DarkCyber for December 25, 2018, Is Now Available
December 25, 2018
DarkCyber for December 25, 2018, is now available at www.arnoldit.com/wordpress and on Vimeo. The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web and lesser known Internet services.
This week’s story line up includes… Australia legislates the unlocking of encryption backdoors… Dark Web counterfeiting ring kept unencrypted customer lists… which operating system provides online anonymity Tails or Qubes… and Dunkin Donuts loyalty points on the Dark Web just in time for the holidays.
First, Australia has become the first country to legislate that technology companies must assist law enforcement in decrypting encrypted messages. The law is controversial and has trigger expressions of concern from privacy advocates. DarkCyber reports that as a member of the Five Eyes organization, the Australian action may increase the resolve of the US, UK, Canada, and New Zealand to seek similar measures in 2019. Amendments to the new legislation are likely, but the Australian action is a significant development for law enforcement which is flying blind among the rapidly rising storm of encrypted communications which thwart many investigations.
Second, Austrian police cracked a Dark Web counterfeiting ring. Police seized fake euros and a list of customers. The names, shipping addresses, and other details were stored in an unencrypted form on computers and on paper. Austrian officials provided the information to Europol, which organized a series of coordinated operations in more than a dozen countries. Hundreds of arrests were made and the police are continuing their sweep. Dark Web criminals may use Tor for anonymity, but their understanding of operational security is poor.
Third, which secure operating is better for online anonymity? Tails is one of the systems used by many individuals. The system ships with Tor and other tools, including encrypted chat capabilities. Qubes is another system used by some individuals for increased security. Qubes, however, requires that the user set up the system, which relies on virtual machines. There are other options as well; for example, Whonix, JohnDo, and ImprediaOS, among others. The answer is that a person must understand the strengths and weaknesses of each option and choose a solution that fits one’s specific needs.
The final story reports that some Dark Web ecommerce vendors are selling Dunkin Donuts loyalty points. A customer with the Dunkin Donuts app and the stolen loyalty points can order donuts and other Dunkin Donuts products with minimal security checks. Discount sweets via the Dark Web have arrived just in time for the holidays.
Watch for information about our new blog (information service) DarkCyber. We will report the location of the service in Beyond Search.
Kenny Toth, December 25, 2018
DarkCyber for December 18, 2018 Now Available
December 18, 2018
DarkCyber for December 18, 2018, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/306639675 .
The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web and lesser known Internet services.
This week’s story line up includes… an informal agreement among Dark Web drug dealers to cut off sales of fentanyl… NSO, a provider of intelware to governments, is back in the news… Devicesavers can unlock any phone for $4,000… and a father and son Dark Web scheme leads directly to five years in prison.
First, some Dark Web ecommerce vendors are voluntarily cutting off sales of the synthetic opioid fentanyl. The reason is not going straight. The vendors are wary of stepped up police action in order to take down Dark Web sites selling the potent drug. DarkCyber notes that the actions of Dark Web ecommerce vendors are not likely to curtail the sale of the drug. Vendors move their transactions to encrypted chat sessions or private messaging groups on social media systems. Furthermore China prohibits the manufacture of fentanyl, but not some of its analogs.
Second, DarkCyber reports that the vendor of software for government agencies is back in the news. Reports link NSO with Saudi Arabia and allege that the Kingdom used NSO’s Pegasus tool to monitor Omar Abdulaziz and the slain journalist Jamal Khashoggi. Companies like NSO shun the spotlight. Now NSO finds itself allegedly linked to a high profile news story and the subject of increased attention from the Canadian Lab, an independent research group.
The third story reports that Drivesavers has a proprietary method for unlocking iPhones and Android devices. Apple took steps to eliminate a USB vulnerability which some firms were using to unlock iPhones. Drivesavers technique requires the law enforcement send the iPhone to the Drivesavers’ lab, where the phone is unlocked and its data copied to an external storage device. Drivesavers does not provide details about how its method works, but DarkCyber believes the approach is similar to that used by Cellebrite’s mobile device unlocking service. Drivesavers, DarkCyber reports, is listed on the GSA schedule which means US federal agencies can make use of the service with a minimum of bureaucratic
The final story recounts the fate of a father and son duo. The father hit upon the idea of selling his extra doctor prescribed painkillers on the Internet. When that did not work, he enlisted his son for help in setting up a Dark Web business. Federal agents spotted the ads and made an authorized drug buy. The father and son team were arrested and computing devices, text messages, and narcotics were seized. One of the text messages was from a customer who overdosed on the duo’s product. The message, sent from the hospital where the addict was recovering, wanted to set up another drug buy. The father and son team are now serving five years in prison.
DarkCyber is released each week on Tuesday. The next program will be available on December 25, 2018. In 2019, DarkCyber will introduce a Web log covering the stories in the weekly news program plus additional law enforcement related subjects.
Kenny Toth, December 18, 2018
DarkCyber for December 11, 2018 Now Available
December 11, 2018
DarkCyber for December 11, 2018, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com. The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web and lesser known Internet services.
This week’s story line up includes… a detailed report about weapons sales on the Dark Web … ThomsonReuters sells driving and personal data to ICE… and The outlines of Dark Web Version 2 become visible.
First, an information packed study about Dark Web weapons sales reveals that Glocks are the most popular illegal hand gun. How much is an illegal weapon? Prices range from $200 to more than $10,000. But fully automatic weapons are the most expensive. Cyber weapons cost a fraction of the price of a physical weapon. The information has been assembled by the RAND Corporation, and the report makes clear that despite the shut down of many Dark Web eCommerce sites, unregistered weapons are available via Tor and the Dark Web. The video provides the information needed to obtain a copy of this useful collection of hard to find data.
Second, DarkCyber reports that ThomsonReuters along with a handful of less well known companies are selling personal data to the US government. ThomsonReuters, according to a source available to DarkCyber, sells information related to driving; for example, data about license tags and information derived from surveillance cameras. With these types of data, government investigators are able to examine travel routes and may be able to pinpoint the location of vehicles. The value of proprietary data is that the accuracy and timeliness of the information can accelerate certain investigations.
The final story reveals that private group chats and encrypted instant messaging may be the future of the Dark Web. Instead of relying on special software to make online behavior anonymous, message oriented applications allow bad actors to work on the public Internet, safe from the eyes of investigators. Stephen E Arnold, author of CyberOSINT: Next Generation Information Access, said: “Encryption is an issue. DarkCyber anticipates that the US, Canada, the UK, New Zealand, and Australia will aggressively seek back doors. The time and cost of traditional decryption are prohibitive as the volume of encrypted messages goes up.”
DarkCyber is released each week on Tuesday. The next program will be available on December 25, 2018.
Kenny Toth, December 11, 2018
DarkCyber for December 4, 2018, Now Available
December 4, 2018
The December 4, 2018, DarkCyber, a weekly video news program about the Dark Web, is now available. The program can be viewed without advertisements at www.arnoldit.com/wordpress or on Vimeo at https:www.vimeo.com/303990213 .
This week’s program includes four stories. These are:
First, the CIA has made available without charge its training monograph about thinking. The book provides a run down of the habits of mind a CIA analyst or spy needs to cultivate. The book includes basic definitions, general information, and specific examples of common pitfalls. For example, the CIA publication makes clear that a vivid example with colorful details may distort one’s thinking about the event described. The DarkCyber video includes a download link for interested viewers.
The second story provides an update on the country-wide surveillance system Venezuela is deploying. The core system has been developed by ZTE, a Chinese company which enjoys close relationships with the Chinese government. One feature of the system is an identification card which allows data about a citizen’s online and offline behavior to be tracked. The new system also includes social network analysis, facial recognition, and data analytics. The installation of the ZTE system may be a response to sanctions imposed on Venezuela by the US government.
The third story reports that an Italian court has dismissed allegations that employees of the Hacking Team stole the company’s intellectual property. The count found that the crime was the work of a hacker who uses the handle Phineas Fisher. This individual is believed to have hacked the German security vendor FinFisher. The Hacking Team’s source code was posted online and is available for those interested in the Hacking Team’s methods.
The final story reports that about two thirds of the Dark Web went offline in mid November 2018. Unknown cyber criminals penetrated and deleted data from Daniel’s Hosting. After the take down of Freedom Hosting, Daniel’s Hosting became one of the larger ISPs catering to Dark Web site operators. News reports about the event suggest that the owner of Daniel’s Hosting was apprehensive about a cyber attack. However, he failed to implement appropriate security protocols. The site is now offline.
Kenny Toth, December 4, 2018
DarkCyber for November 27, 2018, Now Available
November 27, 2018
DarkCyber for November 27, 2018, is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/302658825.
This week’s program covers four stories related to the Dark Web and specialized Internet services.
DarkCyber reports that another call for a backdoors to encrypted communications. Cyrus Vance, the Manhattan district attorney, emphasized that government mandated backdoors are the only solution to device encryption. DarkCyber provides a link to the government report which substantiates this statement. Australia has issued a similar statement. Even though encrypted devices can be broken open, the time and resources required are significant. With the growing number of mobile devices in use by bad actors, the number of phones requiring decryption has created an evidence backlog. Encrypted devices, therefore, pose a significant challenge to law enforcement and intelligence professionals.
The second story reveals that autonomous killer drone technology is advancing rapidly. An autonomous drone is able to find, fix, and finish a target. DarkCyber describes the Elbit Systems’ Skystriker device which is about 95 percent autonomous at this time. Full autonomous operation is within view.
Other countries are working on similar technology. DarkCyber identifies autonomous sea going devices which can neutralize a target without a human in the kill chain. DarkCyber’s view is that countries without autonomous warfighting will find themselves at a strategic disadvantage.
The third story reports that facial recognition allowed 130 victims of child abuse to be identified by Dutch authorities. Mug shot image recognition and matching can perform at an accuracy level of about 90 percent. However, facial recognition from real time video feeds like surveillance cameras pose a more difficult problem. Accuracy rates for video identification can dip below 60 percent. Nevertheless, facial recognition technology is advancing rapidly with innovations from such firms as Boeing, Verint, and NSO. Startups are making significant technical contributions as well. Innovations from Trueface, Kairos, and PointGrab are likely to yield advances in recognition accuracy. DarkCyber provides links to two sources of information about facial recognition systems. One of these documents is a General Accountability Office report about facial recognition within the US government.
The final story describes an off tune Dark Web weapons deal. Three young men in England thought that buying Glock 19 firearms via the Dark Web was a foolproof scheme. Their idea was to specify that the weapons were shipped inside of an amplifier for an electric guitar. US and UK authorities identified the contraband and placed a video camera in the parcel. When the men received their delivery, the event was captured on video. The investigation yielded cash and narcotics. The individuals are now serving eight years in prison. It is unlikely that the amplifier is delivering Elvis’ hit “Jailhouse Rock” to the felons.
DarkCyber appears each Tuesday on the blog Beyond Search and on Vimeo. Watch for new programs each week at www.arnoldit.com/wordpress.
Kenny Toth, November 27, 2018
Thomson Reuters on a Privacy International Beat
November 26, 2018
I know that commercial database publishers can be profitable operations. But in order to keep pace with erosion of some traditional revenue streams, some professional publishers have been working to generate new databases which can be licensed to certain government agencies. In most cases, a researcher or librarian will not have these electronic files in their toolkit.
Privacy International published “Who Supplies the Data, Analysis, and Tech Infrastructure to US Immigration Authorities?” The report is available without charge, but I suggest that you download it promptly. Certain reports about some topics can go offline without notice.
I don’t want to dig through the references to references to Palantir. The information about that company is not particularly fresh. However, Privacy International has gathered some useful examples of Thomson Reuters’ products and services to law enforcement and other government agencies.
Privacy International seems unaware that many LE and intel entities routinely outsource work to third part, license a wide range of numeric and factual data, and tap into the talent pools at third party firms.
The Privacy International report does not provide much information about Thomson Reuters’ use of the Palantir technology. That might be an interesting topic for some young researcher to explore. We will do a short item about some of the Privacy International information in the DarkCyber for December 11, 2018.
Stephen E Arnold, November 26, 2018
DarkCyber for November 6, 2018, Is Now Available: Part Two, Amazon’s Disruptive Thrust
November 6, 2018
DarkCyber for November 6, 2018, is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/298831585
In this program, DarkCyber explains how Amazon is using open source software and proprietary solutions to reinvent IBM’s concept of vendor lock in.
Decades ago, IBM used mainframes and their proprietary hardware and software to create a barrier to change for government agencies using the systems. Amazon’s approach is to provide a platform which makes use of open source software to allow the US government to make necessary changes to software.
Amazon also offers value added functionality ranging from hardware like the DeepLens smart surveillance devices to patented analytics for real time cross correlation of data. Government agencies using these proprietary components will find themselves dependent on Amazon despite the support for open source software. Stephen E Arnold, author of CyberOSINT, said: “Amazon’s use of open source makes it easy for customers to make changes to the Amazon policeware system. However, Amazon’s value adding proprietary software allows Amazon to lock in government agencies who want access to Amazon’s most advanced services, features, and functions. Amazon wants to reinvent IBM’s approach to lock in for the 21st century.”
An added twist is that many of the providers of policeware and advanced intelligence systems use the Amazon cloud platform to deliver their products and services to US government agencies. Examples include Palantir Technologies, 4iQ and Webhose. Companies leveraging Amazon’s platform have an advantage over firms which use other cloud solutions. However, in the longer terms, Amazon can exercise control over vendors, partners, and integrators as part of a lock in strategy tuned to the 21st century computing realities.
Watch for the third part of this four part series on November 13, 2018.
Kenny Toth, November 6, 2018
DarkCyber for October 30, 2018, Is Now Available: Part One, Amazon Policeware
October 30, 2018
DarkCyber for October 30, 2018, is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/297839909
Stephen E Arnold’s DarkCyber is a weekly video news and analysis program about the Dark Web and lesser known Internet services.
This week’s program is Part One of our four part series which examines Amazon’s new platform for law enforcement, intelligence, and warfighting software and solutions.
Amazon has developed and successfully deployed its GovCloud platform (classified and unclassified versions). For more than four years, Amazon has provided its machine learning platform and specialized capabilities to one of the largest covert organizations in the United States. The success of that program has encouraged Amazon to compete for the $5 billion JEDI program to provide cloud services to the US Department of Defense.
In this first of four videos about Amazon’s policeware capabilities, Stephen E Arnold discusses Amazon’s coordinated, organized approach to this new service area.
Since 2007, Amazon has systematically put developed and deployed administrative tools, advanced analytic functions like cross correlation, and the technology required to allow point and click access to a wide range of data. Stephen E Arnold, author of CyberOSINT, said: “Amazon’s investment in policeware, its GovCloud technology, and the specialized services for law enforcement, regulatory agencies, and intelligence professionals is important. Amazon’s initiative has the potential to revolutionize how government agencies process open source and classified information.”
The JEDI contract, however, is not the end game for Amazon. The larger objective is for Amazon to provide a range of services which will allow the company to provide regulatory and enforcement services to allies of the United States and meet the needs of local, county, and state agencies. Plus, Amazon has landed a law enforcement contract in the UK which suggests that the company will pursue similar engagements in Australia, Canada, and New Zealand, the so-called Five Eyes initiative.
Amazon, if it wins the JEDI deal, could change the way in which government agencies procure advanced technology and process test, image, numeric, and video data. One immediate impact will be to force additional changes in how US government procurements for policeware, war fighting, and intelligence systems are handled. Furthermore, the traditional Federal supply chain for policeware and sense making systems will be disrupted.
Watch for the second part of this four part series next week on November 6, 2018
Kenny Toth, October 30, 2018
DarkCyber for October 23, 2018, Now Available
October 23, 2018
DarkCyber, Stephen E Arnold’s video news program about the Dark Web and lesser known Internet services, is now available. You can view the video at www.arnoldit.com/wordpress or on Vimeo at https://vimeo.com/296379232.
This week’s program includes four stories.
Bing and Google allegedly display content not appropriate to some users. Bing suggests links to content related to images not suitable for young people. Google allegedly returns results to YouTube videos which explain how to purchase illegal substances on the Dark Web. DarkCyber’s research team verified that content some individuals may find problematic do appear in search results. YouTube “how to” videos are findable by exploring pages deeper in a Google search result set; for example, pages six and following. The conclusion is that even when “safe search” features are activated links to topics which may be interpreted as offensive are easy to find, even for novice Web searchers.
The second story reveals that old school exploits and hacks have found a new lease on life. Bad actors are using standard office software and widely used utilities to obtain access to confidential information, employee email, and customer data. The method involves luring an employee to click on a link such as a document allegedly containing a list of employees at another company. Once the document is opened, a known vulnerability in Microsoft Office Dynamic Data Exchange is used to take over the target’s computer. DarkCyber reveals the simple fix to use to protect from this old school exploit.
The third story presents information about the system and method used by the now defunct Psy-Group. This firm has been identified as an organization of interest in the Robert Mueller investigation of President Donald Trump’s alleged interactions related to the 2016 election. DarkCyber walks through the principal components of a psychological operation designed to push the hot buttons of individuals associated with certain topics and political ideas. The DarkCyber video includes a link to additional documents related to the Psy-Group’s methods, which appear to be similar to those used by Cambridge Analytica.
The final story provides information about the decrease in Facebook usage in 2017. However, among one group, Facebook has become a must have social network. This user group is law enforcement officers. These professionals adopt false personas and work to obtain access to closed Facebook groups in order to gather information related to an investigation. The use of false personas is becoming a standard practice, and the data gathered are admissible in certain proceedings.
Beginning on October 30, 2018, DarkCyber presents a four part series about Amazon’s policeware initiative. The videos explain the importance of the Department of Defense’s JEDI procurement, the principal components of Amazon’s machine learning system, how Amazon will work to create a new type of vendor lock in, and the use of the Amazon policeware platform as a jumping off point for regulatory services in the US and expansion of its customer base outside the United States.
Kenny Toth, October 23, 2018
DarkCyber for October 16, 2018 Is Now Available
October 16, 2018
DarkCyber for October 16, 2018, is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/295026034
Stephen E Arnold’s DarkCyber is a weekly video news and analysis program about the Dark Web and lesser known Internet services. This week’s program covers three stories related to the Dark Web and specialized Internet services.
The first story explores what appears to be a public relations spat between two Dark Web indexing vendors. Terbium Labs offers it Matchlight service to government and commercial companies. Digital Shadows sells its SearchLight service to the same markets. Terbium Labs issued a new report. The document asserts that data collection about the Dark Web and related services has to be more stringent and consistent. Digital Shadows response was a report that for $150 Dark Web bad actors would hack the email account of any employee. The data used to back the claim were general, and they lacked the specificity that Terbium Labs desires. DarkCyber’s view is that Terbium Lab is advocating a “high road”; that is, more diligent data collection and more comprehensive indexing. Digital Shadows, on the other hand, seems to be embrace the IBM approach to marketing by emphasizing uncertainty and doubt.
The second story reports that PureTech Systems has announced it fully autonomous drone platform. When a sensor is activate, the PureTech drone can launch itself, navigate to the specific location identified by the sensor, and began collecting information in real time. The data are then fed in real time into the PureTech analytics subsystem. Tasks which once required specialists and intelligence analysts can now be shifted to the PureTech platform.
The final story for the October 16, 2018, is the failure of a California film professional to arrange for a Dark Web murder. After police received a tip, the person of interest was arrested. His missteps included using his California driver’s license to purchase Bitcoin to pay the Dark Web hit man. The interest in murder for hire seems to be high; however, most of those visiting these sites do not realize that they are scams. The California man paid $5 down on the hit, but his payoff was a stay in jail, not the termination of his step mother.
DarkCyber appears each Tuesday on the blog Beyond Search and on Vimeo. A four part series about Amazon’s policeware capabilities begins on October 30, 2018. Watch for these programs at www.arnoldit.com/wordpress.
Kenny Toth, October 16, 2018
-
- Subscribe to Beyond Search
Feature archive
News archive
-
