Protecting Digital Data Eggs with Multiple Clouds

February 20, 2020

Rumor has it the CIA has finally begun the procurement process to update its cloud technology, we learn from Inventa’s article, “The CIA Wants to Upgrade its Cloud Tech Without DoD’s JEDI Drama.” Though we’re told an agency spokesperson refused to confirm the plan, we imagine the CIA is eager to avoid the Iowa App syndrome. Writer surbhi suspects the CIA is reluctant to comment because it wishes to avoid the sort of spotlight that was cast last year on the Pentagon’s JEDI cloud procurement process. According to Nextgov, though, the agency has released its draft RFP, expects proposals to be in this spring, and plans to make a decision by September.

The article notes that, about a year ago, the CIA’s Directorate of Digital Innovation put forth its C2E (or Commercial Cloud Enterprise) plan. Though some specifics seem to have changed since that announcement, it likely still represents a commercial contract worth tens of billions of dollars. That impression is reinforced by the plan outlined last summer by the Director of National Intelligence, “The Strategic Plan to Advance Cloud Computing in the Intelligence Community” (PDF), which emphasizes:

“Information is exploding in volume and velocity and challenging our ability to expeditiously collect, analyze, and draw conclusions from disparate data sets. Additional manpower will not close the resulting gap; we must leverage leading edge technology. The future IC cloud environment presented herein will effectively function as a force multiplier to enhance our effectiveness and address mission challenges.”

The write-up reminds us:

“The CIA was an early adherent of the cloud when it chose Amazon to build a $600 million private cloud in 2013. … The Atlantic called it a ‘radical departure for the risk-averse intelligence community’ in a 2014 article. Cloud technology has certainly evolved in the seven years since the CIA last did this exercise, and it makes sense that it would want to update a system this old, which is really ancient history in technology terms. The CIA likely sees the same cloud value proposition as the private sector around flexibility, agility and resource elasticity, and wants the intelligence community to reap the same benefits of that approach. Certainly, it will help store, process and understand an ever-increasing amount of data, and put machine learning to bear on it as well.”

Putting the available digital eggs in one rucksack may not be prudent.

Cynthia Murrell, February 20, 2020

India: A New Front in the War Against Obfuscation

February 19, 2020

DarkCyber noted “Indian Police Open Case against Hundreds in Kashmir for Using VPN.” VPNs are perceived as a secure way to access certain Internet content. VPNs sit in the middle, and many vendors insist that their approach deletes logs of user activity. Be that as it may, under specific condition, the VPN transfer point can be monitored. For some enforcement agencies, getting customer data and other information is a hassle.

A short cut is sometimes discussed. India may have found a shortcut appropriate for its needs in contentious Kashmir. The write up reports:

Local authorities in India-controlled Kashmir have opened a case against hundreds of people who used virtual private networks (VPNs) to circumvent a social media ban in the disputed Himalayan region in a move that has been denounced by human rights and privacy activists.

Arresting VPN users complements other tools in the Indian government’s kit; for example, blocking Internet service and capping access speeds.

DarkCyber believes that other governments may examine India’s approach. If these countries’ assessment is positive, the “Indian method” may be used by other countries struggling to deal with online information and services.

The flow of digital content often erodes existing processes. Bits, like some rivers, become more tractable when blocked by a dam in order to reduce the destructive power of floods. India’s action block data streams in an effort to prevent a torrent of bits that will erode institutions and other artifacts of a social construct.

Stephen E Arnold, February 19, 2020

Who Said This? A One Question Test

February 18, 2020

Here’s a quote DarkCyber spotted in the Wall Street Journal (paywalled, of course) in the newspaper dated February 14, 2020, which is real time for a NICE company.

“She [name blanked] asked…if Mr. [name blanked] was annoyed by [the defendant’s] Nerf guns and would “take the Nerf darts and hide them.”

This is a Nerf gun and its projectiles:

image

Here are your answer options:

  1. A member of the local junior high school science club
  2. A professor at Harvard
  3. A Googler working on podcast search
  4. A CIA programmer
  5. None of the above.

The answer is Number 4, a CIA programmer.

Fascinating. Programmer. Child’s toy. Co-worker. Hiding foam balls.

Stephen E Arnold, February 14, 2020

Apple: Project Maven and the US Department of Defense? No Go

February 17, 2020

Apple continues to avoid entanglements with the military, we learn from AppleInsider’s brief write-up, “Apple Nixed Xnor.ai’s Involvement in Pentagon’s Project Maven Following Acquisition.” Project Maven’s goal is to develop tech that can autonomously analyze image data from drones and other systems for military intelligence. Though Google famously broke with Maven after employee and public backlash, several private sector companies continue to work with the Pentagon on the project. Xnor.ai was one such company until Apple purchased it early this year. Writer Mikey Campbell reports:

“Spun out of the Allen Institute for Artificial Intelligence, Xnor.ai focused on low-power, edge-based artificial intelligence and machine learning algorithms that can run on-device instead of in the cloud. As noted by the report, running AI processes like image recognition on an iPhone instead of offsite — a practice that edge-based computing enables — could raise privacy concerns. Always the bastion of consumer security, Apple likely recognized the implications — and optics — of Xnor.ai’s involvement in Project Maven and terminated the work before the press caught wind of the relationship. Unlike other big tech firms, like Google which pulled out of Project Maven after protests from employees, Apple typically distances itself from military contracting activities.”

Based in Seattle, artificial intelligence firm Xnor.ai was founded in 2016. Perhaps ironically, the company’s focus on running deep learning algorithms locally instead of in the cloud is popular with companies concerned with privacy. Their clients inhabit the aerospace, automotive, retail, and consumer electronics fields.

Cynthia Murrell, February 17, 2020

Psychology Applied to Intelligence Analysis

February 10, 2020

The mind is a complex instrument and humans are obsessed with understanding it. Psychology is the study of the human mind, particularly behavior in certain circumstances. Human actions change depending where they are and who they are interacting with. The Central Intelligence Agency pays strict attention to the minds of its agents and bad actors. On its Web site, the CIA hosts a library of intelligence information and among them is the book the Psychology of Intelligence Analysis by Richards J. Heuer, Jr.

Heuer is a respected expert in the field on intelligence analysis and the CIA has made his work available for free. Jack David, who worked at the CIA with the Directorate of Intelligence, the Office of Training, and the National Intelligence Council, said about Heuer:

“Dick Heuer’s ideas on how to improve analysis focus on helping analysts compensate for the human mind’s limitations in dealing with complex problems that typically involve ambiguous information, multiple players, and fluid circumstances. Such multi-faceted estimative challenges have proliferated in the turbulent post-Cold War world.

Heuer’s message to analysts can be encapsulated by quoting two sentences from Chapter 4 of this book:

‘Intelligence analysts should be self-conscious about their reasoning processes. They should think about how they make judgments and reach conclusions, not just about the judgments and conclusions themselves.’”

Intelligence analysis is the study understanding complex, ambiguous situations. Heuer’s book focuses on the psychology behind how intelligence analysts come to their conclusions. Think of it as the psychology behind the psychology of decisions and actions. It is an interesting book that delves into a rarely seen part of the CIA’s work and, even better, it is written in plain English, so it is easy to understand.

Whitney Grace, February 10, 2020

Who Wins in a Show Down: Companies or Countries?

February 8, 2020

Do not be surprised, but Alphabet Inc., Google’s parent company, is getting bigger! Alphabet Inc. is becoming so big that is creating a monopoly in everything it touches. Matt Stoller’s blog BIG, which investigates the history of monopolies, discusses, “Google’s Dangerous Monopoly-Based Foreign Policy.”

In early December 2019, Google told its Turkish business partners that they would no longer support Android phones in Turkey. This decision comes after the Turkish competition board ruled that Google’s changes to contract were not acceptable and asked Google to change its software distribution agreements so users could select which search engine they wanted to use on their OS. Google’s response is similar to what the US ordered Google to stop working with Huawei over security concerns.

The Turkish injunction was filed by Russian competitor Yandex. Google has tried to kill Yandex before by leveraging desktop search dominance, then morphing it into mobile search dominance and Google rose to the top. Russia does not bow to US corporations, so they filed the complaint in Turkey. The European Union discovered Google did the same thing in their countries, but the EU did not have a big search engine to rival Google like Yandex. The EU also allowed Google to create their own solution, which they now acknowledge as a mistake.

Google does not like opposition:

“Google’s response wasn’t just to use the legal system to fight for its rights, but then ultimately obey the law. Instead, Google said it was willing to ‘work with’ Turkey, but as a partner and not as a corporation working within a sovereign nation. It simply said it doesn’t like Turkey’s law, and so it will stop providing Android phones for an entire country. In other words, Google has a private sanctions regime against smaller countries.

 

There’s something of a parallel to what Google is doing to Turkey, and it’s in China. The U.S. government ordered Google to stop delivering apps to Huawei, and the result is a catastrophe for any attempt to build phones for use outside of China.”

A clash of big companies and big countries seems to be taking place.

Whitney Grace, February 8, 2020

Cellebrite Has Capabilities: Now It Has More

February 4, 2020

Forensic tools firm Cellebrite is broadening its range with an upcoming acquisition. AppleInsider reveals, “Cellebrite Expands to Mac Forensic Tools with $33M BlackBag Purchase.” The Israel-based company is owned by Japan’s Sun Corp. It received an influx of $110 million in June from IGP Capital and is expected to make more acquisitions soon. Until now, Cellebrite has specialized in forensic tools for smartphones and tablets, especially iOS devices. Writer Malcolm Owen writes:

“Its clients largely consist of law enforcement agencies and other government organizations. Cellebrite is thought to have been the firm that provided the FBI with assistance in the San Bernardino investigation in 2016, with it allegedly receiving $900,000 for helping crack the shooter’s iPhone.

We also note:

“While Cellebrite is focused on mobile devices and cloud, BlackBag instead centers its work on computer forensics, including tools for quickly searching through volumes of data stored on servers. The purchase of BlackBag increases the capabilities of Cellebrite, making it capable of operating on more platforms. Part of BlackBag’s work includes accessing Macs and MacBooks, with its MacQuisition tool claimed to perform live data acquisition, targeted data acquisition, and forensic imaging of macOS devices. The tool is said to be the first and only one capable of creating images of Macs equipped with Apple’s T2 chip, which handles encryption and other security-related tasks.”

Those wondering if certain devices and systems can be compromised, ask your Cellebrite contact. For those unaware of Cellebrite’s capabilities, contact the company directly. For some in the US government, awareness of Cellebrite’s new services and products is not apparently up to date.

Cynthia Murrell, February 4, 2020

Google: Cake, Ice Cream, and Presents. Outsiders Not Really Wanted

January 21, 2020

Sundar Pichai is generating some PR buzz. The topic is, on the surface, regulating artificial intelligence. News flash: Barn burned, horses gone, and a new data center has been constructed on the site. Google’s been doing the smart software thing for decades. The evidence is publicly available. Just read Google’s patent applications. There are smart “janitors.” There are intelligent advertising dashboards. There are the hundreds of “signals” processed to make sure that search results are just wonderfully useful. To whom? Well, to Google and maybe advertisers.

The write up “Google Boss Sundar Pichai Calls for AI Regulation” provides an interesting take on Google’s PR play. DarkCyber noted this statement in the Beeb’s article:

Writing in the Financial Times, Sundar Pichai said it was “too important not to” impose regulation but argued for “a sensible approach”. He said that individual areas of AI development, like self-driving cars and health tech, required tailored rules.

None of the examples provided in the first paragraph to this blog post are mentioned.

Why?

Google wants to have its cake, ice cream, and presents. The existing smart software is just fine. The future stuff which Google and others have not been able to convert to an online ad scale cash stream can be regulated. Autonomous weapons? Maybe?

The Beeb states:

Google launched its own independent ethics board in 2019, but shut it down less than two weeks later following controversy about who had been appointed to it.

Yeah, regulation. The Google way.

Stephen E Arnold, January 21, 2020

US China Deal: The Honeymoon Will Not Last Long

January 17, 2020

DarkCyber spotted a write up called “China Bracing for US Tech War with Plan to Cut Reliance on Imports of Key Components to Just 25 Per Cent.” If the information in the write up is accurate, the implications for certain countries and companies selling to China could be interesting. We noted this statement in the article:

China is aiming to increase its reliance on domestic production for key components, including chips and controlling systems, to 75 per cent by 2025, according to a former minister.

So a dollar spent by China to shore up its Great Firewall will allegedly become $0.25 in 60 months or less.

This statement seemed to more of a warning and less of an olive branch extended to the US:

The move, which includes a series of plans to improve weak links in the areas of hi-tech research and crucial component development “one by one”, is seen as part of China’s preparation for a intensifying technology war with the United States.

(“China Must Rein in SOEs to Gain Upper Hand in Tech War, Help Private Firms like Huawei to Innovate” provides some color on China’s desire to become the dominant technology player in the future.)

To support the knowledge sector, the write up reveals:

China will also increase the number of “national manufacturing innovation centers” to 40 by 2025 from 11 at the end of 2019 “to cover all major industries”. China’s first national manufacturing innovation centre was launched in 2016, focusing on making and researching electric vehicle batteries.

The concluding section of the write up states the obvious:

is increasingly clear that a technology rivalry between China and US is set to deepen…with competition in next generation communication, 5G and artificial intelligence key areas of contention.

Net net: A calm before the storm.

Stephen E Arnold, January 17, 2020

Amazon: Maybe a Restraining Order to Halt JEDI Deal?

January 15, 2020

We noted “Amazon to Seek Order to Block Microsoft From Working on US DoD’s JEDI Contract.” The story appears to have originated with Thomson Reuters, so we assume its ethical and accurate and other good Thomsony stuff.

Here’s the passage we circled in true blue marker:

Amazon.com will ask a judge to temporarily block Microsoft from working on a $10 billion cloud contract from the Pentagon, a court filing showed on Monday [January 13, 2020]. Amazon, which was seen as a favorite for the contract, plans to file a motion for a temporary restraining order on January 24 and a federal court will issue its decision on February 11, according to the filing.

After years on the trail, if true, Amazon may be paying a visit to the Last Chance Saloon. The interaction may go something like this:

Barista or baristo: What will you have, partner?

Amazonian: One JEDI, please.

Barista or baristo: You are out of luck. The last one went to those nice people over there. They’ve been fussing with a Windows 10 laptop for nigh on one hour.

Amazonian: What else you got?

Barista or baristo: The next big shipment don’t arrive until October 1, 2020. Wanna wait, partner?

Amazonian: Nope. [Sound of a Bezos bulldozer starting up and grinding toward the Middle East.]

Stephen E Arnold, January 15, 2020

Next Page »

  • Archives

  • Recent Posts

  • Meta