CyberOSINT banner

Open Source Software Needs a Micro-Payment Program

May 27, 2016

Open source software is an excellent idea, because it allows programmers across the globe to share and contribute to the same project.  It also creates a think tank like environment that can be applied (arguably) to any tech field.  There is a downside to open source and creative commons software and that is it not a sustainable model.  Open Source Everything For The 21st Century discusses the issue in their post about “Robert Steele: Should Open Source Code Have A PayPal Address & AON Sliding Scale Rate Sheet?”

The post explains that open source delivers an unclear message about how code is generated, it comes from the greater whole rather than a few people.  It also is not sustainable, because people do need funds to survive as well as maintain the open source software.  Fair Source is a reasonable solution: users are charged if the software is used at a company with fifteen or more employees, but it too is not sustainable.

Micro-payments, small payments of a few cents, might be the ultimate solution.  Robert Steele wrote that:

“I see the need for bits of code to have embedded within them both a PayPalPayPal-like address able to handle micro-payments (fractions of a cent), and a CISCO-like Application Oriented Network (AON) rules and rate sheet that can be updated globally with financial-level latency (which is to say, instantly) and full transparency. Some standards should be set for payment scales, e.g. 10 employees, 100, 1000 and up; such that a package of code with X number of coders will automatically begin to generate PayPal payments to the individual coders when the package hits N use cases within Z organizational or network structures.”

Micro-payments are not a bad idea and it has occasionally been put into practice, but not very widespread.  No one has really pioneered an effective system for it.

Steele is also an advocate for “…Internet access and individual access to code is a human right, devising new rules for a sharing economy in which code is a cost of doing business at a fractional level in comparison to legacy proprietary code — between 1% and 10% of what is paid now.”

It is the ideal version of the Internet, where people are able to make money from their content and creations, users’ privacy is maintained, and ethics is essential are respected.  The current trouble with YouTube channels and copyright comes to mind as does stolen information sold on the Dark Web and the desire to eradicate online bullying.

 

Whitney Grace, May 27, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

The Guardian Adheres to Principles

May 20, 2016

In the 1930s, Britain’s newspaper the Guardian was founded, through a generous family’s endowment, on the ideas of an unfettered press and free access to information. In continued pursuit of these goals, the publication has maintained a paywall-free online presence, despite declining online-advertising revenue. That choice has cost them, we learn from the piece, ”Guardian Bet Shows Digital Risks” at USA Today. Writer Michael Wolff explains:

“In order to underwrite the costs of this transformation, most of the trust’s income-producing investments have been liquidated in recent years in order to keep cash on hand — more than a billion dollars.

“In effect, the Guardian saw itself as departing the newspaper business and competing with new digital news providers like BuzzFeed and Vox and Vice Media, each raising ever-more capital from investors with which to finance their growth. The Guardian — unlike most other newspapers that are struggling to make it in the digital world without benefit of access to outside capital — could use the interest generated by its massive trust to indefinitely deficit-finance its growth. At a mere 4% return, that would mean it could lose more than $40 million a year and be no worse for wear.

“But … the cost of digital growth mounted as digital advertising revenue declined. And with zero interest rates, there has been, practically speaking, no return on cash. Hence, the Guardian’s never-run-out endowment has plunged by more than 12% since the summer and, suddenly looking at a finite life cycle, the Guardian will now have to implement another transition: shrinking rather than expanding.”

The Guardian’s troubles point to a larger issue, writes Wolff; no one has been able to figure out a sustainable business model for digital news. For its part, the Guardian still plans to avoid a paywall, but will try to coax assorted fees from its users. We shall see how that works out.

 

Cynthia Murrell, May 20, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

 

 

 

Now Big Data Has to Be Fast

May 15, 2016

I read “Big Data Is No Longer Enough: It’s Now All about Fast Data.” The write up is interesting because it shifts the focus from having lots of information to infrastructure which can process the data in a timely manner. Note that “timely” means different things in different contexts. For example, to a crazed MBA stock market maven, next week is not too useful. To a clueless marketing professional with a degree in art history, “next week” might be just speedy enough.

The write up points out:

Processing data at these breakneck speeds requires two technologies: a system that can handle developments as quickly as they appear and a data warehouse capable of working through each item once it arrives. These velocity-oriented databases can support real-time analytics and complex decision-making in real time, while processing a relentless incoming data feed.

The point omitted from the article is that speed comes at a cost. The humans required to figure out what’s needed to go fast, the engineers to build the system, and the time required to complete the task. The “cloud” is not a solution to the cost.

Another omission in the article is that the numerical recipes required to “make sense” of large volumes of data require specialist knowledge. A system which outputs nifty charts may be of zero utility when it comes to making a decision.

The write up ignores the information in “What Beats Big Data? Small Data.” Some organizations cannot afford the cost of fast data. Even outfits which have the money can find themselves tripping over their analyses. See, for example, “Amazon Isn’t Racist, It’s Just Been an Unfortunate Victim of Big Data.” Understanding the information is important. Smart software often lacks the ability to discern nuances or issues with data quality, poor algorithm selection, or knowing what to look for in the first place.

Will the write up cause marketers and baloney makers to alter their pitches about Big Data and smart software. Not a chance. Vendors’ end game is revenue; licensees have a different agenda. When the two do not meet, there may be some excitement.

Stephen E Arnold, May 15, 2016

Excite and Ask: Where Are They Now?

May 14, 2016

I learned a factoid from “Yahoo Stock: Analyzing 5 Key Suppliers.” Here’s the passage with the items I noted in bold face:

Excite Japan Co., Ltd. was established in 1997 as a joint venture with Excite, Inc., which is wholly owned by IAC/InterActiveCorp. At the time, Excite, Inc., which is known in 2016 as Ask.com, was among the largest and most popular Web portals offering personalized home pages for searching content. In 2015, Excite Japan generated 9.91% of its revenues from Yahoo through a revenue-sharing agreement for ad-clicks going through Yahoo’s search engine. In 2015, the company had revenue of $66.47 million in U.S. dollars and a market capitalization of $3.77 billion.

Interesting about Excite. About Yahoo? Not so much.

Stephen E Arnold, May 14, 2016

Searching the Panama Papers

May 11, 2016

Curious about the money laundering information improperly obtained from a law firm in Panama? You can search for the names of people whom you know by navigating to this link:

https://offshoreleaks.icij.org/

I ran a number of queries. The system works okay but considerable effort is required to wrangle on point results.

Sad to say none of the people and outfits I queried seemed to be high fliers. To make sense out of the data, one would need the corpus, some normalization, and an industrial strength tool or two.

Stephen E Arnold, May 11, 2016

Out of the Shadows and into the OpenBazaar

May 2, 2016

If you believe the Dark Web was destroyed when Silk Road went offline, think again!  The Dark Web has roots like a surface weed, when one root remains there are dozens (or in this case millions) more to keep the weed growing.  Tech Insider reports that OpenBazaar now occupies the space Silk Road vacated, “A Lawless And Shadowy New Corner Of The Internet Is About TO Go Online.”

OpenBazaar is described as a decentralized and uncensored online marketplace where people can sell anything without the fuzz breathing down their necks. Brian Hoffman and his crew had worked on it since 2014 when Amir Taaki thought it up.  It works similar to eBay and Etsy as a peer-to-peer market, but instead of hard currency it uses bitcoin.  Since it is decentralized, it will be near impossible to take offline, unlike Silk Road.  Hoffman took over the project from Taaki and after $1 million from tech venture capital firms the testnet is live.

“There’s now a functioning version of OpenBazaar running on the “testnet.” This is a kind of open beta that anyone can download and run, but it uses “testnet bitcoin” — a “fake” version of the digital currency for running tests that doesn’t have any real value. It means the developer team can test out the software with a larger audience and iron out the bugs without any real risk.” If people lose their money it’s just a horrible idea,” Hoffman told Business Insider.”

A new user signs up for the OpenBazaar testnet every two minutes and Hoffman hopes to find all the bugs before the public launch.  Hoffman once wanted to run the next generation digital black market, but now he is advertising it as a new Etsy.  The lack of central authority means lower take rates or the fees sellers incur for selling on the site.  Hoffman says it will be good competition for online marketplaces because it will force peer-to-peer services like eBay and Etsy find new ways to add value-added services instead of raising fees on customers.

 

Whitney Grace, May 2, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

New Security Service Enters Consumer Space

April 29, 2016

It looks like another company is entering the arena of consumer cybersecurity. An article from Life Hacker, Privacy Lets You Create “Virtual” Credit Card Numbers, Deactivate One Instantly If It’s Stolen, shares the details of Privacy. Their tool generates disposable card numbers online, which can be tied to accounts with participating banks or Visa cards, and then allows users to easily deactivate if one is stolen. The service is free to users because Privacy makes money acting as a credit card processor. The article tells us,

“Privacy just gives you the ability to create virtual “accounts” that are authorized to charge a given amount to your account. You can set that account to be single use or multi-use, and if the amount is used up, then the transaction doesn’t go through to your main account. If one of your virtual accounts gets hit with an account you don’t recognize, you’ll be able to open the account from the Privacy Chrome or Firefox extension and shut it down immediately. The Chrome extension lets you manage your account quickly, auto-fill shopping sites with your virtual account numbers, or quickly create or shut down numbers.”

We think the concept of Privacy and the existence of such a service points to the perception consumers find security measures increasingly important. However, why trust Privacy? We’re not testing this idea, but perhaps Privacy is suited for Dark Web activity.

 

Megan Feil, April 29, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Research Outlines Overview of Dark Web Landscape

April 27, 2016

The Dark Web continues to be a subject of study. Coin Desk published an article, Bitcoin Remains Most Popular Digital Currency on Dark Web, reporting on a study from two professors in the Department of War Studies at King’s College London. Their research found that Dark Web sites offered illegal goods and services in 12 categories, such as arms, drugs, and finance. As may be expected, the results revealed bitcoin to be the preferred digital currency of hidden-services commerce. We learned,

“The report, “Cryptopolitik and the Darknet,” which appeared in the February-March edition of Survival: Global Politics and Strategy, analyzed about 300,000 web addresses, identifying 5,205 live websites, out of which 2,723 were classified as illicit with a “high degree of confidence.” Of those, each was placed in one of twelve categories, including drugs, arms, and finance. The drugs category was the most frequently identified, with 423 websites, followed by finance with 327 websites. 1,021 websites were categorized as “other” by the research team. Among the financial websites identified as illicit, there were three categories: bitcoin-based methods for money-laundering, stolen credit card numbers and trade in counterfeit currency.”

In addition to this overview of the Dark Web landscape, the article also points out previous research which pokes holes in the conceptualization of the Dark Web as completely anonymous. An attack costing $2,500 is the price of busting a bitcoin user. Playing defense, a coin-mixing service called CleanCoin, helps bitcoin users remain traceless. What will be the next move?

 

Megan Feil, April 27, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

 

Google and Its Hidden Costs

April 26, 2016

I read “Alphabet: Sunk by Hidden Costs.” (You will have to register or maybe pay to read the source article containing the MBA analysis.) I was a bit surprised at the notion of hidden costs. Money comes in. Money goes out. The only reason money is hidden relates to the popular human pass time of not keeping track of what people, products, etc. cost and making a comprehensible notation of who authorized the expenditure, when, and why. Without this information, money is not hidden. Money is just ignored. Cash flow or venture funding is okay. We will be fine.

The write up points out that Google’s financial results were hooked to “some hidden costs.” The write up points out:

One place to blame for the bigger than expected loss is the Other Bets category. The loss in these long shot investments surged to $802 million from only $633 million last year. The operating loss was only $140 million higher than last year when excluding the stock-based compensation. Surely, analysts factored in larger losses from this sector.

“Surely.”

The Alphabet Google has its math and science club projects. Is the “money is plentiful” concept a mismatch with the spending for cheating death, Loon balloons, and dealing with legal hassles?

Hidden costs underscore management and detail behaviors. MBA speak may not make the problem go away. Google’s failure rate with start ups may follow a normal distribution. Hidden money just underscores the risk associated with these ventures.

Stephen E Arnold, April 26, 2016

Project Cumulus Tracks Stolen Credentials

April 26, 2016

Ever wonder how far stolen information can go on the Dark Web? If so, check out “Project Cumulus—Tracking Fake Phished Credentials Leaked to Dark Web” at Security Affairs. Researchers at Bitglass baited the hook and tracked the mock data.  Writer Pierluigi Paganini explains:

“The researchers created a fake identity for employees of a ghostly retail bank, along with a functional web portal for the financial institution, and a Google Drive account. The experts also associated the identities with real credit-card data, then leaked ‘phished’ Google Apps credentials to the Dark Web and tracked the activity on these accounts. The results were intriguing, the leaked data were accessed in 30 countries across six continents in just two weeks. Leaked data were viewed more than 1,000 times and downloaded 47 times, in just 24 hours the experts observed three Google Drive login attempts and five bank login attempts. Within 48 hours of the initial leak, files were downloaded, and the account was viewed hundreds of times over the course of a month, with many hackers successfully accessing the victim’s other online accounts.”

Yikes. A few other interesting Project Cumulus findings: More than 1400 hackers viewed the credentials; one tenth of those tried to log into the faux-bank’s web portal; and 68% of the hackers accessed Google Drive through the Tor network. See the article for more details. Paganini concludes with a reminder to avoid reusing login credentials, especially now that we see just how far stolen credentials can quickly travel.

 

Cynthia Murrell, April 26, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

 

Next Page »