Victims of Their Own Foolishness
December 15, 2016
Incidences of law enforcement agencies arresting criminals for selling their services on Dark Web are increasing. However, their success can be attributed to the foolishness of the criminals, rather than technological superiority.
Cyber In Sight in a news report titled IcyEagle: A Look at the Arrest of an Alleged Dark Web Vendor, the reporter says:
the exact picture of how law enforcement has managed to track down and identify Glende remains unclear, the details released so far, provide an interesting behind the scenes view of the cybercrime-related postings we often highlight on this blog.
The suspect in this case inadvertently gave details of his service offerings on AlphaBay. Cops were able to zero on his location and managed to put him under arrest for drug peddling. The report reveals further:
An undercover officer purchased stolen bank account information from IcyEagle in March and April 2016, according to the indictment. Interestingly, Glende was also arrested by local police for selling drugs around the same time. A tip from U.S. Postal Inspectors led to police officers finding a “trove” of drugs at his Minnesota home in March.
It is thus apparent that the criminals, in general, are of the opinion that since they are selling on Dark Web, they are untraceable, which clearly is not the case. The trace, however, was possible only because the suspect handed it over himself. Hackers and real cyber criminals are still out of the ambit of law enforcement agencies, which needs to change soon.
Vishal Ingole, December 15, 2016
Tor Phone to Take on Google
December 13, 2016
Tor users have nil or very limited options to surf Underground Web anonymously as Android-powered phones still manage to scrape user data. The Tor Project intends to beat Google at its own game with Tor-enabled smartphone.
An article that appeared on arsTechnica and titled Tor Phone Is Antidote to Google “Hostility” Over Android, Says Developer, says:
The prototype is meant to show a possible direction for Tor on mobile. We are trying to demonstrate that it is possible to build a phone that respects user choice and freedom, vastly reduces vulnerability surface, and sets a direction for the ecosystem with respect to how to meet the needs of high-security users.
The phone is powered by custom-made CopperHead OS and can be run only on Google Nexus or Pixel hardware phones. Of course due to high technicalities involved, it is recommended only for Linux geeks.
For voice calls, according to the article:
To protect user privacy, the prototype runs OrWall, the Android firewall that routes traffic over Tor, and blocks all other traffic. Users can punch a hole through the firewall for voice traffic, for instance, to enable Signal.
Google’s Android is an Open Source platform that OEMs can customize. This creates multiple security threats enabling hackers and snoopers to create backdoors. CopperHead OS, on the other hand, plugs these security holes with verified boot and also stops Google Play Store from overriding native apps. Seems the days of mobile Tor are finally here.
Vishal Ingole, December 13, 2016
The Information Not Accuracy Age
December 7, 2016
The impact of Google on our lives is clear through the company’s name being used colloquially as a verb. However, Quantum Run reminds us of their impact, quantifiable, in their piece called All hail Google. Google owns 80% of the smartphone market with over a billion android devices. Gmail’s users tally at 420 million users and Chrome has 800 million users. Also, YouTube, which Google owns, has one billion users. An interesting factoid the article pairs with these stats is that 94% of students equate Google with research. The article notes:
The American Medical association voices their concerns over relying on search engines, saying, “Our concern is the accuracy and trustworthiness of content that ranks well in Google and other search engines. Only 40 percent of teachers say their students are good at assessing the quality and accuracy of information they find via online research. And as for the teachers themselves, only five percent say ‘all/almost all’ of the information they find via search engines is trustworthy — far less than the 28 percent of all adults who say the same.
Apparently, cybercondria is a thing. The article correctly points to the content housed on the deep web and the Dark Web as untouched by Google. The major question sparked by this article is that we now have to question the validity of all the fancy numbers Quantum Run has reported.
Megan Feil, December 7, 2016
Want to Get Published in a Science Journal? Just Dole out Some Cash
December 7, 2016
A Canadian, Tom Spears has managed to publish a heavily plagiarized paper in a science journal by paying some cash. Getting published in a scientific and medical journal helps in advancing the career. ‘
In an article published by SlashDot titled Science Journals Caught Publishing Fake Research For Cash, the author says:
In 2014, journalist Tom Spears intentionally wrote “the world’s worst science research paper…a mess of plagiarism and meaningless garble” — then got it accepted by eight different journals. He did it to expose journals which follow the publish-for-a-fee model, “a fast-growing business that sucks money out of research, undermines genuine scientific knowledge, and provides fake credentials for the desperate.
This is akin to students enlisting services of hackers over Dark Web to manipulate their grades and attendance records. However, in this case, there is no need of Dark Web or Tor browser. Paying some cash is sufficient.
The root of the problem can be traced to OMICS International, an India-based publishing firm that is buying publication companies of these medical journals and publishing whatever is sent to them for cash. In standard practice, the paper needs to be peer-reviewed and also checked for plagiarism before it is published. As written earlier, the separation line between the Dark and Open web seems to be thinning and one day will disappear altogether.
Vishal Ingole, December 7, 2016
Could AI Spell Doom for Marketers?
December 1, 2016
AI is making inroads into almost every domain; marketing is no different. However, inability of AI to be creative in true sense may be a major impediment.
The Telegraph in a feature article titled Marketing Faces Death by Algorithm Unless It Finds a New Code says:
Artificial intelligence (AI) is one of the most-hyped topics in advertising right now. Brands are increasingly finding that they need to market to intelligent machines in order to reach humans, and this is set to transform the marketing function.
The problem with AI, as most marketers agree is its inability to imitate true creativity. As the focus of marketing is shifting from direct product placement to content marketing, the importance of AI becomes even bigger. For instance, a clothing company cannot analyze vast amounts of Big Data, decipher it and then create targeted advertising based on it. Algorithms will play a crucial role in it. However, the content creation will ultimately require human touch and intervention.
As it becomes clear here:
While AI can build a creative idea, it’s not creative “in the true sense of the word”, according to Mr Cooper. Machine learning – the driving technology behind how AI can learn – still requires human intelligence to work out how the machine would get there. “It can’t put two seemingly random thoughts together and recognize something new.
The other school of thought says that what AI lacks is not creativity, but processing power and storage. It seems we are moving closer to bridging this gap. Thus when AI closes this gap, will most occupations, including, creative and technical become obsolete?
Vishal Ingole, December 1, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Bug-Free, Efficient Tor Network Inching Towards Completion
November 30, 2016
The development team behind the Tor Project recently announced the release of Tor 0.2.9.5 that is almost bug-free, stable and secure.
Softpedia in a release titled New Tor “The Onion Router” Anonymity Network Stable Branch Getting Closer says:
Tor 0.2.9.5 Alpha comes three weeks after the release of the 0.2.9.4 Alpha build to add a large number of improvements and bug fixes that have been reported by users since then or discovered by the Tor Project’s hard working development team. Also, this release gets us closer to the new major update of The Onion Router anonymity network.
Numerous bugs and loopholes were being reported in Tor Network that facilitated backdoor entry to snooping parties on Tor users. With this release, it seems those security loopholes have been plugged.
The development team is also encouraging users to test the network further to make it completely bug-free:
If you want to help the Tor Project devs polish the final release of the Tor 0.2.9 series, you can download Tor 0.2.9.5 Alpha right now from our website and install it on your GNU/Linux distribution, or just fetch it from the repositories of the respective OS. Please try to keep in mind, though, that this is a pre-release version, not to be used in production environments.
Though it will always be a cat and mouse game between privacy advocates and those who want to know what goes on behind the veiled network, it would be interesting to see who will stay ahead of the race.
Vishal Ingole, November 30, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Tor Comes to the Rescue of Turkish Online Activists
November 29, 2016
Authorities in Turkey have effectively banned the use of social media platforms like Facebook, Twitter, and YouTube. Tor, however, has to come to the rescue of users, particularly online activists who want to get the word out about the social unrest in the country.
Motherboard in a report tiled Turks Are Flocking to Tor After Government Orders Block of Anti-Censorship Tools says:
Turkish Internet users are flocking to Tor, the anonymizing and censorship circumvention tool, after Turkey’s government blocked Twitter, Facebook, and YouTube. Usage of Tor inside of Turkey went up from around 18,000 users to 25,000 users on Friday, when the government started blocking the popular social media networks, according to Tor’s official metrics.
Apart from direct connection to the Tor Network through TOR browser, the network also allows users to use bridge relays that circumvent any access restrictions by ISPs. Though it’s not yet clear if ISPs in Turkey have also banned Tor access; however, the bridge relay connections have seen a spike in number since the ban was implemented.
It is speculated that the Government may have notified ISPs to ban Tor access, but failed to tell them to do so effectively, which becomes apparent here (a Tweet by a user):
I believe the government just sent the order and didn’t give any guide about how to do it,” Sabanc? told Motherboard in an online chat via Twitter. “And now ISPs trying to figure it out.
This is not the first time Tor has come to the rescue of online activists. One thing though is sure, more and more people concerned about their privacy or do not want to be repressed turning towards anonymous networks like Tor.
Vishal Ingole, November 29, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Surprise, Most Dark Web Content Is Legal
November 21, 2016
If you have been under the impression that Dark Web is that big chunk of the Internet where all activities and content is illegal, you are wrong.
In a news report published by Neowin, and titled Terbium Labs: Most of the Dark Web Content, Visible Through Tor, Is Legal reveals:
Contrary to popular belief that the majority of the dark web, accessible through Tor is mostly legal… or offline! With extremism making up just a minuscule 0.2% of the content looked at.
According to this Quora thead, Dark Web was developed by US Military and Intelligence to communicate with their assets securely. The research started in 1995 and in 1997, mathematicians at Naval Research Laboratory developed The Onion Router Project or Tor. People outside Military Intelligence started using Tor to communicate with others for various reasons securely. Of course, people with ulterior motives spotted this opportunity and began utilizing Tor. This included arms and drug dealers, human traffickers, pedophiles. Mainstream media thus propagated the perception that Dark Web is an illegal place where criminal actors lurk, and all content is illegal.
Terbium Labs study indicates that 47.7% of content is legal and rest is borderline legal in the form of hacking services. Very little content is technically illegal like child pornography, arms dealing, drug dealing, and human trafficking related.
The Dark Web, however, is not a fairyland where illegal activities do not occur. As the news report points out:
While this report does prove that seedy websites exist on the dark web, they are in fact a minority, contradictory to what many popular news reports would have consumers believe.
Multiple research agencies have indicated that most content is legal on Dark Web with figures to back that up. But they still have not revealed, what this major chunk of legal content is made of? Any views?
Vishal Ingole, November 21, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Dark Web Marketplaces Are Getting Customer Savvy
November 17, 2016
Offering on Dark Web marketplaces are getting weirder by the day. Apart from guns, ammo, porn, fake identities, products like forged train tickets are now available for sale.
The Guardian in an investigative article titled Dark Web Departure: Fake Train Tickets Go on Sale Alongside AK-47s reveals that:
At least that’s the impression left by an investigation into the sale of forged train tickets on hidden parts of the internet. BBC South East bought several sophisticated fakes, including a first-class Hastings fare, for as little as a third of their face value. The tickets cannot fool machines but barrier staff accepted them on 12 occasions.
According to the group selling these tickets, the counterfeiting was done to inflict financial losses on the operators who are providing deficient services. Of course, it is also possible that the fake tickets are used by people (without criminalistics inclinations) who do not want to pay for the full fares.
One school of thought also says that like online marketplaces on Open Web, Dark Web marketplaces are also getting customer-savvy and are providing products and services that the customers need or want. This becomes apparent in this portion of the article:
The academics say the sites, once accessed by invitation or via dark-web search engines (there’ll be no hyperlinks here) resemble typical marketplaces such as Amazon or eBay, and that customer service is improving. “Agora was invitation-only but many of these marketplaces are easily accessible if you know how to search,” Dr Lee adds. “I think any secondary school student who knows how to use Google could get access – and that’s the danger of it.
One of the most active consumer group on Dark Web happens to be students, who are purchasing anything from fake certificates to hacker services to improve their grades and attendance records. Educational institutions, as well as law enforcement officials, are worried about this trend. And as more people get savvy with Dark Web, this trend is going to strengthen creating a parallel e-commerce, albeit a dark one.
Vishal Ingole, November 17, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
AI to Profile Gang Members on Twitter
November 16, 2016
Researchers from Ohio Center of Excellence in Knowledge-enabled Computing (Kno.e.sis) are claiming that an algorithm developed by them is capable of identifying gang members on Twitter.
Vice.com recently published an article titled Researchers Claim AI Can Identify Gang Members on Twitter, which claims that:
A deep learning AI algorithm that can identify street gang members based solely on their Twitter posts, and with 77 percent accuracy.
The article then points out the shortcomings of the algorithm or AI by saying this:
According to one expert contacted by Motherboard, this technology has serious shortcomings that might end up doing more harm than good, especially if a computer pegs someone as a gang member just because they use certain words, enjoy rap, or frequently use certain emojis—all criteria employed by this experimental AI.
The shortcomings do not end here. The data on Twitter is being analyzed in a silo. For example, let us assume that few gang members are identified using the algorithm (remember, no location information is taken into consideration by the AI), what next?
Is it not necessary then to also identify other social media profiles of the supposed gang members, look at Big Data generated by them, analyze their communication patterns and then form some conclusion? Unfortunately, none of this is done by the AI. It, in fact, would be a mammoth task to extrapolate data from multiple sources just to identify people with certain traits.
And most importantly, what if the AI is put in place, and someone just for the sake of fun projects an innocent person as a gang member? As rightly pointed out in the article – machines trained on prejudiced data tend to reproduce those same, very human, prejudices.
Vishal Ingole, November 16, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
-
- Subscribe to Beyond Search
Feature archive
News archive
-
