Watch out for Falling Burritos

September 22, 2016

Amazon and Wal-Mart are already trying to deliver packages by drones, but now a Mexican restaurant wants in on the automated delivery game.  Bloomberg Technology tells the story in “Alphabet And Chipotle Are Bringing Burrito Delivery Drones To Campus.”  If you think you can now order a burrito and have it delivered to you via drone, sorry to

tell you that the service is only available on the Virginia Tech campus.  Alphabet Inc. unit Project Wing has teamed up with Chipotle Mexican Grill for the food delivery service.

Self-guided hybrid drones will deliver the burritos.  The burritos will come from a nearby food truck, so the navigation will be accurate and also so the food will be fresh.  The best part is that when the drones are making the delivery, they will hover and lower the burritos with a winch.

While the drones will be automated, human pilots will be nearby to protect people on campus from falling burritos and in case the drones veer from their flight pattern.  The FAA approved the burrito delivering drone test, but the association is hesitant to clear unmanned drones for bigger deliver routes.

…the experiment will not assess one of the major technology hurdles facing drone deliveries: creation of a low-level air-traffic system that can maintain order as the skies become more crowded with unmanned vehicles. NASA is working with Project Wing and other companies to develop the framework for such a system. Data from the tests will be provided to the FAA to help the agency develop new rules allowing deliveries…

The drone burrito delivery at Virginia Tech is believed to be the most complex delivery flight operation in the US.  It is a test for a not too distant future when unmanned drones deliver packages and food.  It will increase the amount of vehicles in the sky, but it will also put the delivery business in jeopardy.  Once more things change and more jobs become obsolete.

Whitney Grace, September 22, 2016
Sponsored by, publisher of the CyberOSINT monograph

There is a Louisville, Kentucky Hidden Web/Dark Web meet up on September 27, 2016.
Information is at this link:

Featurespace Raises Capital for Bank Fraud Monitoring Technology

September 21, 2016

Monitoring online fraud has become an increasingly popular application for machine learning and search technology. The Telegraph reported Cambridge AI fraud detection group raises £6.2m. The company, Featurespace, grew out of Cambridge University and its ARIC technology goes beyond rule-based fraud-detection. It scans all activity on a network and thus learns what registers as fraudulent or suspicious. The write-up tells us,

The company has now raised $9m (£6.2m), which it will use to open a US office after signing two big stateside deals. The funding is led by US fintech investor TTV Capital – the first time it has backed a UK company – and early stage investors Imperial Innovations and Nesta.

Mike Lynch, the renowned technology investor who founded software group Autonomy before its $11.7bn sale to Hewlett Packard, has previously invested in the company and sits on its board. Ms King said Featurespace had won a contract with a major US bank, as well as payments company TSYS, which processes MasterCard and Visa transactions.”

Overall, the company aims to protect consumers from credit and debit card fraud. The article reminds us that millions of consumers have been affected by stolen credit and debit card information. Betfair, William Hill and VocaLink are current customers of Featurespace and several banks are using its technology too. Will this become a big ticket application for these machine learning technologies?

Megan Feil, September 21, 2016
Sponsored by, publisher of the CyberOSINT monograph
There is a Louisville, Kentucky Hidden Web/Dark Web meet up on September 27, 2016.
Information is at this link:



Cairo Authorities Perform Bitcoin Sting

September 8, 2016

Egyptian authorities refuse to let a 30-year-old dentist get away with trading in digital currency, despite there being no law on the books to prohibit the practice.  The Merkle informs us, “Egyptian Dentist Apprehended in Bitcoin Sting Operation in Cairo.” Reporter Traderman reveals:

According to today’s post on the facebook page of The Ministry of the Interior, Mr. Ahmed was captured with $13,900 in cash, as well as a cellular phone and a smart tablet that were used in the trading operation. Authorities setup Ahmed by contacting him about a potential deal on LocalBitcoins, where Ahmed was selling the digital currency for $570 per coin.

The investigation was carried out with the cooperation of the Cairo Department of Public Safety and the Cairo Security Directorate. Mr. Ahmed has apparently confessed to trading bitcoin, but it is unclear what specific law Mr. Ahmed was breaking, as there are no regulations on digital currencies in Egypt.

The write-up tells us manufacturer AMECO, based in Cairo, has been accepting bitcoin apparently unmolested since 2014. Traderman also notes that, as of their writing, about seven Egyptian bitcoin vendors operating on LocalBitcoins, all of whom seem to be running modest operations. It will be interesting to see whether law-enforcement continues to crack down on bitcoin within their borders, and, if so, what justification authorities may offer. Perhaps they will go so far as to pass a law.

Cynthia Murrell, September 8, 2016
Sponsored by, publisher of the CyberOSINT monograph
There is a Louisville, Kentucky Hidden Web/Dark Web meet up on September 27, 2016.
Information is at this link:

Meet the Company Selling Our Medical Data

July 22, 2016

A company with a long history is getting fresh scrutiny. An article at Fortune reports, “This Little-Known Firm Is Getting Rich Off Your Medical Data.” Writer Adam Tanner informs us:

“A global company based in Danbury, Connecticut, IMS  buys bulk data from pharmacy chains such as CVS , doctor’s electronic record systems such as Allscripts, claims from insurers such as Blue Cross Blue Shield and from others who handle your health information. The data is anonymized—stripped from the identifiers that identify individuals. In turn, IMS sells insights from its more than half a billion patient dossiers mainly to drug companies.

“So-called health care data mining is a growing market—and one largely dominated by IMS. Last week, the company reported 2015 net income of $417 million on revenue of $2.9 billion, compared with a loss of $189 million in 2014 (an acquisition also boosted revenue over the year). ‘The outlook for this business remains strong,’ CEO Ari Bousbib said in announcing the earnings.”

IMS Health dates back to the 1950s, when a medical ad man sought to make a buck on drug-sales marketing reports. In the 1980s and ‘90s, the company thrived selling profiles of specific doctors’ proscribing patterns to pharmaceutical marketing folks. Later, they moved into aggregating information on individual patients—anonymized, of course, in accordance with HIPAA rules.

Despite those rules, some are concerned about patient privacy. IMS does not disclose how it compiles their patient dossiers, and it may be possible that records could, somehow someday, become identifiable. One solution would be to allow patients to opt out of contributing their records to the collection, anonymized or not, as marketing data firm Acxiom began doing in 2013.

Of course, it isn’t quite so simple for the consumer. Each health record system makes its own decisions about data sharing, so opting out could require changing doctors. On the other hand, many of us have little choice in our insurance provider, and a lot of those firms also share patient information. Will IMS move toward transparency, or continue to keep patients in the dark about the paths of their own medical data?


Cynthia Murrell, July 22, 2016

Sponsored by, publisher of the CyberOSINT monograph

There is a Louisville, Kentucky Hidden Web/Dark
Web meet up on July 26, 2016.
Information is at this link:

Finding Information Takes a Backseat to Providing a Comprehensive User Experience

July 20, 2016

The article titled An Intranet Success Story on BA Insight asserts that search is less about finding information than it is about user experience. In the context of Intranet networks and search, the article discusses what makes for an effective search engine. Nationwide Insurance, for example, forged a strong, award-winning intranet which was detailed in the article,

“Their “Find Anything” locator, navigation search bar, and extended refiners are all great examples of the proven patterns we preach at BA Insight…The focus for SPOT was clear.  It’s expressed in three points: Simple consumer-like experience, One-stop shop for knowledge, Things to make our jobs easier… All three of these connect directly to search that actually works. The Nationwide project has generated clear, documented business results.”

The results include Engagement, Efficiency, and Cost Savings, in the form of $1.5M saved each year. What is most interesting about this article is the assumption that UX experience trumps search results, or at least, search results are merely one aspect of search, not the alpha and omega. Rather, providing an intuitive, user-friendly experience should be the target. For Nationwide, part of that targeting process included identifying user experience as a priority. SPOT, Nationwide’s social intranet, is built on Yammer and SharePoint, and it is still one of the few successful and engaging intranet platforms.


Chelsea Kerwin, July 20, 2016

Sponsored by, publisher of the CyberOSINT monograph

There is a Louisville, Kentucky Hidden Web/Dark
Web meet up on July 26, 2016.
Information is at this link:

Mouse Movements Are the New Fingerprints

May 6, 2016

A martial artist once told me that an individual’s fighting style, if defined enough, was like a set of fingerprints.  The same can be said for painting style, book preferences, and even Netflix selections, but what about something as anonymous as a computer mouse’s movement?  Here is a new scary thought from PC & Tech Authority: “Researcher Can Indentify Tor Users By Their Mouse Movements.”

Juan Carlos Norte is a researcher in Barcelona, Spain and he claims to have developed a series of fingerprinting methods using JavaScript that measures times, mouse wheel movements, speed movement, CPU benchmarks, and getClientRects.   Combining all of this data allowed Norte to identify Tor users based on how they used a computer mouse.

It seems far-fetched, especially when one considers how random this data is, but

“’Every user moves the mouse in a unique way,’ Norte told Vice’s Motherboard in an online chat. ‘If you can observe those movements in enough pages the user visits outside of Tor, you can create a unique fingerprint for that user,’ he said. Norte recommended users disable JavaScript to avoid being fingerprinted.  Security researcher Lukasz Olejnik told Motherboard he doubted Norte’s findings and said a threat actor would need much more information, such as acceleration, angle of curvature, curvature distance, and other data, to uniquely fingerprint a user.”

This is the age of big data, but looking Norte’s claim from a logical standpoint one needs to consider that not all computer mice are made the same, some use lasers, others prefer trackballs, and what about a laptop’s track pad?  As diverse as computer users are, there are similarities within the population and random mouse movement is not individualistic enough to ID a person.  Fear not Tor users, move and click away in peace.


Whitney Grace, May 6, 2016
Sponsored by, publisher of the CyberOSINT monograph

Out of the Shadows and into the OpenBazaar

May 2, 2016

If you believe the Dark Web was destroyed when Silk Road went offline, think again!  The Dark Web has roots like a surface weed, when one root remains there are dozens (or in this case millions) more to keep the weed growing.  Tech Insider reports that OpenBazaar now occupies the space Silk Road vacated, “A Lawless And Shadowy New Corner Of The Internet Is About TO Go Online.”

OpenBazaar is described as a decentralized and uncensored online marketplace where people can sell anything without the fuzz breathing down their necks. Brian Hoffman and his crew had worked on it since 2014 when Amir Taaki thought it up.  It works similar to eBay and Etsy as a peer-to-peer market, but instead of hard currency it uses bitcoin.  Since it is decentralized, it will be near impossible to take offline, unlike Silk Road.  Hoffman took over the project from Taaki and after $1 million from tech venture capital firms the testnet is live.

“There’s now a functioning version of OpenBazaar running on the “testnet.” This is a kind of open beta that anyone can download and run, but it uses “testnet bitcoin” — a “fake” version of the digital currency for running tests that doesn’t have any real value. It means the developer team can test out the software with a larger audience and iron out the bugs without any real risk.” If people lose their money it’s just a horrible idea,” Hoffman told Business Insider.”

A new user signs up for the OpenBazaar testnet every two minutes and Hoffman hopes to find all the bugs before the public launch.  Hoffman once wanted to run the next generation digital black market, but now he is advertising it as a new Etsy.  The lack of central authority means lower take rates or the fees sellers incur for selling on the site.  Hoffman says it will be good competition for online marketplaces because it will force peer-to-peer services like eBay and Etsy find new ways to add value-added services instead of raising fees on customers.


Whitney Grace, May 2, 2016
Sponsored by, publisher of the CyberOSINT monograph

Netflix Algorithm Defaults To “White” Content, Sweeps Diversity Under the Rug

April 1, 2016

The article Marie Claire titled Blackflix; How Netflix’s Algorithm Exposes Technology’s Racial Bias, delves into the racial ramifications of Netflix’s much-lauded content recommendation algorithm. Many users may have had strange realizations about themselves or their preferences due to collisions with the system that the article calls “uncannily spot-on.” To sum it up: Netflix is really good at showing us what we want to watch, but only based on what we have already watched. When it comes to race, sexuality, even feminism (how many movies have I watched in the category “Movies With a Strong Female Lead?”), Netflix stays on course by only showing you similarly diverse films to what you have already selected. The article states,

“Or perhaps I could see the underlying problem, not in what we’re being shown, but in what we’re not being shown. I could see the fact that it’s not until you express specific interest in “black” content that you see how much of it Netflix has to offer. I could see the fact that to the new viewer, whose preferences aren’t yet logged and tracked by Netflix’s algorithm, “black” movies and shows are, for the most part, hidden from view.”

This sort of “default” suggests quite a lot about what Netflix has decided to put forward as normal or inoffensive content. To be fair, they do stress the importance of logging preferences from the initial sign up, but there is something annoying about the idea that there are people who can live in a bubble of straight, white, (or black and white) content. There are among those people some who might really enjoy and appreciate a powerful and relevant film like Fruitvale Station. If it wants to stay current, Netflix needs to show more appreciation or even awareness of its technical bias.

Chelsea Kerwin, April 1, 2016

Sponsored by, publisher of the CyberOSINT monograph


Third Party Company Profiteering

March 31, 2016

We might think that we keep our personal information from the NSA, but there are third party companies that legally tap ISP providers and phone companies and share the information with government agencies. ZDNet shares the inside story about this legal loophole, “Meet The Shadowy Tech Brokers That Deliver Your Data To The NSA.”  These third party companies hide under behind their neutral flag and then reap a profit.  You might have heard of some of them: Yaana, Subsentio, and Neustar.

“On a typical day, these trusted third-parties can handle anything from subpoenas to search warrants and court orders, demanding the transfer of a person’s data to law enforcement. They are also cleared to work with classified and highly secretive FISA warrants. A single FISA order can be wide enough to force a company to turn over its entire store of customer data.

Once the information passes through these third party companies it is nearly impossible to figure out how it is used.  The third party companies do conduct audits, but it does little to protect the average consumer.  Personal information is another commodity to buy, sell, and trade.  It deems little respect for the individual consumer.  Who is going to stand up for the little guy?  Other than Edward Snowden?


Whitney Grace, March 31, 2016
Sponsored by, publisher of the CyberOSINT monograph

DuckDuckGo Grows in 2015

December 30, 2015

Do you not love it when the little guy is able to compete with corporate giants?  When it comes to search engines DuckDuckGo is the little guy, because unlike big search engines like Google and Yahoo it refuses to track its users browsing history and have targeted ads.  According to Quartz, “DuckDuckGo, The Search Engine That Doesn’t Track Its Users, Grew More Than 70% This Year.”  Through December 15, 2015, DuckDuckGo received 3.25 billion queries up from twelve million queries received during the same time period in 2014.  DuckDuckGo, however, still has trouble cracking the mainstream..

Google is still the biggest search engine in the United States with more than one hundred million monthly searches, but DuckDuckGo only reached 325 million monthly searches in November 2015.  The private search engine also has three million direct queries via desktop computers, but it did not share how many people used DuckDuckGo via a mobile device to protect its users’ privacy.  Google, on the other hand, is happy to share its statistics as more than half of its searches come from mobile devices.

“What’s driving growth? DuckDuckGo CEO Gabriel Weinberg, reached via email, credits partnerships launched in 2014 with Apple and Mozilla, and word of mouth.  He also passes along a Pew study from earlier this year, where 40% of American respondents said they thought search engines ‘shouldn’t retain information about their activity.’… ‘Our biggest challenge is that most people have not heard of us,’ Weinberg says. ‘We very much want to break out into the mainstream.’”

DuckDuckGo offers an unparalleled service for searching.  Weinberg stated the problem correctly that DuckDuckGo needs to break into the mainstream.  Its current user base consists of technology geeks and those in “the know,” some might call them hipsters.  If DuckDuckGo can afford it, how about an advertising campaign launched on Google Ads?

Whitney Grace, December 30, 2015

Sponsored by, publisher of the CyberOSINT monograph

Next Page »