CyberOSINT banner

Google and Reliability Engineering

April 30, 2016

There’s a new book about Google SRE. You can find some information about it at this link. In order to understand how the real world works, you may want to navigate to “Google Cloud Status.” The write up explains why “On Monday, 11 April, 2016, Google Compute Engine instances in all regions lost external connectivity for a total of 18 minutes, from 19:09 to 19:27 Pacific Time.” Good news. According to this article “Google Blames Two Bugs for 18 minute Global Comute Engine Outage,”

Benjamin Treynor Sloss, Google’s vice president of engineering, explained on the Google Cloud Status blog that a “timing quirk” in the IP block’s removal occurred when the engineers tried to spread out the new configuration for Compute Engine.

A Google wizard is quoted in the article as saying:

We will conduct an internal investigation and make appropriate improvements to our systems to prevent or minimise future recurrence.”

I assume that the pertinent section of the forthcoming book was not available to the Googlers with their fingertips on the keyboard prior to the outage. Books are one thing; site reliability in the real world is apparently another.

Stephen E Arnold, April 30, 2016

25 Springtime for Google

April 29, 2016

The birds a chirping. The flowers are blooming. It is springtime for the Alphabet Google thing. How do I know? Three examples:

  1. Google and Facebook are sucking up ad money. Evidence? “Advertisers adjusted spending accordingly. In the first quarter of 2016, 85 cents of every new dollar spent in online advertising will go to Google or Facebook, said Brian Nowak, a Morgan Stanley analyst.” See “Media Websites Battle Faltering Ad Revenue and Traffic.”
  2. Taxing authorities want to follow the money. Evidence? “In India, Google was probed for anti-competitive conduct after being caught altering search keywords and pointing them to its own services over those of competitors. If found guilty, the company could be penalized a maximum of $5 billion.” See “Google Could Face New Multi-Billion Dollar Fine from EU for Android App Bundling.”
  3. Google is building fiber networks for certain countries and will be beaming down the Internet using balloons. Evidence? “Project Link is a Google initiative that has built fiber and wifi networks in cities in Uganda and Ghana. It plans to expand the program to even more cities in Africa and around the world.” See “Here’s Everything Google’s Doing to Reach Its Next Billion Users.”
  4. News Corp. is not feeling it when it comes to the GOOG. See “News Corp Broadens Google Antitrust Complaint.”

Does Google have a flag?

Stephen E Arnold, April 29, 2016

Google and Its Hidden Costs

April 26, 2016

I read “Alphabet: Sunk by Hidden Costs.” (You will have to register or maybe pay to read the source article containing the MBA analysis.) I was a bit surprised at the notion of hidden costs. Money comes in. Money goes out. The only reason money is hidden relates to the popular human pass time of not keeping track of what people, products, etc. cost and making a comprehensible notation of who authorized the expenditure, when, and why. Without this information, money is not hidden. Money is just ignored. Cash flow or venture funding is okay. We will be fine.

The write up points out that Google’s financial results were hooked to “some hidden costs.” The write up points out:

One place to blame for the bigger than expected loss is the Other Bets category. The loss in these long shot investments surged to $802 million from only $633 million last year. The operating loss was only $140 million higher than last year when excluding the stock-based compensation. Surely, analysts factored in larger losses from this sector.


The Alphabet Google has its math and science club projects. Is the “money is plentiful” concept a mismatch with the spending for cheating death, Loon balloons, and dealing with legal hassles?

Hidden costs underscore management and detail behaviors. MBA speak may not make the problem go away. Google’s failure rate with start ups may follow a normal distribution. Hidden money just underscores the risk associated with these ventures.

Stephen E Arnold, April 26, 2016

Duck Duck Go as a Privacy Conscious Google Alternative

April 26, 2016

Those frustrated with Google may have an alternative. Going over to the duck side: A week with Duck Duck Go from Search Engine Watch shares a thorough first-hand account of using Duck Duck Go for a week. User privacy protection seems to be the hallmark of the search service and there is even an option to enable Tor in its mobile app. Features are comparable, such as one designed to compete with Google’s Knowledge Graph called Instant Answers. As an open source product, Instant Answers is built up by community contributions. As far as seamless, intuitive search, the post concludes,

“The question is, am I indignant enough about Google’s knowledge of my browsing habits (and everyone else’s that feed its all-knowing algorithms) to trade the convenience of instantly finding what I’m after for that extra measure of privacy online? My assessment of DuckDuckGo after spending a week in the pond is that it’s a search engine for the long term. To get the most out of using it, you have to make a conscious change in your online habits, rather than just expecting to switch one search engine for another and get the same results.”

Will a majority of users replace “Googling” with “Ducking” anytime soon? Time will tell, and it will be an interesting saga to see unfold. I suppose we could track the evolution on Knowledge Graph and Instant Answers to see the competing narratives unfold.


Megan Feil, April 26, 2016

Sponsored by, publisher of the CyberOSINT monograph


Project Cumulus Tracks Stolen Credentials

April 26, 2016

Ever wonder how far stolen information can go on the Dark Web? If so, check out “Project Cumulus—Tracking Fake Phished Credentials Leaked to Dark Web” at Security Affairs. Researchers at Bitglass baited the hook and tracked the mock data.  Writer Pierluigi Paganini explains:

“The researchers created a fake identity for employees of a ghostly retail bank, along with a functional web portal for the financial institution, and a Google Drive account. The experts also associated the identities with real credit-card data, then leaked ‘phished’ Google Apps credentials to the Dark Web and tracked the activity on these accounts. The results were intriguing, the leaked data were accessed in 30 countries across six continents in just two weeks. Leaked data were viewed more than 1,000 times and downloaded 47 times, in just 24 hours the experts observed three Google Drive login attempts and five bank login attempts. Within 48 hours of the initial leak, files were downloaded, and the account was viewed hundreds of times over the course of a month, with many hackers successfully accessing the victim’s other online accounts.”

Yikes. A few other interesting Project Cumulus findings: More than 1400 hackers viewed the credentials; one tenth of those tried to log into the faux-bank’s web portal; and 68% of the hackers accessed Google Drive through the Tor network. See the article for more details. Paganini concludes with a reminder to avoid reusing login credentials, especially now that we see just how far stolen credentials can quickly travel.


Cynthia Murrell, April 26, 2016

Sponsored by, publisher of the CyberOSINT monograph


Google. No One Can Stop It. No One. No One. Aaaargh.

April 24, 2016

When I was a wee lad in days when admission to a motion picture was 25 cents, I recall watching with eyeballs wide open The Blob. Look at the poster for the film which flickered across the silver screen in 1958:

The words chosen to promote the film were “indescribable,” “indestructible,” and “Nothing can stop it.”

I read “If the Eurocrats Don’t Take on Google, No One Will Be Able to Stop It.” I find it interesting that the shock and awe words used by a promotion team in 1958 have become the currency of “real” journalism and punditry. Nothing can stop it lacks only an exclamation point.

The write up, wittingly or unwittingly, evokes “the molten meteor” as a metaphor for Google. The article reminded me:

If the commission decides that Google has indeed broken European competition law, then it can levy fines of up to 10% of the company’s annual global revenue for each of the charges. Given that Google’s global sales last year came to nearly $75bn, we’re talking about a possible fine of $15bn (£10.5bn). Even by Google standards, that’s serious money. And it’s not exactly an idle threat: in the past, the Eurocrats have taken more than a billion dollars off both Microsoft and Intel for such violations.

Money. The molten meteor cannot ignore that financial blood bank contribution. Imagine. Messrs. Brin and Page losing color and wheezing toward a Foosball game in the Alphabet Google offices in Mountain View. Frightening.

The legal system lacks a Steve McQueen it seems. The forces of good (the European Commission) has to find a way to stop the Alphabet Google from spelling doom. The article whines:

Once upon a time, we relied on the state to do this on our behalf – to cut monopolies down to size, to keep corporate power in check. The strange thing about the digital world is that states now seem unequal to this task. At the moment, the EC is the only game in town. Which makes one wonder if the Brexit enthusiasts have thought of that.

The Google has been doing exactly one thing consistently for more than 15 years. To stop the Google is an interesting thought. I am not confident that fines will do the trick. After cranking out three monographs about the Google between 2004 and 2009, it is pretty clear that the Google is falling victim to flawed reproduction of its own DNA. The death of the Alphabet Google will come from within the company itself. Regulators may find themselves looking in the mirror and see Mr. McQueen, but my research suggested:

  1. The shift to mobile is putting new stresses upon the governance structure of the Google
  2. The endless photocopying of the company’s online ad DNA is producing fuzzier and fuzzier systems and methods. I ran a query and had to work to spot an objective result. Try this query yourself from your laptop and then from your mobile phone: “Manhattan lawyers.” What’s an ad?
  3. The founders, once passionate about search, are now involved in math and science club projects like solving death.
  4. Users make the Google and the users are less and less aware of options. Online services coalesce into monopolies and the process has been chugging along for more than 15 years.

I like the zing of the “Nothing can stop it.” But the Alphabet Google thing is not forever no matter what regulators and alarmists assert. The blob did not die. It was put on ice. With the situation facing the European Community, I don’t think a suitable cooling system is available at this time. A small USB fan maybe?

Stephen E Arnold, April 24, 2016

Google Nest: A Nice Cafe and an Improving Culture

April 22, 2016

Working at whizzy Silicon Valley start ups has got to be rewarding. I know the shift to mobile is shaking up some assumptions about the Alphabet Google thing. I know that Google is trying to sell its robot outfit. I know that legal eagles are keeping the sun from some volleyball games. But I was delighted to learned that Google Nest has an “incredibly nice new cafe” which serves “Asian noodles.” Slam dunk.

I read “Nest CEO Tony Fadell Went to Google’s All-Hands Meeting to Defend Nest. Here’s What He Said.” I learned that Nest garnered some “damning articles.” I had not noticed because I don’t pay too much attention to home automation in general and thermostats in particular.

I learned that one “real” journalistic outfit wrote about a “corrosive culture” in another Alphabet Google operation. I am not sure what a corrosive culture is, but I think the idea is that some folks are not happy. What’s new? Anyone ever listed to a group of GS 12s discuss the efficacy of lateral transfers from Fish & Wildlife to the Postal Service? Grumpy, grumpy.

The Google is on top of employee satisfaction. There are tools to obtain feedback. There are senior managers who are managing. The passage in the write up I noted and circled in arugula green was this one:

I do respect the Nest employees. I do respect the Google employees. I respect the Alphabet employees. We try to work very hard together and partner in many different areas around the different companies. I also respect ex-Nesters, ex-Googlers, those kind of things. So when I read those things that say we don’t respect people, or I don’t, it’s absolutely wrong and that is not how I believe because I want to be treated with respect. And I give respect because I want to get respect.

My assumption was that respect at the old Google came from doing things that worked and mattered. I am a little fuzzy on the people side of the equation. The reason is that I heard long ago that the reason a certain big wheel media titan launched a multi year, very expensive legal dispute with the Google was a direct consequence of [a] senior Googlers not arriving at the meeting on time. Since the meeting was at Google Mountain View, the big wheel media person was not happy, [b] a certain founder of Google did not look at the media titan. The founder focused on his Mac laptop and ignored the media giant, [c] another Google founder arrived after the the first Google founder, perspiring because his rollerblading session ran long. Now I was not at this meeting, and this may be one of those apocryphal stories about why the Google and Viacom were not best friends for many years.

One thing the passage about respect did was trigger a memory of this anecdote. My source was a person familiar with the matter, and I gained some dribs and drabs to confirm the anecdote after the event. I assume the event and this remarkable presentation ran like a smart thermostat.

Yep, respect and Asian noodles, and the loss of a Glass executive. (Glass reports to Nest.)

Stephen E Arnold, April 22, 2016

Google Removes Pirate Links

April 21, 2016

A few weeks ago, YouTube was abuzz with discontent from some of its most popular YouTube stars.  Their channels had been shut down die to copyright claims by third parties, even thought the content in question fell under the Fair Use defense.  YouTube is not the only one who has to deal with copyright claims.  TorrentFreak reports that “Google Asked To Remove 100,000 ‘Pirate Links’ Every Hour.”

Google handles on average two million DMCA takedown notices from copyright holders about pirated content.  TorrentFreak discovered that the number has doubled since 2015 and quadrupled since 2014.  The amount beats down to one hundred thousand per hour.  If the rate continues it will deal with one billion DMCA notices this year, while it had previously taken a decade to reach this number.

“While not all takedown requests are accurate, the majority of the reported links are. As a result many popular pirate sites are now less visible in Google’s search results, since Google downranks sites for which it receives a high number of takedown requests.  In a submission to the Intellectual Property Enforcement Coordinator a few months ago Google stated that the continued removal surge doesn’t influence its takedown speeds.”

Google does not take broad sweeping actions, such as removing entire domain names from search indexes, as it does not want to become a censorship board.  The copyright holders, though, are angry and want Google to promote only legal services over the hundreds of thousands of Web sites that pop up with illegal content.   The battle is compared to an endless whack-a-mole game.

Pirated content does harm the economy, but the numbers are far less than how the huge copyright holders claim.  The smaller people who launch DMCA takedowns, they are hurt more.  YouTube stars, on the other hand, are the butt of an unfunny joke and it would be wise for rules to be revised.


Whitney Grace, April 21, 2016
Sponsored by, publisher of the CyberOSINT monograph


Digging for a Direction of Alphabet Google

April 21, 2016

Is Google trying to emulate BAE System‘s NetReveal, IBM i2, and systems from Palantir? Looking back at an older article from Search Engine Watch, How the Semantic Web Changes Everything for Search may provide insight. Then, Knowledge Graph had launched, and along with it came a wave of communications generating buzz about a new era of search moving from string-based queries to a semantic approach, organizing by “things”. The write-up explains,

“The cornerstone of any march to a semantic future is the organization of data and in recent years Google has worked hard in the acquisition space to help ensure that they have both the structure and the data in place to begin creating “entities”. In buying Wavii, a natural language processing business, and Waze, a business with reams of data on local traffic and by plugging into the CIA World Factbook, Freebase and Wikipedia and other information sources, Google has begun delivering in-search info on people, places and things.”

This article mentioned Knowledge Graph’s implication for Google to deliver strengthened and more relevant advertising with this semantic approach. Even today, we see the Alphabet Google thing continuing to shift from search to other interesting information access functions in order to sell ads.


Megan Feil, April 21, 2016

Sponsored by, publisher of the CyberOSINT monograph

Software That Contains Human Reasoning

April 20, 2016

Computer software has progressed further and keeps advancing faster than we can purchase the latest product.  Software is now capable of holding simple conversations, accurately translating languages, GPS, self-driving cars, etc.  The one thing that that computer developers cannot program is human thought and reason.  The New York Times wrote “Taking Baby Steps Toward Software That Reasons Like Humans” about the goal just out of reach.

The article focuses on Richard Socher and his company MetaMind, a deep learning startup working on pattern recognition software.  He along with other companies focused on artificial intelligence are slowly inching their way towards replicating human thought on computers.  The progress is slow, but steady according to a MetaMind paper about how machines are now capable of answering questions of both digital images and textual documents.

“While even machine vision is not yet a solved problem, steady, if incremental, progress continues to be made by start-ups like Mr. Socher’s; giant technology companies such as Facebook, Microsoft and Google; and dozens of research groups.  In their recent paper, the MetaMind researchers argue that the company’s approach, known as a dynamic memory network, holds out the possibility of simultaneously processing inputs including sound, sight and text.”

The software that allows computers to answer questions about digital images and text is sophisticated, but the data to come close to human capabilities is not only limited, but also nonexistent.  We are coming closer to understanding the human brain’s complexities, but artificial intelligence is not near Asimov levels yet.



Whitney Grace, April 20, 2016
Sponsored by, publisher of the CyberOSINT monograph

Next Page »