DarkCyber, June 12, 2018, Now Available

June 12, 2018

DarkCyber for June 12, 2018, is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/274326974 .

Stephen E Arnold’s DarkCyber is a weekly video news and analysis program about the Dark Web and lesser known Internet services.

The first story focuses on torrents. ThePirateBay has long been associated with making it easy to access copyrighted content. With ThePirateBay offline, those in search of free copyrighted content have created a proxy list. The idea is that a bad actor can located copyrighted materials and sidestep paying for access. Although these torrent finder sites come and go, a list is easily available for anyone looking for what ThePirateBay made findable.

Next, Stephen reports that the Dutch police, in cooperation with other nation’s law enforcement agencies, have shuttered MaxiDed. The site, allegedly operated by citizens of Moldova, provided hosting and online services. MaxiDed allowed individuals and organizations wanting to distribute malware, host Dark Web sites, and engage in other online activities a safe harbor. The MaxiDed marketing explained that the service was “bulletproof.” DarkCyber reveals that MaxiDed was not.

The third story continues DarkCyber’s explanation of Amazon’s “policeware” initiative. The Amazon Rekognition service makes it possible for law enforcement to identify individuals in images and video. Unlike some other systems, Amazon’s approach allows real time facial recognition. Also, the system can identify up to 100 individuals in a group photo. This service complements Amazon’s streaming data service revealed in the June 5, 2018, DarkCyber video. Stephen E Arnold said: “Amazon’s push into services which seem tailor made for law enforcement, regulatory entities, and intelligence professionals continues. Its facial recognition service called ”Rekognition“ could revolutionize how authorities identify possible bad actors. The use of Amazon’s cross correlation method could significantly rework the law enforcement landscape in a very short period of time.”

The final story makes the economics of selling synthetic opioids clear. According to data compiled by Bloomberg, a kilogram of fentanyl or an analogue can generate orders of magnitude more money when sold on the street. Also, obtaining bulk quantities of fentanyl analogues is possible. China, for example, does not regulate analogues as closely as it does fentanyl itself.

Kenny Toth, June 12, 2018

Doxxing Explained

June 7, 2018

For those unfamiliar with the practice of “doxxing,” Stuff has shared a clear introduction on the topic peppered with links to more information—“What is Doxxing, and Why Is It So Scary?” Reporter Jasmine McNealy describes the technique of discovering personal information available online and using it against one’s target. She also emphasizes how dangerous these attacks can be. McNealy writes:

“It’s not surprising that information has value – particularly information related to people’s identities, interests and habits. This is, after all, the age of big data, social media and targeted advertising. The Facebook-Cambridge Analytica scandal is just one of many events in which regular people found out just how much personal information is available out on the internet. People also found out how little power they had over their information. Generally, people want, and think they have, control over who knows what about them. Individual identity is in part performance: People decide and change who they are and how they act in different places, around different groups. This is particularly true online, where many sites and services allow users to be anonymous or pseudonymous or to hide their information from other users’ searches. Often, of course, each site itself has some private information about users, like an email address, for delivering service-related notices. But online platforms seem to offer users a measure of control over their identity and personal information.”

That control, however, is less absolute than these platforms would have their users believe. The write-up describes why this is so, and concludes by emphasizing McNealy’s central point—doxxing turns online information into a dangerous weapon.

Cynthia Murrell, June 7, 2018

DarkCyber, May 29, 2018, Now Available

May 29, 2018

Stephen E Arnold’s DarkCyber video news program for Tuesday, May 29, 2018, is now available.

This week’s story line up is:

  • The “personality” of a good Web hacker
  • Why lists are replacing free Dark Web search services
  • Where to find a directory of OSINT software
  • A new Dark Web index from a commercial vendor.

You can find this week’s program at either www.arnoldit.com/wordpress or on Vimeo at https://vimeo.com/272088088.

On June 5, 2018, Stephen will be giving two lectures at the Telestrategies ISS conference in Prague. The audiences will consist of intelligence, law enforcement, and security professionals from Europe. A handful of attendees from other countries will be among the attendees.

On Tuesday, June 5, 2018, Stephen will reveal one finding from our analysis of Amazon’s law enforcement, war fighting, and intelligence services initiative.

Because his books have been reused (in several cases without permission) by other analysts, the information about Amazon is available via online or in person presentations.

The DarkCyber team has prepared short video highlighting one research finding. He will include some of the DarkCyber research information in his Prague lectures.

The Amazon-centric video will be available on Tuesday, June 5, 2018. After viewing the video, if you want the details of his for fee lecture, write him at darkcyber333@yandex dot com. Please, put “Amazon” in the subject line.

Several on the DarkCyber team believe that most people will dismiss Stephen’s analysis of Amazon. The reason is that people buy T shirts, books, and videos from the company. However, the DarkCyber research team has identified facts which suggest a major new revenue play from the one time bookseller.

Just as Stephen’s analyses of Google in 2006 altered how some Wall Street professionals viewed Google, his work on Amazon is equally significant. Remember those rumors about Alexa recording what it “hears”? Now think of Amazon’s services/products as pieces in a mosaic.

The picture is fascinating and it has significant financial implications as well.

Enjoy today’s program at this link.

Kenny Toth, May 29, 2018

Plan a Hike or an Attack: Piece of Cake Now

May 26, 2018

Forget the utility of the procedure for outdoor hikers described in “Plot a Hike on Google Earth.” My first thought was, “What a Mother’s Little Helper” for those involved in military orienteering. I particularly liked the use of Strava, an application with data of some value to those eager to locate certain types of behavior patterns inadvertently created by joggers. I also liked the bouncing between a desktop / laptop computer and mobile devices. No problem for personnel operating from a semi fixed base station. Finally, the “fly around” functionality is helpful. My problem with these capabilities is that they are available to anyone. My personal view is that certain types of technology applications can be put to what I would describe as questionable uses. Why go through the hassle of joining the military or law enforcement, cope with the rigors of FLETC and other training program, and sharpen one’s skills in the field. Take a short cut and put the capabilities in whatever context one wants. Sorry. Too much information.

Stephen E Arnold, May 26, 2018

DarkCyber for May 1, 2018, Now Available

May 1, 2018

DarkCyber is a weekly video news program which covers important Dark Web stories and information about less well known Internet services. Produced by Stephen E Arnold, publisher of the Beyond Search blog, DarkCyber is available at www.arnoldit.com/wordpress and streaming on Vimeo at https://vimeo.com/267103171  .

Russia has blocked Telegram, the popular messaging app which had an estimated nine million users in Russia. DarkCyber explains that Russian government officials must now use decades old technology for their text messages. One consequence of the Russian blocking of Telegram is that service to Amazon and Google was interrupted. DarkCyber provides a workaround that Russian users may want to consider adopting to respond to the stepped up censorship in Russia.

A new report from a unit of the GHCQ (Britain’s equivalent of the US National Security Agency) provides a thorough run down of cyber crime activity in England. DarkCyber highlights how a person can download a free copy of this important report. Plus, DarkCyber describes a case example of Crime as a Service highlighted in the study. The particular CaaS involves an individual providing malware programmers a way to verify that their code could elude some detection systems. Plus, DarkCyber reveals how the bad actor provided his paying customers with free customer support.

DarkCyber provides basic information explaining how a person can set up a Dark Web server. The procedure is straightforward but may be too complex or cumbersome for some users who want to take advantage of Tor’s anonymity features. DarkCyber provides an easy solution which can get a Dark Web site online in a matter of minutes and costs pennies a day.

The final story reiterates a theme based on a person’s assumption that the Dark Web is anonymous. For an individual who believed that Ecstasy purchases with payment via Bitcoin were invisible to law enforcement, the Dark Web is not as Dark as she assumed. Australian and UK authorities arrested the person who assumed incorrectly that Tor was 100 percent anonymous.

We have also updated Stephen’s brief biography. We have reproduced it below:

Stephen E Arnold is the author of “Dark Web Notebook” and “CyberOSINT: Next Generation Information Access.” This book describes some of the technologies used by GSR and Cambridge Analytica to acquire and analyze Facebook user data. He has been named as a technology adviser to the UK based Judicial Commission of Inquiry into Human Trafficking and Child Sex Abuse.” Mr. Arnold also lectures to law enforcement and intelligence professionals attending the Telestrategies ISS conferences in Prague, At that conference, he will describe a major vendor’s virtually-unknown digital currency deanonymizing service. In addition, Mr. Arnold will appear at the Washington, DC, and Panama City, Panama, Telestrategies ISS events. In recent months, he has shared his research with law enforcement and intelligence professionals in the US and Europe. His most recent lectures focus on deanonymizing chat and digital currency transactions. One hour and full day programs are available via webinars and on-site presentations. He publishes the free Web log “Beyond Search,” which is available at www.arnoldit.com/wordpress .

DarkCyber is available at this link. (The splash page for the video contains a nod to May Day celebrations in a certain country.) We are working on a special DarkCyber about Amazon’s “intel play” which will be released coincident with his lectures at the Telestrategies ISS conference in Prague during the first week of June.

Kenny Toth, May 1, 2018

Amazon: Why Support Blockchain? To Chase IBM? Wrong.

April 30, 2018

In June 2018, I will describe Amazon’s lynch pin approach to intelligence analysis. The “play” has been ignored or overlooked by those who monitor the next generation information access market. At the Telestrategies ISS conference, I will report the DarkCyber and Beyond Search analysts’ assessment of this important Amazon service. The audience for the Telestrategies ISS programs are law enforcement and intelligence professionals. We have developed a for fee webinar which provides details of the Amazon “swing for the fences” approach to a number of intelligence-related services. Personally I was surprised by the audaciousness of the Amazon approach.

In this context, I noted a report in “Amazon’s New Blockchain Service Could Hurt IBM” which misses the main point of the Amazon “invention.” Yes, there is a patent as well as publicly accessible data about this data management play.

The write up explains that Amazon is offering BaaS or Blockchain as a Service. The spin in the write up is the threat which Amazon poses to IBM. From my analysts’ viewpoint, this is just a tiny piece of a much larger story.

What if Amazon is interested in a far larger market than one envisioned by IBM with its arm waving?

Assessing Amazon’s “invention” on the basis of this type of data might be misleading:

Amazon’s decision to launch both the Ethereum and Hyperledger Fabric services means that it wants to straddle the public and private cloud markets with its blockchain services. IBM has a firm grasp of the private on-premise cloud market, but AWS has been gaining ground with Virtual Private Cloud (VPC) services, which isolate sections of AWS’ public cloud for private use. The CIA, for example, already uses a “secret region” of AWS to host its classified data. Therefore, deploying Fabric on AWS’ VPCs could counter IBM’s deployment of Fabric on its on-premise private clouds.

Hmm. Quite a mishmash of assertions and services.

For a different point of view, catch my sessions at the Prague Telestrategies ISS program in Prague. If you want the information now, write benkent2020 at yahoo.com and request information about our online webinar. Coincident with my presentation, my team will release a story in Beyond Search, and we will post a brief video highlighting some of the main points of my presentation.

Oh, with regard to IBM, that company hired an Amazon executive to help IBM catch up. That’s more than worry. That’s reaction to a system which has been under construction since 2011. With a seven year head start, big time vendors involved, and contracts in negotiation, IBM has to do more than poach a manager.

Amazon sells books, right?

Stephen E Arnold, April 30, 2018

Scrubbing Terrorists: No Magic Mr. Clean

April 30, 2018

Removing terror suspects from Facebook and other social media outlets seems like it should be a cut and dry job, from the outside. However, doing so while not infringing on others’ rights gets very tricky. We learned just how tricky from a recent Telegraph article, “Facebook Reinstated Account for Terror Suspect Nine Times After He Complained They Were Stifling His Free Speech.”

According to the story:

“The social media giant suspended Abdulrahman Alcharbati’s account on nine occasions after he posted sickening Isil propaganda videos, but reinstated it each time when he complained….“Emails between the 31-year-old and Facebook’s moderators were read out to the  jury at Newcastle Crown Court, where? he ?is standing trial accused of terror offences.”

This is a difficult position, since social media outlets claim they want to respect free speech on one hand, but not encourage violent and hurtful speech on the other. Even Mark Zuckerberg has addressed the issue of removing terrorists from his site. This speaks to how prevalent the issue is and how difficult it is, as well. Don’t expect the elimination of dangerous actors from social media any time soon. There are just too many loopholes.

Patrick Roland, April 30, 2018

Terror Database Enriched with Social Media Pix

April 24, 2018

A question is surging through the tech and espionage communities after a recent article that makes some big implications in both worlds. That’s because a company formed by ex-spies is using facial recognition software to create a database of images from social networks like Facebook. This raises a ton of questions, but they all start with the recent Daily Mail piece, “Surveillance Company Run by Ex-Spies is Harvesting Facebook Photos.”

According to the story, the program is called Face-Int and they have a specific goal in mind:

“Its creators say the software could lead to the identification of terror suspects, captured in promotional and other material posted online… “Experts are concerned that the company’s efforts extend beyond this remit, however, and into the political realm…’It raises the stakes of face recognition – it intensifies the potential negative consequences,’ Jay Stanley, senior policy analyst at the American Civil Liberties Union, told Forbes.”

While it is admirable that a company is aiming to help capture terrorists through social media, it leaves one to worry about several things. For starters, it’s pretty safe to assume many terrorists will not appear on social media or, at the least, not without something covering their face. Thus, accuracy becomes a concern. However, the larger concern is that This, however, does not touch upon the greater concern that private, law abiding citizens are also getting funneled into this database. The opportunities for invading one’s privacy is alarmingly high. Time will tell how this shakes out, but we have a hunch the general public will never be told.

Patrick Roland, April 24, 2018

DarkCyber for April 24, 2018, Now Available

April 24, 2018

DarkCyber for April 124, 2018, is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/266003727 .

Stephen E Arnold’s DarkCyber is a weekly video news and analysis program about the Dark Web and lesser known Internet services.

This week’s lead story focuses on universities as unwitting accomplices for student cyber criminals. Five students at Manchester University began selling drugs via SilkRoad. The students “graduated” to their own brand and branched out. Before UK law enforcement shut down the students’ operation, more than 6,000 drug sales were completed. Plus, university computer systems have become targets for malicious crypto currency mining operations. A student can take classes in computer science and be up and scamming quickly.

Stephen E Arnold, producer of DarkCyber and author of “CyberOSINT: Next Generation Information Access” said: “The combination of easy access to high-value information about programming and computer systems plus the lure of easy money can turn a good student into a good criminal. Universities, despite their effort to implement more robust security, are targets for bad actors. Students can operate Dark Web businesses from their campus residence. Outsiders can exploit the institution’s computer system in order to install crypto currency mining software. At this time, colleges and universities are in a cat and mouse game with high stakes and stiff penalties for students, administrators, and school security professionals.”

DarkCyber revisits the security of virtual private networks. This week’s program answers a viewer’s question about improving the security of a VPN. In addition to changing the ports the VPN uses, DarkCyber points out that a tech savvy individual can operate his or her own VPN or use additional specialized software to shore up the often leaky security many VPN services provide.

Vendors of “policeware” are generally unknown to most tech professionals. DarkCyber highlights a new, UK based company doing business as Grey Heron. The company offers a range of cyber security services. The firm’s staff appears to include individuals once affiliated with the Hacking Team, another policeware vendor which found itself the victim of a cyber attack two years ago. If Gray Heron taps the Hacking Team’s technical talent, the firm may make an impact in this little known sector of the software market.

The final story in DarkCyber for April 24, 2018, highlights several findings from a study sponsored by Bromium, a cyber security company. The researchers at a UK university gathered data which provide some surprising and interesting information about the Dark Web. For example, the new report asserts that more than $200 billion is laundered on the Dark Web in a single year. If true, these newly revealed research data provide hard metrics about the role of digital currency in today’s online economy.

Beginning in May 2018, coverage of the Dark Web and related subjects will be increased within Beyond Search.

Kenny Toth, April 24, 2018

Blockchain as a CP Delivery System

April 18, 2018

With the rise of Bitcoin’s profile the encryption platform, Blockchain, used to keep things so secret has also seen a rise in its profile. But just like Bitcoin’s scrutiny under the spotlight, Blockchain’s less savory side is being exposed. We learned more from a recent CoinCenter story, defending the encryption, called “Addressing The Concerns of Illicit Images on Public Blockchains.”

According to the well thought out editorial,

“Bitcoin transactions allow one to add to them a short text memo. What some have done is to include encoded text in transaction memo fields and these are recorded in the Blockchain. Some of these encoded surprises on the blockchain include wedding vows, Bible verses, the Bitcoin logo and white paper, and quotes from Nelson Mandela. Unfortunately, some sick individuals have also added encoded images of child abuse.”

This is, however, not a new problem for the dark web. In fact, three years ago Forbes pointed out that Blockchain was a potential safe haven for malware and child abuse. That doesn’t erase the problems, though. The CoinCenter piece points out that a majority of interactions through Blockchain are on the up-and-up and that many legitimate businesses are investigating its uses. So, it’s safe to say this encryption tool is not going anywhere. We just wonder how it can ethically be policed.

Patrick Roland, April 18, 2018

Next Page »

  • Archives

  • Recent Posts

  • Meta