies, and Zurmo was designed for salespeople. It is a good time to be in the market for CRM apps.

Chelsea Kerwin, September 26, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monographThere is a Louisville, Kentucky Hidden Web/Dark Web meet up on September 27, 2016.
Information is at this link: https://www.meetup.com/Louisville-Hidden-Dark-Web-Meetup/events/233599645/

Gleaning Insights and Advantages from Semantic Tagging for Digital Content

September 22, 2016

The article titled Semantic Tagging Can Improve Digital Content Publishing on Aptara Corp. blog reveals the importance of indexing. The article waves the flag of semantic tagging at the publishing industry, which has been pushed into digital content kicking and screaming. The difficulties involved in compatibility across networks, operating systems, and a device are quite a headache. Semantic tagging could help, if only anyone understood what it is. The article enlightens us,

Put simply, semantic markups are used in the behind-the-scene operations. However, their importance cannot be understated; proprietary software is required to create the metadata and assign the appropriate tags, which influence the level of quality experienced when delivering, finding and interacting with the content… There have been many articles that have agreed the concept of intelligent content is best summarized by Ann Rockley’s definition, which is “content that’s structurally rich and semantically categorized and therefore automatically discoverable, reusable, reconfigurable and adaptable.

The application to the publishing industry is obvious when put in terms of increasing searchability. Any student who has used JSTOR knows the frustrations of searching digital content. It is a complicated process that indexing, if administered correctly, will make much easier. The article points out that authors are competing not only with each other, but also with the endless stream of content being created on social media platforms like Facebook and Twitter. Publishers need to take advantage of semantic markups and every other resource at their disposal to even the playing field.

Chelsea Kerwin, September 22, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
There is a Louisville, Kentucky Hidden Web/Dark Web meet up on September 27, 2016.
Information is at this link: https://www.meetup.com/Louisville-Hidden-Dark-Web-Meetup/events/233599645/

Verizon Strategizes to Get Paid for Installing Big Brand Apps That You Will Probably Never Open

September 5, 2016

The article titled Verizon Offered to Install Marketers’ Apps Directly on Subscribers’ Phones on AdAge discusses the next phase in Verizon’s marketing strategy, a seeming inheritance of product placement: automatic installations for big brands onto your phone. Next time you notice an app that you didn’t download on your phone, look no further. Verizon has been in talks with both retail and finance brands about charging between $1 and $2 per device, which sounds small until you multiply it by 75 million Verizon smartphone subscribers. The article discusses some of the potential drawbacks.

Verizon has stoked some user frustration in the past with “bloatware,” as have many carriers and phone manufacturers. Bloatware comprises the often irrelevant apps that arrive pre-installed on phones, though they’re less often major brands’ apps and more often small, proprietary services from the carriers and manufacturers…There is no guarantee, however, that Verizon subscribers open the apps they find pre-installed on their phones. “If a user is not interested, they just delete it without activating.

Sara Choi, COO of AirFox, is quoted in the article making a great point about the importance to carriers to innovate new strategies for profit growth. Ultimately, the best use for this marketing technique is a huge number of immediate downloads. How to engage users once you have gotten into their phones is the next question. If this goes through, there will be no need to search to get an ad, which could mean bad news for online ad search.

Chelsea Kerwin, September 5, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
There is a Louisville, Kentucky Hidden Web/Dark Web meet up on September 27, 2016.
Information is at this link: https://www.meetup.com/Louisville-Hidden-Dark-Web-Meetup/events/233599645/

Next Page »