The Time Google Flagged Itself for Potentially Malicious Content

June 13, 2016

Did you know Google recently labeled itself as ‘partially dangerous’? Fortune released a story, Google Has Stopped Rating ‘Google.com’ as ‘Partially Dangerous’, which covers what happened. Google has a Safe Browsing tool which identifies potentially harmful websites by scanning URLs. Users noticed that Google itself was flagged for a short time. Was there a rational explanation? This article offers a technology-based reason for the rating,

“Fortune noted that Google’s Safe Browsing tool had stopped grading its flagship site as a hazard on Wednesday morning. A Google spokesperson told Fortune that the alert abated late last night, and that the Safe Browsing service is always on the hunt for security issues that might need fixing. The issue is likely the result of some Google web properties hosting risky user-generated content. The safety details of the warning specifically called out Google Groups, a service that provides online discussion boards and forums. If a user posted something harmful there, Google’s tool would have factored that in when assessing the security of the google.com domain as a whole, a person familiar with the matter told Fortune.”

We bet some are wondering whether this is a reflection of Google management or the wonkiness of Google’s artificial intelligence? Considering hacked accounts alone, it seems like malicious content would be posted in Google Groups fairly regularly. This flag seems to be a flag for more than the “partially dangerous” message spells out. The only question remaining is, a flag for what?

Megan Feil, June 13, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Axcelerate Focuses on Control and Visibility

June 13, 2016

The article on CMSWire titled Recommind Adds Muscle to Cloud e-Discovery relates the upgrades to the Axcelerate e-Discovery platform from Recommind. The muscle referred to in the article title is the new Efficiency Scoring feature offered to increase e-discovery review process transparency by tracking efficiency and facilitating a consistent assessment. The article explains,

“Axcelerate Cloud is built on Recommind’s interactive business intelligence layer to give legal professionals a depth of insight into the e-discovery process that Recommind says they have previously lacked. Behind all the talk of agility and visibility, there is one goal here: control. The company hopes this release allays the fears of legal firms, who traditionally have been reluctant to use cloud-based software for fear of compromising data.”

Hal Marcus, Director of Product Marketing at Recommind, suggested that in spite of early hesitancy by legal professional to embrace the cloud, current legal teams are more open to the possibilities available through consolidation of discovery requirements in the cloud. According to research, there are no enterprise legal departments without cloud-based legal resources related to contract management, billing, or e-discovery. Axcelerate Cloud aims to promote visibility into discovery practices to address the major concern among legal professionals: insufficient insight and transparency.

 

 

Chelsea Kerwin, June 13, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Libraries Will Save the Internet

June 10, 2016

Libraries are more than place to check out free DVDs and books and use a computer.  Most people do not believe this and if you try to tell them otherwise, their eyes glaze offer and they start chanting “obsolete” under their breath.  BoingBoing, however, agrees that “How Libraries Can Save The Internet Of Things From The Web’s Centralized Fate”.  For the past twenty years, the Internet has become more centralized and content is increasingly reliant on proprietary sites, such as social media, Amazon, and Google.

Back in the old days, the greatest fear was that the government would take control of the Internet.  The opposite has happened with corporations consolidating the Internet.  Decentralization is taking place, mostly to keep the Internet anonymous.  Usually, these are tied to the Dark Web.  The next big thing in the Internet is “the Internet of things,” which will be mostly decentralized and that can be protected if the groundwork is laid now.  Libraries can protect decentralized systems, because

“Libraries can support a decentralized system with both computing power and lobbying muscle. The fights libraries have pursued for a free, fair and open Internet infrastructure show that we’re players in the political arena, which is every bit as important as servers and bandwidth.  What would services built with library ethics and values look like? They’d look like libraries: Universal access to knowledge. Anonymity of information inquiry. A focus on literacy and on quality of information. A strong service commitment to ensure that they are available at every level of power and privilege.”

Libraries can teach people how to access services like Tor and disseminate the information to a greater extent than many other institutes within the community.  While this is possible, in many ways it is not realistic due to many factors.  Many of the decentralized factors are associated with the Dark Web, which is held in a negative light.  Libraries also have limited budgets and trying to install a program like this will need finances, which the library board might not want to invest in.  Also comes the problem of locating someone to teach these services.  Many libraries are staffed by librarians that are limited in their knowledge, although they can learn.

It is possible, it would just be hard.

 

Whitney Grace, June 10, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

More Data to Fuel Debate About Malice on Tor

June 9, 2016

The debate about malicious content on Tor continues. Ars Technica published an article continuing the conversation about Tor and the claims made by a web security company that says 94 percent of the requests coming through the network are at least loosely malicious. The article CloudFlare: 94 percent of the Tor traffic we see is “per se malicious” reveals how CloudFlare is currently handling Tor traffic. The article states,

“Starting last month, CloudFlare began treating Tor users as their own “country” and now gives its customers four options of how to handle traffic coming from Tor. They can whitelist them, test Tor users using CAPTCHA or a JavaScript challenge, or blacklist Tor traffic. The blacklist option is only available for enterprise customers. As more websites react to the massive amount of harmful Web traffic coming through Tor, the challenge of balancing security with the needs of legitimate anonymous users will grow. The same network being used so effectively by those seeking to avoid censorship or repression has become a favorite of fraudsters and spammers.”

Even though the jury may still be out in regards to the statistics reported about the volume of malicious traffic, several companies appear to want action sooner rather than later. Amazon Web Services, Best Buy and Macy’s are among several sites blocking a majority of Tor exit nodes. While a lot seems unclear, we can’t expect organizations to delay action.

 

Megan Feil, June 9, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Palantir Technology Takes on Rogue Traders

June 9, 2016

Rogue trading has always been a problem for the stock market, but the more technology advances the easier it becomes for rogue traders to take advantage.  The good news is that security and compliance officers can use the same tools that rogue traders use in their schemes to stop them.  CNBC showed the story; “Tech Takes On Rogue Traders” that explains how technology is being used to stop the bad guys.   The report is described as:

“Colleen Graham, Chief Supervisory Officer at Signac, discusses Palantir and Credit Suisse’s joint technology initiative to crack down on rogue traders.”

Palantir Technology is being used along with Credit Suisse to monitor trader behavior data trade data, risk data, and market data to monitor how a trader changes over time.  They compare individual trader to others invested in similar stocks.  Using a combination of all these data fields, unusual behavior is monitored to prevent rogue trading.

The biggest loss on Wall Street is rogue trading.  The data Signac gathers helps figure out how rogue trading happens and what causes it.  By using analytical software, compliance officers are able to learn from past crimes and teach the software to recognize similar patterns.  In turn, this allows them to prevent future crimes. While some false positives are generated, all of the captured data is public.  Supervisors and other people actually are supposed to read this data; Signac just does so at a more in-depth level.

Catching rogue traders helps keep Wall Street running smoother and even puts the stockbrokers and other financial force back to work.

Palantir scored a new deal from this venture.  The same technology used to monitor the Dark Web is used to capture rogue traders.

Whitney Grace, June 9, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Google Has Much at Stake in Intel Tax Case

June 3, 2016

In the exciting department of tax activities, 9to5Google reports, “Google Could Effectively Recoup All the Tax it Paid Last Year if Intel Wins Test Case.” Why is Google so invested in a dispute between Intel and the IRS? Writer Ben Lovejoy explains:

“In essence, the case hinges on share compensation packages paid by overseas subsidiaries. The IRS says that the cost of these should be offset against the expenses of the overseas companies; Intel says no, the cost should be deducted by the U.S. parent company – reducing its tax liabilities in its home country. The IRS introduced the rule in 2003. Companies like Google have abided by the rule but reserved the right to reallocate costs if a court ruling went against the IRS, giving them a huge potential windfall.”

This windfall could amount to $3.5 billion for Alphabet, now technically Google’s “parent” company (but really just a reorganized Google). Apparently, according to the Wall Street Journal, at least 20 tech companies, including Microsoft and eBay, are watching this case very closely.

Google is known for paying the fewest taxes it thinks it can get away with, a practice very unpopular with some. We’re reminded:

“Google has recently come under fire for its tax arrangements in Europe, a $185M back-tax deal in the UK being described as ‘disproportionately small’ and possibly illegal. France is currently seeking to claim $1.76B from the company in back taxes.”

So, how much will the world’s tax collectors be able to carve out of the Google revenue pie? I suspect it will vary from year to year, and will keep courts and lawyers around the world very busy.

 

Cynthia Murrell, June 3, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

 

European Companies Help Egypt Spy on Citizens

June 2, 2016

It seems that, as Egypt was brutally repressing citizens during the massive protests of 2010 and 2011, European companies were selling citizen-surveillance tech to that country’s secret spy agency. Hammerhead Combat Systems shares the article, “Espionage Files: European Companies Sold Spy Tech to a Secret Egyptian Intelligence Unit Amid Brutal Repression.” The article  cites a report from Privacy International; writer Namir Shabibi tells us:

“The investigation, entitled ‘The President’s Men? Inside the Technical Research Department, the secret player in Egypt’s intelligence infrastructure,’ is the first to shed light on the growth of the TRD intelligence unit, its pivotal role in Egyptian intelligence apparatus and its links to European companies.

“The TRD’s growth is consistent with claims by human rights defenders that the Egyptian security service was in reality untouched by the revolution. Instead, it quietly went about strengthening itself under the cover of political turmoil.

“The report implicates two European companies in the sale of surveillance technology to TRD. At the time of mass protests in Egypt between 2010-11, it claims Nokia Siemens Networks provided the TRD mass surveillance capabilities including an interception management system and a monitoring center.

“Moreover, according to Privacy International, leaked emails from Italian surveillance equipment seller Hacking Team dated from last year show that it expected to earn a million euros from the sale of intrusive surveillance technologies to the unit. The technology would allow TRD complete access to the computers and smartphones of targeted individuals.”

Note that Nokia Siemens owns Trovicor, which does real-time surveillance and intercepts. The article states that former President Hosni Mubarak used the TRD to fight his political opponents and that the system may date back as far as Anwar Sadat’s rule. Seemingly unabashed, Hacking Team asserts they are in compliance with Italian regulations. On the other hand,  European Member of Parliament Marietje Schaake suspects these two companies have violated existing EU rules and, if not, insists new rules must be created immediately. See the piece (originally published at Vice News), or navigate to the Privacy International report itself, for more details.

 

Cynthia Murrell, June 3, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Hacktivists Become Educators on Dark Web

May 30, 2016

A well-known hactivist group is putting themselves out there on the Dark Web. International Business Times reported on the collective’s new chatroom in a piece entitled Anonymous hackers launch dark web chatroom OnionIRC to teach next generation of hacktivists. Anoynmous intends to teach those interested in hacktivism about the basics: coding, encryption and even history. IBT journalists went undercover and logged into the chat room to learn more about the next generation of hacktivists. Reporting back, the article states,

“[we] found roughly 40 people logged in and talking about topics, such as GPG encryption, NSA surveillance and how the government reportedly installs backdoors into computer software. According to HackRead, which first reported on the chatroom, the IRC has at times been particularly dysfunctional. Indeed, during our time in the chatroom, some of the contributors appeared to lack any hacking knowledge at all. “I want to learn Bash. Beginner level. Where should I start?” wrote one anonymous contributor. “With a Bash Book,” came the reply. This group, at least in its current form, is a far-cry from the more sophisticated and feared members that in the past have been known to hack federal agencies and assist in global political uprisings.”

This article’s reference to the “next generation of hacktivists” calls to mind a question about the age demographics of Dark Web users. Our bet is that, while they may tend young, there is likely to be significant representation from a variety of age groups. While it’s captured media attention, the Dark Web is no new phenomenon.

 

Megan Feil, May 30, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Paid Posts and PageRank

May 27, 2016

Google users rely on the search engine’s quality-assurance algorithm, PageRank, to serve up the links most relevant to their query. Blogger and Google engineer Matt Cutts declares, reasonably enough, that “Paid Posts Should Not Affect Search Engines.” His employer, on the other hand, has long disagreed with this stance. Cutts concedes:

“We do take the subject of paid posts seriously and take action on them. In fact, we recently finished going through hundreds of ‘empty review’ reports — thank you for that feedback! That means that now is a great time to send us reports of link buyers or sellers that violate our guidelines. We use that information to improve our algorithms, but we also look through that feedback manually to find and follow leads.”

Well, that’s nice to know. However, Cutts emphasizes, no matter how rigorous the quality assurance, there is good reason users may not want paid posts to make it through PageRank at all. He explains:

“If you are searching for information about brain cancer or radiosurgery, you probably don’t want a company buying links in an attempt to show up higher in search engines. Other paid posts might not be as starkly life-or-death, but they can still pollute the ecology of the web. Marshall Kirkpatrick makes a similar point over at ReadWriteWeb. His argument is as simple as it is short: ‘Blogging is a beautiful thing. The prospect of this young media being overrun with “pay for play” pseudo-shilling is not an attractive one to us.’ I really can’t think of a better way to say it, so I’ll stop there.”

 

Cynthia Murrell, May 27, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Erdogan Government Cracks down on Turkish Media

May 26, 2016

The Turkish government has been forcibly seizing and intimidating the nation’s media, we learn from “Erdogan’s Latest Media Takeover is About More than Just One Newspaper” at Mashable. Is this the future of publishing?

Turkish police fought protesters and manhandled journalists as the government wrested control of Zaman, Turkey’s most popular newspaper and, as journalist Suna Vidinli puts it, the country’s “last remaining effective voice of criticism in the press.” She continues:

“President Erdogan had long planned to take over Zaman as the paper was affiliated with Gulen Group, his main remaining adversary in his quest for absolute power. Earlier in the week, the Turkish Supreme Court — in a surprising and rare move — had released two top editors of Cumhuriyet, Can Dundar and Erdem Gul, from prison. They were imprisoned for writing about the illegal trafficking of weapons to radicals in Syria.

“Erdogan saw their release as a direct move against his authority and wowed to show who was boss. He signaled that the two journalists would be put back in prison soon and declared ‘things can get shaky in the following days.’ Hence, the takeover of Zaman was carefully planned as the most brutal confiscation of media to date in Turkish history.

“The confiscation of Zaman media group highlights some critical developments in Turkey. The government immediately took the media group offline, and a special tech team was brought in to completely wipe out the news archive and web content of the newspaper.”

The Chihan News Agency was also included in the seizure, a group we learn was the only non-governmental organization to monitor Turkish exit polls to ensure fair elections. The article notes that the remaining independent media in Turkey seem to have been effectively cowed, since none of them reported on the violent takeover. Governments, media groups, and human rights organizations around the world condemned the seizure; the U.S. State Department called Turkey’s pattern of media suppression “troubling.” We couldn’t agree more.

 

Cynthia Murrell, May 26, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

 

« Previous PageNext Page »

  • Archives

  • Recent Posts

  • Meta