What Country Is Number One in AI?

November 4, 2019

China says, “It is not our country.” The US says, “It is not our country.”

“China Experts: US Still Out Front in Tech Race Despite Pentagon Claim” presents the Chinese side of the argument. There’s nothing like the “I’m just a back country AI expert. What do I know?” argument.

Abacus News states:

Chinese experts said China’s progress had been exaggerated and many of its achievements were only partial successes so far.

We noted this statement used to support the “we’re behind” argument:

“The US military wants more budget, more new equipment, more new R&D projects. And the theory of a China threat is, of course, a handy excuse,” Ni [Lexiong, a Shanghai-based military commentator] said.

Whom does one believe?

DarkCyber believes that one need only look at the demographics of computer scientist, engineering, and mathematics students in MA and PhD programs to get a sense of where technology innovation is heading.

What are those data? What’s the demographics in the US and China? What percentage of graduates from each country’s top schools remain in country?

Without these data, the assertions are meaningless. With these data, the Chinese assertion may not reveal the scope of the country’s information efforts.

Stephen E Arnold, November 4, 2019

China and Its Data Method

November 2, 2019

China continues to expand its authority to surveil anything and everything that occurs electronically within its borders, and its latest plan could pose a legal bind for any foreign companies doing business there. China Law Blog sums up the problem in, “China’s New Cybersecurity Program: NO Place to Hide.” China’s Ministry of Security plans to access all raw data that crosses Chinese networks and/or resides on Chinese servers and to employ renowned big-data expert Wang Yingwei to analyze it in his new role as head of the Cybersecurity Bureau. Reporter Steve Dickinson emphasizes the Ministry intends to intercept every scrap of data from every corner of society, from businesses to fellow ministries to even the Internet of things. Note that foreign businesses are included, and the methods such entities used to rely upon to avoid the surveillance will no longer apply. Dickinson writes:

“They did this primarily by establishing VPN internet servers in their own offices. These servers used VPN technologies to isolate data from the Chinese controlled networks, allowing for the use of a company intranet that maintained the secrecy of emails and data stored on the company servers in China. As cloud computing has advanced, foreign owned companies typically use the same VPN technologies to isolate their cloud based servers from the Chinese controlled system. Though the Chinese authorities often complained about these VPN systems, foreign companies were usually able to claim that their special WFOE status exempted them from Chinese data controls. However, with the roll-out of the new system, that will all change. First, the Cybersecurity Law and related laws and regulations are very clear that they apply to all individuals and entities in China without regard to ownership or nationality. There are no exceptions. More important, the new Foreign Investment Law that goes into effect on January 1, 2020 eliminates any special status associated with being a WFOE or other foreign invested enterprise. Foreign owned companies will be treated in exactly the same way as Chinese owned companies.”

Not only does this mean foreign companies will be unable to secure their own trade secrets on Chinese networks or at offices within China, neither will they be able to adhere to U.S. or EU laws on protecting client confidentiality, restricted emerging technologies, or other sensitive information. To avoid prosecution for breaking these laws simply by doing business within China, some companies may have no choice but to shutter any operations in that country.

Cynthia Murrell, November 2, 2019

IBM and the UK Military

October 31, 2019

After trying its hand at everything from recipes to healthcare, Watson branched out into the military a few years ago. Now, IBM is using its AI tech to help out an old ally. NS Tech reports, “Revealed: IBM’s £4m Deal to Build Prototype AI Software Platform for UK Military.” Writer and NS Tech editor Oscar Williams cites a contract notice from the Ministry of Defense (MoD), which considers the forthcoming platform a way to gain an operational advantage. We’re told IBM won the £3.8m (or about $4.9m) contract in September, and has a year to demonstrate its worth. Williams writes:

“The contract notice, identified through Tussell’s procurement database, states that the proof of concept will be cloud-hosted and reliant on a large computer processor to analyze existing commercial data sources. The data sources could include mapping data from Ordinance Survey and weather data from the Met Office, as well as flight paths and navigation channels, said [former MoD IT director Gerry] Cantwell. The deal was struck around six months after the US government awarded an $800m battlefield software contract to Palantir, a big data analytics firm founded by the Paypal billionaire and Trump supporter Peter Thiel. NS Tech revealed in August that Palantir has won nearly £11m [about $14m] of MoD contracts over the last four years. An MOD spokesperson said: ‘We have awarded a contract to IBM to assist with the development of a standalone AI proof of concept, using commercially available data.’”

Not surprisingly, the MOD spokesperson refused to explain the similarities or differences between their upcoming platform to the US battlefield platform. IBM likewise declined to comment.

Cynthia Murrell, October 31, 2019

Amazon Loses JEDI: Now What?

October 26, 2019

Friday (October 25, 2019) Amazon and the Bezos bulldozer drove into a granite erratic. The Department of Defense awarded the multi-year, multi-billion dollar contract for cloud services to Microsoft. “Microsoft Snags Hotly Contested $10 Billion Defense Contract, Beating Out Amazon” reported the collision between PowerPoint’s owner and the killing machine which has devastated retail.

image

CNBC reports:

If the Joint Enterprise Defense Infrastructure deal, known by the acronym JEDI, ends up being worth $10 billion, it would likely be a bigger deal to Microsoft than it would have been to Amazon. Microsoft does not disclose Azure revenue in dollar figures but it’s widely believed to have a smaller share of the market than Amazon, which received $9 billion in revenue from AWS in the third quarter.

The write up pointed out:

While Trump didn’t cite Amazon CEO Jeff Bezos by name at the time, the billionaire executive has been a constant source of frustration for the president. Bezos owns The Washington Post, which Trump regularly criticizes for its coverage of his administration. Trump also has gone after Amazon repeatedly on other fronts, such as claiming it does not pay its fair share of taxes and rips off the U.S. Post Office.

There are other twists and turns to the JEDI story, but I will leave it to you, gentle reader, to determine if the Oracle anti-Amazon campaign played a role.

There are some questions which I discussed with my DarkCyber team when we heard the news as a rather uneventful week in the technology world wound down. Let’s look at four of these and the “answers” my team floated as possibilities.

Question 1: Will this defeat alter Amazon’s strategy for policeware and intelware business?

Answer 1: No. Since 2007, Amazon has been grinding forward in the manner of the Bezos bulldozer with its flywheel spinning and its electricity sparking. As big as $10 billion is, Amazon has invested significant time and resources in policeware and intelware inventions like DeepLens, software like SageMaker, and infrastructure designed to deliver information that many US government agencies will want and for which many of the more than 60 badge-and-gun entities in the US government will pay. The existing sales team may be juggled as former Microsoft government sales professional Teresa Carlson wrestles with the question, “What next?” Failure turns on a bright spotlight. The DoD is just one, albeit deep pocket entity, of many US government agencies needing cloud services. And there is always next year which begins October 1, 2020.

Question 2: Has Amazon tuned its cloud services and functions to the needs of the Department of Defense?

Answer 2: No. Amazon offers services which meet the needs of numerous government agencies at the federal as well as local jurisdictional levels. In fact, there is one US government agency deals with more money than the DoD that is a potential ATM for Amazon. The Bezos bulldozer drivers may be uniquely positioned to deliver cloud services and investigative tools with the potential payout to Amazon larger than the JEDI deal.

Read more

FANG Alert: Government Scrutiny Increases

October 21, 2019

Certain Tech Giants Under Scrutiny for Potential Anti-Competitive Practices

Apparently, the feds have been asking Oracle for dirt on their rival. The Register reports, “Oracle: Yeah, We’ve Had a Bunch of G-Men Come Sniffing Around Asking Questions About Google.” Writer John Oates reveals:

“The two tech titans have been engaged in a bitter, eight-year long battle over the disputed use of Java code in Google’s Android mobile operating system. … Ken Glueck, veep at Oracle, told Reuters that the company had been contacted by Texan investigators, the House of Representatives Judiciary Committee and the Justice Department, all of which sought information about Google and alleged violations of antitrust law.”

But it is not just Oracle being pumped for information, and it is not just about Google. Oates continues:

“Anonymous sources quoted in the same story said the House Judiciary Committee has been asking around small firms it reckons may have been damaged by tech giants’ business practices, but added that some may wait until the committee issues legally binding subpoenas because they believe that would leave them less at risk of retaliation. The committee is waiting to see how much information it can collect voluntarily before issuing legal demands.”

This news comes amid a push by the DOJ, the House Judiciary Committee, and agencies in 48 states to ferret out anti-competitive practices at Google, Amazon, Facebook, and Apple. It looks like those companies’ lawyers are about to be very busy.

Cynthia Murrell, October 21, 2019

Ah, the Cloud: The Risks of Subscription Software

October 9, 2019

DarkCyber is amused when articles about the wonder of cloud-provided subscription software is presented as a real benefit to users. The team was intrigued with the information in “Adobe to Deactivate Accounts for All Venezuelan Users Due to US Sanctions.”

The write up reported:

US software giant Adobe is canceling all subscriptions and deactivating all accounts for Venezuelan users as part of its efforts to become compliant with sanctions imposed by the Trump administration over the summer.

The accounts go dead which means Photoshop, Illustrator, and other Adobe app users in Venezuela have to find alternatives.

ZDNet states: “Because of the White House’s sanctions, users aren’t eligible for refunds either.”

Developers of software which can be installed on a user’s computer may find this announcement heartening.

DarkCyber wants to point out:

  1. The cloud based service is a variation on old school time sharing. Users have limited control under certain circumstances.
  2. Government actions can have more impact when centralized services comply with mandates.
  3. Subscriptions’ benefits may not be tilted toward users.

The cloud has other attributes as well; for example, monitoring and control.

DarkCyber’s view is that the modern computing environment is becoming increasingly interesting. Those dependent on cloud based solutions may want to consider having a Plan B.

Stephen E Arnold, October 9, 2019

Unusual Source, Useful Information

October 8, 2019

I want to give a thumbs up to Cool Smart Phone and its write up “Lies Everywhere. The Truth Is Dead.” The article does a very good job of explaining the basic mechanism for planting misinformation in online channels. Plus the article contains a number of examples.

DarkCyber noted this statement in the write up:

So as a test, I replied to every single one of these replies. I even replied to the original tweet itself, stating that the official advice was indeed to do just this. I thought I’d get some sort of response from the several dozen tweets but no, not one. Not one reply, no one angry response. No blocks. Then, if you look into a lot of these accounts, it’s apparent they’re bots. However, to the casual Twitter, they just see a tweet has 1.4 thousand “Likes”, nearly a thousand retweets and lots of people agreeing with the core message. The bots start things off – next it’s time for the media to chip in. Who knows, the media themselves may have even “planted” some of these stories on social media – just to have a juicy news item to cover.

The one issue I had with the write up was its defeatist approach; specifically:

We’re all being lied to. Social engineering is rife and none of us have the time or the inclination to check and investigate whether that short video on Facebook is real or if the tweet we read this morning is untrue. Like our “sheep” instincts at airports, we just go where we’re told and believe what we’re shown.

DarkCyber’s perception is that increasingly restrictive laws, demands for encryption backdoors, and tighter Internet controls are a response and a potential solution. Note that the fix may be brutal. When societal and personal constraints are removed in our digital era. the governments have limited tools to get civilized behavior back on track. The good old days are going to be imposed via a version of Chinafication.

That shift is underway in many countries, and it will become more visible and forceful. Will news cease being fake? Probably not.

Stephen E Arnold, October 8, 2019

Encryption: Change May Be Imposed

October 8, 2019

In our DarkCyber videos we reported about Australia’s efforts to obtain access to encrypted communications. We noted that other Five Eyes partners would pick up the idea and move it forward. “The Open Letter from the Governments of US, UK, and Australia to Facebook is An All-Out Attack on Encryption” from the Electronic Frontier Foundation explains that several countries have demanded access to secure messages. The EFF states:

This is a staggering attempt to undermine the security and privacy of communications tools used by billions of people. Facebook should not comply. The letter comes in concert with the signing of a new agreement between the US and UK to provide access to allow law enforcement in one jurisdiction to more easily obtain electronic data stored in the other jurisdiction. But the letter to Facebook goes much further: law enforcement and national security agencies in these three countries are asking for nothing less than access to every conversation that crosses every digital device.

The EFF states:

What’s more, the backdoors into encrypted communications sought by these governments would be available not just to governments with a supposedly functional rule of law. Facebook and others would face immense pressure to also provide them to authoritarian regimes, who might seek to spy on dissidents in the name of combatting terrorism or civil unrest, for example. The Department of Justice and its partners in the UK and Australia claim to support “strong encryption,” but the unfettered access to encrypted data described in this letter is incompatible with how encryption actually works.

DarkCyber wants to point out that flows of digital information work like sandblasters; that is, the data flows erode existing structures. When societal conventions are blasted by bits, the darker side of human nature has a new greenhouse in which to flourish.

DarkCyber believes that a new context exists in the digital environment. We understand what EFF says, but it seems clear that access to encrypted content is just one facet of other changes; for example, cutting off Internet access, censorship, and similar actions.

New world. Old arguments may not gain traction.

Stephen E Arnold, October 8, 2019

Amazon AWS, DHS Tie Up: Meaningful or Really Meaningful?

October 7, 2019

In my two lectures at the TechnoSecurity & Digital Forensics conference in San Antonio last week, my observations about Amazon AWS and the US government generated puzzled faces. Let’s face it. Amazon means a shopping service for golf shirts and gym wear.

I would like to mention — very, very briefly because interest in Amazon’s non shopping activities is low among some market sectors — “DHS to Deploy AWS-Based Biometrics System.” The deal is for Homeland Security:

to deploy a cloud-based system that will process millions of biometrics data and support the department’s efforts to modernize its facial recognition and related software.

The system will run on the AWS GovCloud platform. Amazon snagged this deal from the incumbent Northrop Grumman. AWS takes over the program in 2021. DarkCyber estimates that the contract will be north of $80 million, excluding ECOs and scope changes.

This is not a new biometrics system. Its been up and running since the mid 1990s. What’s interesting is that the seller of golf shirts displaced one of the old line vendors upon which the US government has traditionally relied.

DarkCyber finds this suggestive which is a step toward really meaningful. Watch for “Dark Edge: Amazon Policeware”. It will be available in the next few months.

Stephen E Arnold, October 7, 2019

Black Vault: A Useful Resource

September 23, 2019

The Black Vault is a news site covering intelligence, military, and related topics. DarkCyber wants to highlight the site’s Document Archive. The site states that Black Vault is

the largest privately run online repository of declassified government documents anywhere in the world. With more than 2 million pages of documents to read, on nearly every government secret imaginable.

The content comes via Freedom of Information Act requests.

Examples of documents available without charge include:

A collection of unsealed documents related to the Epstein matter.

Documents related to the US Army Nuclear and Chemical Agency. These date from the 1970s to the 1980s.

Information about metamaterials. These innovations are significant and point to interesting use cases for stealth applications.

The documents DarkCyber reviewed were in PDF format. Quality varied, which is not unusual for government archives.

The site contains discussion groups. This is a useful resource.

Stephen E Arnold, September 23, 2019

Next Page »

  • Archives

  • Recent Posts

  • Meta