CyberOSINT banner

CloudFlare Claims Most Activity from Tor Is Malicious

June 28, 2016

Different sources suggest varying levels of malicious activity on Tor. Tech Insider shared an article responding to recent claims about Tor made by CloudFlare. The article, entitled, Google Search has a secret feature that shouts animal noises at you, offers information about CloudFlare’s perspective and that of the Tor Project. CloudFlare reports most requests from Tor, 94 percent, are “malicious” and the Tor Project has responded by requesting evidence to justify the claim. Those involved in the Tor Project have a hunch the 94 percent figure stems from CloudFlare attributing the label of “malicious” to any IP address that has ever sent spam. The article continues,

“We’re interested in hearing CloudFlare’s explanation of how they arrived at the 94% figure and why they choose to block so much legitimate Tor traffic. While we wait to hear from CloudFlare, here’s what we know: 1) CloudFlare uses an IP reputation system to assign scores to IP addresses that generate malicious traffic. In their blog post, they mentioned obtaining data from Project Honey Pot, in addition to their own systems. Project Honey Pot has an IP reputation system that causes IP addresses to be labeled as “malicious” if they ever send spam to a select set of diagnostic machines that are not normally in use. CloudFlare has not described the nature of the IP reputation systems they use in any detail.”

This article raises some interesting points, but also alludes to more universal problems with making sense of any information published online. An epistemology about technology, and many areas of study, is like chasing a moving target. Knowledge about technology is complicated by the relationship between technology and information dissemination. The important questions are what does one know about Tor and how does one know about it?

 

Megan Feil, June 28, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Is the NSA Is Overwhelmed with Data?

June 28, 2016

US citizens are worried about their civil liberties being compromised by the National Security AgencyZDNet reports they might not need to be worried anymore in the article, “NSA Is So Overwhelmed With Data, It’s No Longer Effective, Says Whistleblower.”

William Binney is a former official from the National Security Agency (NSA) with thirty years under his belt.  Binney has been a civilian for fifteen years, but he is abhorred with the NSA.  He said the NSA is so engorged with data that it has lost its effectiveness and important intelligence is lost in the mess.  This is how the terrorists win.  Binney also shared that an NSA official could run a query and be overwhelmed with so much data they would not know where to start.

” ‘That’s why they couldn’t stop the Boston bombing, or the Paris shootings, because the data was all there,’ said Binney. Because the agency isn’t carefully and methodically setting its tools up for smart data collection, that leaves analysts to search for a needle in a haystack.  ‘The data was all there… the NSA is great at going back over it forensically for years to see what they were doing before that,’ he said. ‘But that doesn’t stop it.’”

The problems are worse across the other law enforcement agencies, including the FBI, CIA, and DEA.  Binney left the NSA one month after 9/11 and reported that the NSA uses an intrusive and expensive data collection system.   The mantra is “to collect it all”, but it is proving ineffective and expensive.  According to Binney, it is also taking away half the Constitution.

Binney’s statements remind me of the old Pokémon games.  The catchphrase for the franchise is “gotta catch ‘em all” and it was easy with 150 Pokémon along with a few cheat codes.  The games have expanded to over seven hundred monsters to catch, plus the cheat codes have been dismantled making it so overwhelming that the game requires endless hours just to level up one character.  The new games are an ineffective way to play, because it takes so long and there is just too much to do.  The NSA is suffering from too many Pokémon in the form of data.

 

Whitney Grace, June 28, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Hacking Team Cannot Sell Spyware

June 27, 2016

I do not like spyware.  Once it is downloaded onto your computer, it is a pain to delete and it even steals personal information.  I think it should be illegal to make, but some good comes from spyware if it is in the right hands (ideally).  Some companies make and sell spyware to government agencies.  One of them is the Hacking Team and they recently had some bad news said Naked Security, “Hacking Team Loses Global License To Sell Spyware.”

You might remember Hacking Team from 2015, when its systems were hacked and 500 gigs of internal, files, emails, and product source code were posted online.  The security company has spent the past year trying to repair its reputation, but the Italian Ministry of Economic Development dealt them another blow.  The ministry revoked Hacking Team’s “global authorization” to sell its Remote Control System spyware suite to forty-six countries.  Hacking Team can still sell within the European Union and expects to receive approval to sell outside the EU.

“MISE told Motherboard that it was aware that in 2015 Hacking Team had exported its products to Malaysia, Egypt, Thailand, Kazakhstan, Vietnam, Lebanon and Brazil.

The ministry explained that “in light of changed political situations” in “one of” those countries, MISE and the Italian Foreign Affairs, Interior and Defense ministries decided Hacking Team would require “specific individual authorization.”  Hacking Team maintains that it does not sell its spyware to governments or government agencies where there is “objective evidence or credible concerns” of human rights violations.”

Hacking Team said if they suspect that any of their products were used to caused harm, they immediately suspend support if customers violate the contract terms.   Privacy International does not believe that Hacking Team’s self-regulation is enough.

It points to the old argument that software is a tool and humans cause the problems.

 

Whitney Grace, June 27, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Stepes: Human Translation at Your Fingertips

June 24, 2016

Though today’s machine translation is a convenient way to quickly get the gist of a foreign-language passage, it has its limitations; professionals still turn to human translation services when it counts. A new platform, Stepes Translate, can bridge the gap (at least until algorithms catch up). Its chat-based format makes it as convenient as machine translation, but there is an actual, multi-lingual human at the other end. BusinessWire reports, “Stepes Extends Google Translate Model to Live Human Translation.” The press release explains:

“Stepes Translate uses the familiar side by side interface of machine translation platforms like Google Translate. Anyone requesting translation simply enters their text into the source field. Next, Stepes immediately identifies an appropriate translator from its network of more than 60,000 in-country translators through mobile notification. The translator begins to translate immediately on his/her smartphone while the requesting user can see their progress live. For most requests, the translation is completed within minutes and appears in the target field for the requesting user to see. … Whereas traditional translation software is overly technical and thus not easily accessible to many translators, Stepes’ mobile technology makes translation tools intuitive.”

Stepes can translate more than 100 languages, and offers a 3-tiered pricing based on quality. If you don’t mind a few awkward passages and humorous phrasings, there is the Basic, 10-cents/word plan. If you need to make a good impression, or the document has legal implications, you’ll want to spring for the Premium, 16-cents/word option.

A project of localization firm CSOFT, Stepes Translate is also known as the Social Translation Experiment Project and Eco System. The acronym is also a nod to the European steppes, the region from which sprung hundreds of the world’s major languages. Headquartered in Beijing, CSOFT (or Communications Solutions Of Foreign Trade) was established in 2003. The company attributes their global success to a strong emphasis on customer service.

Cynthia Murrell, June 24, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

ZyLab Places eDiscovery in the Cloud

June 23, 2016

Through their Press Room site, ZyLab announces, “Zylab Introduces eDiscovery as a Service.” Billed as a cost-saving alternative to in-house solutions, the new platform allows users to select and pay for only the services they need through a monthly subscription. The press-release tells us:

“ZyLAB today announces that its eDiscovery solutions are now also delivered via the Internet in a software-as-a-service (SaaS) model in EMEA and AP via a managed service provider model. ZyLAB’s eDiscovery as a Service is introduced as the cost-effective alternative for organizations that do not have the time or IT resources to bring an eDiscovery solution in house. …

“With ZyLAB’s eDiscovery as a Service every type of company, in every industry can now easily scope the level of system they require. ZyLAB’s services span the entire Electronic Discovery Reference Model (EDRM) so a company can select the precise services that meet the needs of their current matter. The Service Level Agreement (SLA) will outline those selections and guarantee the availability of the data, ZyLAB’s software, and ongoing maintenance from ZyLAB’s Professional Services consultants.”

We are assured ZyLab’s SaaS solutions are of the same caliber as their on-premises solutions.  This approach can save a lot of time and hassle, especially for companies without a dedicated IT department. The write-up notes there are no long-term contracts or volume constraints involved,

and, of course, no new hardware to buy. If a company is willing to trust their data to a third party’s security measures, this could be a cost-effective way to manage eDiscovery.

Of course, if you were to trust anyone with your sensitive data, ZyLab’s record makes them a good choice. In fact, the company has been supplying eDiscovery and Information Government tech to prominent organizations for over three decades now. Large corporations, government organizations, regulatory agencies, and law firms around the world rely on their eDiscovery platform. The company was founded in 1983, with the release of the first full-text retrieval software for the PC. It’s eDiscovery/ Information Management platform was released in 2010.

 

Cynthia Murrell, June 23, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

 

Savanna 4.7 for External Content Links

June 22, 2016

The latest version of Savanna, the collaborative data-visualization platform from Thetus Corporation, has an important new feature—it can now link to external content. The press release at PR Newswire, “Savanna 4.7 Introduces Plugins, Opening ‘A World of New Content’ to Visual Analysis Software,” tells us:

“With Savanna, users can visualize data to document insights mined from complexity and analyze relationships. New in this release are Savanna Plugins. Plugins do more than allow users to import data. The game changer is in the ability to link to external content, leaving the data in its original source. Data lives in many places. Analyzing data from many sources often means full data transformation and migration into a new program.  This process is daunting and exactly what Savanna 4.7 Plugins address. Whether on databases or on the web, users can search all of their sources from one application to enrich a living knowledge base. Plugins also enable Savanna to receive streams of information from sources like RSS, Twitter, geolocators, and others.”

Thetus’ CTO is excited about this release, calling the new feature “truly transformative.” The write-up notes that Plugins opens new opportunities for Thetus to partner with other organizations. For example, the company is working with the natural language processing firm Basis Technology to boost translation and text mining capacities. Founded in 2003, Thetus is based in Portland, Oregon.

 

Cynthia Murrell, June 22, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Microsoft Makes Fresh Effort to Position Bing

June 21, 2016

Microsoft is gearing up for a fresh challenge to Google,  with a Bing rebranding effort centered on the new “Bing Network.” This marks a different approach to leveraging the MS search platform, we learn from the piece, “Microsoft Rebrands Bing, Challenges Google”  at SearchMarketingDaily. The incorporation of Yahoo has a lot to do with it. Reporter Laurie Sullivan writes:

“Microsoft’s message says the network pulls together in-the-moment data from across its mobile, global and local partners to support products that people use daily. And that network continues to grow. With the transition of all U.S. accounts, people and account management from Yahoo to Bing, the network represents an expanding set of partnerships such as AOL, and The Wall Street Journal, which adds more searches and clicks to the network daily, wrote Stephen Sirich, GM of advertising and consumer monetization group at Microsoft, in a post.”

Sullivan later reminds us:

“The shift in brand strategy also marks an end to the Yahoo-Bing Network. The renegotiated search deal between Microsoft and Yahoo in April 2015, five years into the 10-year deal, has ad sales and account management returning to their respective companies.”

The article discusses reasons Microsoft has struggled so to position Bing as an alternative to Google. For example, says one professional, Bing should not have tried to change the model Google had set up, and users had grown accustomed to, for Internet search. Also, Bing’s brand recognition has always lagged behind that of Google.  Perhaps that is about to change with this renewed effort. See the article for some more background and stats on Bing’s performance.

 

 

Cynthia Murrell, June 21, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Luciad Data Visualization and Situational Awareness Is Like an Over Stimulated Google Maps

June 21, 2016

The promotional article on Luciad titled Luciad V2016 Puts Users at the Center of Technical Innovation discusses the data fusion product from the global software company emphasizing situational awareness systems for Aviation, Defense and Security markets. 50,000+ people have viewed the 3D browser technology via the web app launched in 2015 that shows the breathtaking capacity to track and visualize moving data in the form of 35,000 international flights. The article states,

“Luciad’s software components are designed for the creation of applications that tackle a range of tasks, from top-level strategy to tactical detail and mission planning to operations debriefing. By connecting directly to data sources, Luciad’s software not only analyzes and visualizes what is happening now, but also helps predict what will happen next – allowing users to act quickly and safely. “Connect, visualize, analyze, act” is both our method and our motto.”

The LuciadFusion technology product features include the ability to fuse and serve multi-dimensional and multi-layered formats as well as multi-dimensional raster data, which applies to weather data. If you thought Google Maps was cool, this technology will blow you away. The developers were very interested in the aesthetic quality of the technology, and richness of the imaging makes that focus crystal clear.
Chelsea Kerwin, June 21, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Twitter Influential but a Poor Driver of News Traffic

June 20, 2016

A recent report from social analytics firm Parse.ly examined the relationship between Twitter and digital publishers. NeimanLab shares a few details in, “Twitter Has Outsized Influence, but It Doesn’t Drive Much Traffic for Most News Orgs, a New Report Says.” Parse.ly tapped into data from a couple hundred of its clients, a group that includes digital publishers like Business Insider, the Daily Beast, Slate, and Upworthy.

Naturally, news sites that make the most of Twitter do so by knowing what their audience wants and supplying it. The study found there are two main types of Twitter news posts, conversational and breaking, and each drives traffic in its own way. While conversations can engage thousands of users over a period of time, breaking news produces traffic spikes.

Neither of  those findings is unexpected, but some may be surprised that Twitter feeds are not inspiring more visits publishers’ sites. Writer Joseph Lichterman reports:

“Despite its conversational and breaking news value, Twitter remains a relatively small source of traffic for most publishers. According to Parse.ly, less than 5 percent of referrals in its network came from Twitter during January and February 2016. Twitter trails Facebook, Google, and even Yahoo as sources of traffic, the report said (though it does edge out Bing!)”

Still, publishers are unlikely to jettison their Twitter accounts anytime soon, because that platform offers a different sort of value. One that is, perhaps, more important for consumers. Lichterman quotes the report:

“Though Twitter may not be a huge overall source of traffic to news websites relative to Facebook and Google, it serves a unique place in the link economy. News really does ‘start’ on Twitter.”

And the earlier a news organization knows about a situation, the better. That is an advantage few publishers will want to relinquish.

 

 

Cynthia Murrell, June 20, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Amazon’s Alexa Popularizes Digital Assistants

June 17, 2016

Digital assistants are smarter than ever.  I remember when PDAs were the wave of the future and meant to revolutionize lives, but they still relied on human input and did not have much in the ways of artificial intelligence.  Now Cortana, Siri, and Alexa respond to vocal commands like an episode of Star Trek.  Digital assistants are still limited in many ways, but according to Venture Beat Alexa might be changing how we interact with technology: “How Amazon’s Alexa Is Bringing Intelligent Assistance Into The Mainstream”.

Natural language processing teamed with artificial intelligence has made using digital assistants easier and more accepted.  Predictive analytics specialist MindMeld commissioned a “user adoption survey” of voice-based intelligent assistants and the results show widespread adoption.

Amazon’s Echo teamed with the Alexa speech-enabled vocal device are not necessarily dominating the market, but Amazon is showing the potential for an intelligent system with added services like Uber, music-streaming, financial partners, and many more.

“Such routine and comfort will be here soon, as IA acceptance and use continue to accelerate. What started as a novelty and source of marketing differentiation from a smartphone manufacturer has become the most convenient user interface for the Internet of Things, as well as a plain-spoken yet empathetic controller of our digital existence.”

Amazon is on the right path as are other companies experimenting with the digital assistant.  My biggest quip is that all of these digital assistants are limited and have a dollar sign attached to them greater than some people’s meal budgets.  It is not worth investing in an intelligent assistant, unless needed.  I say wait for better and cheaper technology that will be here soon.

 

Whitney Grace, June 17, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Next Page »