Latest Perspectives Version from Tom Sawyer

December 29, 2015

Data visualization and analysis firm Tom Sawyer announces the latest release of their flagship platform in, “Tom Sawyer Software Releases Tom Sawyer Perspectives, Version 7.1, .NET Edition.” There is a new “timeline” view, and they promise a boost to layout performance. The press release specifies:

“Users can dynamically manipulate sliders in a timeline view to choose a specific time period. Once a time period is chosen, the elements within other views are filtered and updated accordingly to hone in on events based on time of occurrence.

“Users can now see how data progresses through time and focus on the events they are most interested in. Visualize the spread of an epidemic, the progression of crime in a city, or uncover how information disseminates across an organization’s departments.

“Tom Sawyer Perspectives, Version 7.1 also includes enhanced examples and user experience. New Crime Network, Commodity Flow, and Road Safety example applications are included, the look and feel of the tutorial applications is modernized, and neighborhood retrieval is improved. In addition, many quality and performance enhancements have been made in this release, including up to 16 percent improvement in layout performance.”

The write-up includes screenshots and links to further information, so interested readers should check it out. Founded in 1992, Tom Sawyer helps organizations in fields from intelligence to healthcare make connections and draw conclusions from data. The company maintains offices around the world, but makes its headquarters in Berkeley, California. They are also hiring as of this writing.

 

Cynthia Murrell, December 29, 2015

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Islamic State Is Now a Convenient App

December 28, 2015

It used to be that if you wanted to be an enemy of western civilization you had to have ties to a derelict organization or even visit an enemy nation.  It was difficult, especially with the limits of communication in pre-Internet days.  Western Union and secret radio signals only went so far, but now with the Internet insurgent recruitment is just a few mouse clicks away or even an app download.  The Telegraph reports that the “Islamic State Releases Its Own Smartphone App” to spread propaganda and pollute Islam’s true message.

Islamic State (Isil) released an Android app to disseminate the terrorist group’s radical propaganda.  The app was brought to light by hacktivist Ghost Security Group, who uncovered directions to install the app on the encrypted message service Telegram.  Ghost Security says that the app publishes propaganda from Amaq News Agency, the Islamic State’s propaganda channel, such as beheadings and warnings about terrorist attacks.  It goes to show that despite limited resources, if one is tech savvy and has an Internet connection the possibilities are endless.

” ‘They want to create a broadcast capability that is more secure than just leveraging Twitter and Facebook,’ ” Michael Smith of Kronos Advisory, a company that acts as a conduit between GhostSec and the US government, told CS Monitor.

‘[Isil] has always been looking for a way to provide easy access to all of the material.’ ”

Isil might have the ability to create propaganda and an app, but they do have a limited reach.  In order to find this app, one has to dig within the Internet and find instructions.  Hacktivist organizations like Ghost Security and Anonymous are using their technology skills to combat terrorist organizations with success.  Most terrorist group propaganda will not be found within the first page of search results, one has to work to find them, but not that hard.

 

Whitney Grace, December 28, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

They Hid in Plain Sight

December 28, 2015

Those who carried out last November’s attacks in Paris made their plans in the open, but intelligence agencies failed to discover and thwart those plans beforehand. TechDirt reveals “Details of How The Paris Attacks Were Carried Out Show Little Effort by Attackers to Hide Themselves.” To us, that means intelligence agencies must not be making much use of the Dark Web. What about monitoring of mobile traffic? We suggest that some of the marketing may be different from the reality of these systems.

Given the apparent laxity of these attackers’ security measures, writer Mike Masnick wonders why security professionals continue to call for a way around encryption. He cites an in-depth report by  the

Wall Street Journal’s Stacy Meichtry and Joshua Robinson, and shares some of their observations; see the article for those details. Masnick concludes:

“You can read the entire thing and note that, nowhere does the word ‘encryption’ appear. There is no suggestion that these guys really had to hide very much at all. So why is it that law enforcement and the intelligence community (and various politicians) around the globe are using the attacks as a reason to ban or undermine encryption? Again, it seems pretty clear that it’s very much about diverting blame for their own failures. Given how out in the open the attackers operated, the law enforcement and intelligence community failed massively in not stopping this. No wonder they’re grasping at straws to find something to blame, even if it had nothing to do with the attacks.”

Is “terrorism” indeed a red herring for those pushing the encryption issue? Were these attackers an anomaly, or are most terrorists making their plans in plain sight? Agencies may just need to look in the right directions.

Cynthia Murrell, December 28, 2015

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Cyber Threat Intelligence Across the Enterprise

December 28, 2015

A blog series from iSightPartners aims to help organizations make the most of Cyber Threat Intelligence. The series is introduced in, “How CTI Helps Six Groups Do Their Jobs Better: A New Blog Series!” Writer Christina Jasinski explains:

“The importance of Cyber Threat Intelligence (CTI) has become more widely recognized in the past year.  But not many people realize how many different ways threat intelligence can be utilized across an enterprise. That’s why now is a good time to drill down and describe the wide range of use cases for employing threat intelligence for many different functions within an IT organization.

“Are you a CISO, SOC Analyst or an Incident Responder? Stay tuned….

“This is the first post in an iSIGHT Partners blog series that will delve into how IT security professionals in each of six distinct roles within an organization’s information security program can (and should) apply threat intelligence to their function.   Each post will include 3-4 use cases, how CTI can be used by professionals in that role, and the type of threat intelligence that is required to achieve their objectives.”

Jasinski goes on to describe what her series has to offer professionals in each of those roles, and concludes by promising to reveal practical solutions to CTI quandaries. Follow her blog posts to learn those answers.

Cynthia Murrell, December 28, 2015

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

 

New Years Resolutions in Personal Data Security

December 22, 2015

The article on ITProPortal titled What Did We Learn in Records Management in 2016 and What Lies Ahead for 2016? delves into the unlearnt lessons in data security. The article begins with a look back over major data breaches, including Ashley Madison, JP Morgan et al, and Vtech and gathers from them the trend of personal information being targeted by hackers. The article reports,

“A Crown Records Management Survey earlier in 2015 revealed two-thirds of people interviewed – all of them IT decision makers at UK companies with more than 200 employees – admitted losing important data… human error is continuing to put that information at risk as businesses fail to protect it properly…but there is legislation on the horizon that could prompt change – and a greater public awareness of data protection issues could also drive the agenda.”

The article also makes a few predictions about the upcoming developments in our approach to data protection. Among them includes the passage of the European Union General Data Protection Regulation (EU GDPR) and the resulting affect on businesses. In terms of apps, the article suggests that more people might start asking questions about the information required to use certain apps (especially when the data they request is completely irrelevant to the functions of the app.) Generally optimistic, these developments will only occur of people and businesses and governments take data breaches and privacy more seriously.

 

Chelsea Kerwin, December 22, 2015

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

 

When the Data Cannot Be Trusted

December 22, 2015

A post at Foreign Policy, “Cyber Spying Is Out, Cyber Lying Is In,” reveals that it may be more important now than ever before to check the source, facts, and provenance of digital information. Unfortunately, search and content processing systems do not do a great job of separating baloney from prime rib.

Journalist Elias Groll tells us that the experts are concerned about hacking’s new approach:

“In public appearances and congressional testimony in recent months, America’s top intelligence officials have repeatedly warned of what they describe as the next great threat in cyberspace: hackers not just stealing data but altering it, threatening military operations, key infrastructure, and broad swaths of corporate America. It’s the kind of attack they say would be difficult to detect and capable of seriously damaging public trust in the most basic aspects of both military systems and a broader economy in which tens of millions of people conduct financial and health-related transactions online….

“Drones could beam back images of an empty battlefield that is actually full of enemy fighters. Assembly robots could put together cars using dimensions that have been subtly altered, ruining the vehicles. Government personnel records could be modified by a foreign intelligence service to cast suspicion on a skilled operative.”

Though such attacks have not yet become commonplace, there are several examples to cite. Groll first points to the Stuxnet worm, which fooled Iranian engineers into thinking their centrifuges were a-okay when it had actually sabotaged them into over-pressurizing. (That was a little joint project by the U.S. and Israel.) See the article for more examples, real and hypothesized. Not all experts agree that this is a growing threat, but I, for one, am glad our intelligence agencies are treating it like one.

Cynthia Murrell, December 22, 2015

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Bye-Bye Paid Reviews

December 22, 2015

One has to admit that this sounds like a sweet way to make a few quick dollars: write a fake online review about a product or service highlighting good points and sellable features, post it on your social media accounts, Amazon, your blog, Yelp, TripAdvisor, and then collect a few bucks.  While Twitter might slowly be losing the social media race against Facebook and Instagram, the UK Telegraph says that the social network has another useful purpose: “Has Twitter Finally Killed The Mess Of The False Online Review?”

Fake reviews cost consumers millions of dollars each year, because they believe that first hand accounts from regular people trump a corporate advertising account.  However, it spawned a big market for people to spend a few dollars to pay someone write a fake review and give a product/service a positive spin.  The consumer is getting tired of fake reviews, as are online retailers like Amazon and the US government, which has even drafted the Consumer Review Freedom Act.

Twitter is jumping into action using big data moves like real time data sentimental analysis, location-based apps that search social media content for content, and algorithms to analyze tweets

“Chief executive Giles Palmer believes that apps such as Twizoo are only the start of how products and businesses are evaluated, especially as social media continues to evolve. ‘Until recently, social media monitoring has been a listening business where companies and brands have kept an eye on what their customers are doing, but not doing too much about it…But with mobile customers are after products and goods where they want to make an instant decision based on instant data. What’s more they want that data to be reliable and to be truthful; Twitter provides that.’”

Consumers are being more discerning about the products and services they purchase, but they also trust reviews to help them evaluate them so they will not be duped.  High praise for Twitter for proving how social media is valuable as a learning tool and also for proving it is still a worthwhile network.

 

Whitney Grace, December22, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Use the Sentiment Analysis Luke

December 22, 2015

The newest Star Wars film is out in theaters and any credible Star Wars geek has probably seen the film at least twice.  One theme that continues to be prevalent in the franchise is the use of the mystical, galactic power the Force.  The Force gives the Jedi special powers, such as the ability to read a person’s mind.  Computer Weekly says that data will be able to do the same thing in: “Sentiment Analysis With Hadoop: 5 Steps To Becoming A Mind Reader.”

While the article title reads more like a kit on how to became a psychic cheat, sentiment analysis has proven to predict a person’s actions, especially their shopping habits.  Sentiment analysis is a huge market for companies wanting to learn how to reach their shoppers on a more intimate level, predict trends before they happen, and connect with shoppers in real-time.  Apache Hadoop is a tool used to harness the power of data to make anyone with the right knowledge a mind reader and Twitter is one of the tools used.

First-data is collect, second-label data to create a data dictionary with positive or negative annotations, third-run analytics, fourth-run through a beta phase, and fifth-get the insights. While it sounds easy, the fourth step is going to be the biggest hassle:

“Remember that analytic tools that just look for positive or negative words can be entirely misleading if they miss important context. Typos, intentional misspellings, emoticons and jargon are just few additional obstacles in the task.

Computers also don’t understand sarcasm and irony and as a general rule are yet to develop a sense of humor. Too many of these and you will lose accuracy. It is probably best to address this point by fine-tuning your model.”

The purpose of sentiment analysis is teaching software how to “think” like a human and understand all our illogical ways.  (Hmm…that was a Star Trek reference, whoops!)  Hadoop Apache might not have light sabers or help you find droids, but it does offer to help understand consumers spending habits.   So how about, “These are the greenbacks you have been looking for.”

Whitney Grace, December 22, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Internet Sovereignty, Apathy, and the Cloud

December 21, 2015

The OS News post titled Dark Clouds Over the Internet presents an argument that boils down to a choice between international accord and data sharing agreement, or the risk of the Internet being broken up into national networks. Some very worked up commenters engaged in an interesting discussion that spanned government overreaching, democracy, data security, privacy, and for some reason, climate change. One person summarized their opinion thusly:

“Best policy: don’t store data with someone else. There is no cloud. It’s just someone else’s computer.”

In response, a user named Alfman replied that companies are to blame for the current lack of data security, or more precisely, people are generally to blame for allowing this state of affairs to exist,

The privacy issues we’re now seeing are a direct consequence of corporate business models pushing our data into their central silos. None of this is surprising except perhaps how willing users have been to forgo their own privacy. Collectively, it seems that we are very willing to give up our rights for very little in exchange… makes it difficult to achieve critical mass around technologies promoting data independence.”

It is hard to argue with the apathy factor, with data breaches occurring regularly and so little being done by individuals to protect themselves. Good thing these commenters have figured it all out. Next up, solving climate change.

Chelsea Kerwin, December 21, 2015

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

 

Watson Is Laying Startup Eggs

December 21, 2015

Incubators are warming stations for eggs.  Without having to rely on an organism’s DNA donor, an incubator provides a warm, safe environment for the organism to develop, hatch, and eventually be ready to face the world.  Watson has decided it is time for itself to propagate, but instead of knitting tiny computer cases Watson will invest its digital DNA in startups.  The Chicago Tribune discusses Watson’s reproduction efforts and progeny in “Watson, IBM’s Big-Data Program Is Also A Startup Incubator.”

While IBM sells Watson’s ability to scan and understand terabytes of data, the company also welcomes developers to use Watson for new ideas.  What is even more amazing is that IBM gives developers the ability to use Watson for free for a limited time.

“In Ecosystem, everyone is invited to play with Watson for free (for a limited time); some 77,000 developers have accepted. If your Watson-powered startup shows promise, it becomes a “partner,” often via a quasi-incubator model, and enjoys access to IBM business and technology advisers–and a shot at a capital infusion from the $100 million IBM is making available to Watson startups…”

Ecosystem has been used for startups that feature lifestyle coaching, personal shopping, infrastructure guards, veterinarian advice, fantasy sports calculator, 311 information, and even a hotel butler.

To quote the biblical justification for propagation: “Go forth and multiply the [Watson startups].”

Whitney Grace, December 21, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

« Previous PageNext Page »

  • Archives

  • Recent Posts

  • Meta