AI Weapons: Someone Just Did Actual Research!

July 12, 2024

dinosaur30a_thumb_thumbThis essay is the work of a dinobaby. Unlike some folks, no smart software improved my native ineptness.

I read a write up that had more in common with a write up about the wonders of a steam engine than a technological report of note. The title of the “real” news report is “AI and Ukraine Drone Warfare Are Bringing Us One Step Closer to Killer Robots.”

I poked through my files and found a couple of images posted as either advertisements for specialized manufacturing firms or by marketers hunting for clicks among the warfighting crowd. Here’s one:

image 

The illustration represents a warfighting drone. I was able to snap this image in a lecture I attended in 2021. At that time, an individual could purchase online the device in quantity for about US$9,000.

Here’s another view:

image

This militarized drone has 10 inch (254 millimeter) propellers / blades.

The boxy looking thing below the rotors houses electronics, batteries, and a payload of something like a Octanitrocubane- or HMX-type of kinetic charge.

Imagine four years ago, a person or organization could buy a couple of these devices and use them in a way warmly supported by bad actors. Why fool around with an unreliable individual pumped on drugs to carry a mobile phone that would receive the “show time” command? Just sit back. Guide the drone. And — well — evidence that kinetics work.

The write up is, therefore, years behind what’s been happening in some countries for years. Yep, years.

Consider this passage:

As the involvement of AI in military applications grows, alarm over the eventual emergence of fully autonomous weapons grows with it.

I want to point out that Palmer Lucky’s Andruil outfit has been fooling around in the autonomous system space since 2017. One buzz phrase an Andruil person used in a talk was, “Lattice for Mission Autonomy.” Was Mr. Lucky to focus on this area? Based on what I picked up at a couple of conferences in Europe in 2015, the answer is, “Nope.”

The write up does have a useful factoid in the “real” news report?

It is not technology. It is not range. It is not speed, stealth, or sleekness.

It is cheap. Yes, low cost. Why spend thousands when one can assemble a drone with hobby parts, a repurposed radio control unit from the local model airplane club, and a workable but old mobile phone?

Sign up for Telegram. Get some coordinates and let that cheap drone fly. If an operating unit has a technical whiz on the team, just let the gizmo go and look for rectangular shapes with a backpack near them. (That’s a soldier answering nature’s call.) Autonomy may not be perfect, but close enough can work.

The write up says:

Attack drones used by Ukraine and Russia have typically been remotely piloted by humans thus far – often wearing VR headsets – but numerous Ukrainian companies have developed systems that can fly drones, identify targets, and track them using only AI. The detection systems employ the same fundamentals as the facial recognition systems often controversially associated with law enforcement. Some are trained with deep learning or live combat footage.

Does anyone believe that other nation-states have figured out how to use off-the-shelf components to change how warfighting takes place? Ukraine started the drone innovation thing late. Some other countries have been beavering away on autonomous capabilities for many years.

For me, the most important factoid in the write up is:

… Ukrainian AI warfare reveals that the technology can be developed rapidly and relatively cheaply. Some companies are making AI drones using off-the-shelf parts and code, which can be sent to the frontlines for immediate live testing. That speed has attracted overseas companies seeking access to battlefield data.

Yep, cheap and fast.

Innovation in some countries is locked in a time warp due to procurement policies and bureaucracy. The US F 35 was conceived decades ago. Not surprisingly, today’s deployed aircraft lack the computing sophistication of the semiconductors in a mobile phone I can acquire today a local mobile phone repair shop, often operating from a trailer on Dixie Highway. A chip from the 2001 time period is not going to do the TikTok-type or smart software-type of function like an iPhone.

So cheap and speedy iteration are the big reveals in the write up. Are those the hallmarks of US defense procurement?

Stephen E Arnold, July 12, 2024

Microsoft Security: Big and Money Explain Some Things

July 10, 2024

I am heading out for a couple of day. I spotted this story in my newsfeed: “The President Ordered a Board to Probe a Massive Russian Cyberattack. It Never Did.” The main point of the write up, in my opinion, is captured in this statement:

The tech company’s failure to act reflected a corporate culture that prioritized profit over security and left the U.S. government vulnerable, a whistleblower said.

But there is another issue in the write up. I think it is:

The president issued an executive order establishing the Cyber Safety  Review Board in May 2021 and ordered it to start work by reviewing the SolarWinds attack. But for reasons that experts say remain unclear, that never happened.

The one-two punch may help explain why some in other countries do not trust Microsoft, the US government, and the cultural forces in the US of A.

Let’s think about these three issues briefly.

image

A group of tomorrow’s leaders responding to their teacher’s request to pay attention and do what she is asking. One student expresses the group’s viewpoint. Thanks, MSFT Copilot. How the Recall today? What about those iPhones Mr. Ballmer disdained?

First, large technology companies use the word “trust”; for example, Microsoft apparently does not trust Android devices. On the other hand, China does not have trust in some Microsoft products. Can one trust Microsoft’s security methods? For some, trust has become a bit like artificial intelligence. The words do not mean much of anything.

Second, Microsoft, like other big outfits needs big money. The easiest way to free up money is to not spend it. One can talk about investing in security and making security Job One. The reality is that talk is cheap. Cutting corners seems to be a popular concept in some corporate circles. One recent example is Boeing dodging trials with a deal. Why? Money maybe?

Third, the committee charged with looking into SolarWinds did not. For a couple of years after the breach became known, my SolarWinds’ misstep analysis was popular among some cyber investigators. I was one of the few people reviewing the “misstep.”

Okay, enough thinking.

The SolarWinds’ matter, the push for money and more money, and the failure of a committee to do what it was asked to do explicitly three times suggests:

  1. A need for enforcement with teeth and consequences is warranted
  2. Tougher procurement policies are necessary with parallel restrictions on lobbying which one of my clients called “the real business of Washington”
  3. Ostracism of those who do not follow requests from the White House or designated senior officials.

Enough of this high-vulnerability decision making. The problem is that as I have witnessed in my work in Washington for decades, the system births, abets, and provides the environment for doing what is often the “wrong” thing.

There you go.

Stephen E Arnold, July 10, 2024

Wow, Criticism from Moscow

June 17, 2024

dinosaur30a_thumb_thumbThis essay is the work of a dinobaby. Unlike some folks, no smart software improved my native ineptness.

I read “Edward Snowden Eviscerates OpenAI’s Decision to Put a Former NSA Director on Its Board: This Is a Willful, Calculated Betrayal of the Rights of Every Person on Earth.” The source is the interesting public figure Edward Snowden. He rose to fame by violating his secrecy requirement imposed by the US government on individuals with access to sensitive, classified, or top secret information. He then ended his dalliance with “truth” by relocating to Russia. From that bastion of truth and justice, he gives speeches and works (allegedly) at a foundation. He is a symbol of modern something. I find him a fascinating character, complete with the on-again, off-again glasses and his occasion comments about security. He is an expert on secrets it seems.

image

Thanks, MSFT Copilot.

Fortune Magazine obviously views him as a way to get clicks, sell subscriptions, and cement its position as a source of high-value business information. I am not sure my perception of Fortune is congruent with that statement. Let’s look and see what Mr. Snowden’s “news” is telling Fortune to tell us to cause me to waste a perfectly good Saturday (June 14, 2024) morning writing about an individual who willfully broke the law and decamped to that progressive nation state so believed by its neighbors in Eastern Europe.

Fortune reports:

“Do not ever trust OpenAI or its products,” the NSA employee turned whistleblower wrote on X Friday morning, after the company announced retired U.S. Army Gen. Paul Nakasone’s appointment to the board’s new safety and security committee. “There’s only one reason for appointing [an NSA director] to your board. This is a willful, calculated betrayal of the rights of every person on earth. You have been warned.”

Okay, I am warned. Several observations:

  1. Telegram, allegedly linked in financial and technical ways, to Russia recently began censoring the flow of information from Ukraine into Russia. Does Mr. Snowden have an opinion about that interesting development. Telegram told Tucker Carlson that it embraced freedom. Perhaps OpenAI is simply being pragmatic in the Telegram manner?
  2. Why should Mr. Snowden’s opinion warrant coverage in Fortune Magazine? Oh, sorry. I answered that already. Fortune wants clicks, money, and to be perceived as relevant. News flash: Publishing has changed. Please, tape the memo to your home office wall.
  3. Is Mr. Snowden correct? I am neither hot nor cold when it comes to Sam AI Man, the Big Dog at OpenAI. My thought is that OpenAI might be taking steps to understand how much value the information OpenAI can deliver to the US government once the iPhone magic moves from “to be” to reality. Most Silicon Valley outfits are darned clumsy in their response to warrants. Maybe OpenAI’s access to someone who knows interesting information can be helpful to the company and ultimately to its users who reside in the US?

Since 2013, the “Snowden thing” has created considerable ripples. If one accepts Mr. Snowden’s version of events, he is a hero. As such, shouldn’t he be living in the US, interacting with journalists directly not virtually, and presenting his views to the legal eagles who want to have a chat with him? Mr. Snowden’s response is to live in Moscow. It is okay in the spring and early summer. The rest of the year can be brutal. But there’s always Sochi for a much-needed vacay and the wilds of Siberia for a bit of prison camp exploration.

Moscow has its charms and an outstanding person like Mr. Snowden. Thanks, Fortune, for reminding me how important his ideas and laptop stickers are. I like the “every person on earth.” That will impress people in Latvia.

Stephen E Arnold, June 17, 2024

NSO Group: Making Headlines Again and Again and Again

May 31, 2024

dinosaur30a_thumb_thumbThis essay is the work of a dinobaby. Unlike some folks, no smart software improved my native ineptness.

NSO Group continues to generate news. One example is the company’s flagship sponsorship of an interesting conference going on in Prague from June 4th to the 6th. What’s interesting mean? I think those who attend the conference are engaged in information-related activities connected in some way to law enforcement and intelligence. How do I know NSO Group ponied up big bucks to be the “lead sponsor”? Easy. I saw this advertisement on the conference organizer’s Web site. I know you want me to reveal the url, but I will treat the organizer in a professional manner. Just use those Google Dorks, and you will locate the event. The ad:

image

What’s the ad from the “lead sponsor” say? Here are a few snippets from the marketing arm of NSO Group:

NSO Group develops and provides state-of-the-art solutions, designed to assist in preventing terrorism and crime. Our solutions address diverse strategical, tactical and operational needs and scenarios to serve authorized government agencies including intelligence, military and law enforcement. Developed by the top technology and data science experts, the NSO portfolio includes cyber intelligence, network and homeland security solutions. NSO Group is proud to help to protect lives, security and personal safety of citizens around the world.

Innocent stuff with a flavor jargon-loving Madison Avenue types prefer.

image

Citizen’s Lab is a bit like mules in an old-fashioned grist mill. The researchers do not change what they think about. Source: Royal Mint Museum in the UK.

Just for some fun, let’s look at the NSO Group through a different lens. The UK newspaper The Guardian, which counts how many stories I look at a year, published “Critics of Putin and His Allies Targeted with Spyware Inside the EU.” Here’s a sample of the story’s view of NSO Group:

At least seven journalists and activists who have been vocal critics of the Kremlin and its allies have been targeted inside the EU by a state using Pegasus, the hacking spyware made by Israel’s NSO Group, according to a new report by security researchers. The targets of the hacking attempts – who were first alerted to the attempted cyber-intrusions after receiving threat notifications from Apple on their iPhones – include Russian, Belarusian, Latvian and Israeli journalists and activists inside the EU.

And who wrote the report?

Access Now, the Citizen Lab at the Munk School of Global Affairs & Public Policy at the University of Toronto (“the Citizen Lab”), and independent digital security expert Nikolai Kvantiliani

The Citizen Lab has been paying attention to NSO Group for years. The people surveilled or spied upon via the NSO Group’s Pegasus technology are anti-Russia; that is, none of the entities will be invited to a picnic at Mr. Putin’s estate near Sochi.

Obviously some outfit has access to the Pegasus software and its command-and-control system. It is unlikely that NSO Group provided the software free of charge. Therefore, one can conclude that NSO Group could reveal what country was using its software for purposes one might consider outside the bounds of the write up’s words cited above.

NSO Group remains one of the — if not the main — poster children for specialized software. The company continues to make headlines. Its technology remains one of the leaders in the type of software which can be used to obtain information for a mobile device. There are some alternatives, but NSO Group remains the Big Dog.

One wonders why Israel, presumably with the Pegasus tool, could not have obtained information relevant to the attack in October 2023. My personal view is that having Fancy Dan ways to get data from a mobile phone, human analysts have to figure out what’s important and what to identify as significant.

My point is that the hoo-hah about NSO Group and Pegasus may not be warranted. Information without the trained analysts and downstream software may have difficulty getting the information required to take a specific action. Israel’s lack of intelligence means that software alone can’t do the job. No matter what the marketing material says or how slick the slide deck used to brief those with a “need to know” appears — software is not intelligence.

Will NSO Group continue to make headlines? Probably. Those with access to Pegasus will make errors and disclose their ineptness. Citizen’s Lab will be at the ready. New reports will be forthcoming.

Net net: Is anyone surprised Mr. Putin is trying to monitor anti-Russia voices? Is Pegasus the only software pressed into service? My answer to this question is: “Mr. Putin will use whatever tool he can to achieve his objectives.” Perhaps Citizen’s Lab should look for other specialized software and expand its opportunities to write reports? When will Apple address the vulnerability which NSO Group continues to exploit?

Stephen E Arnold, May 31, 2024

AItoAI Interviews Connecticut Senator James Maroney

May 30, 2024

dinosaur30a_thumb_thumbThis essay is the work of a dinobaby. Unlike some folks, no smart software improved my native ineptness.

AItoAI: Smart Software for Government Uses Cases has published its interview with Senator James Maroney. Senator Maroney is the driving force behind legislation to regulate artificial intelligence in Connecticut. In the 20-minute interview, Senator Maroney elaborated on several facets of the proposed legislation. The interviewers were the father-and-son team of Erik S. (the son) and Stephen E Arnold (father).

james maroney

Senator James Maroney spearheaded the Connecticut artificial intelligence legislation.

Senator Maroney pointed to the rapid growth of AI products and services. That growth has economic implications for the citizens and businesses in Connecticut. The senator explained that biases in algorithms can have a negative impact. For that reason, specific procedures are required to help ensure that the AI systems operate in a fair way. To help address this issue, Senator Maroney advocates a risk-based approach to AI. The idea is that a low-risk AI service like getting information about a vacation requires less attention than a higher-risk application such as evaluating employee performance. The bill includes provisions for additional training. The senator’s commitment to upskilling links to taking steps to help citizens and organizations of all types use AI in a beneficial manner.

AItoAI wants to call attention to Senator Maroney’s making his time available for the interview. Erik and Stephen want to thank the senator for his time and his explanation of some of the bill’s provisions.

You can view the video at https://youtu.be/ZfcHKLgARJU or listen to the audio of the 20-minute program at https://shorturl.at/ziPgr.

Stephen E Arnold, May 30, 2024

French AI Is Intelligent and Not Too Artificial

May 28, 2024

dinosaur30a_thumb_thumbThis essay is the work of a dinobaby. Unlike some folks, no smart software improved my native ineptness.

I read “Macron: French AI Can Challenge Insane Dominance of US and China.” In the CNBC interview, Emmanuel Macron used the word “insane.” The phrase, according to the cited article was:

French President Emmanuel Macron has called for his country’s AI leaders to challenge the “insane” dominance of US and Chinese tech giants.

French offers a number of ways to explain a loss of mental control or something that goes well beyond normal behaviors; for example, aliéné which can suggest something quite beyond the normal. The example which comes to mind might include the market dominance of US companies emulating Google-type methods. Another choice is comme un fou. This phrase suggests a crazy high speed action or event; for example, the amount of money OpenAI generated by selling $20 subscriptions to ChatGPTo iPhone app in a few days. My personal favorite is dément which has a nice blend of demented behavior and incredible actions. Microsoft’s recent litany of AI capabilities creating a new category of computers purpose-built to terminate with extreme prejudice the market winner MacBook devices; specifically, the itty bitty Airs.

image

The road to Google-type AI has a few speed bumps. Thanks, MSFT Copilot. Security getting attention or is Cloud stability the focal point of the day?

The write up explains what M. Macron really meant:

For now, however, Europe remains a long way behind the US and Chinese leaders. None of the 10 largest tech companies by market cap are based in the continent and few feature in the top 50. The French President decried that landscape. “It’s insane to have a world where the big giants just come from China and US.”

Ah, ha. The idea appears to be a lack of balance and restraint. Well, it seems, France is going to do its best to deliver the digital equivalent of a chicken with a Label Rouge; that is, AI that is going to meet specific standards and be significantly superior to something like the $5 US Costco chicken. I anticipate that M. Macron’s government will issue a document like this Fiche filière volaille de chair 2020 for AI.

M. Macron points to two examples of French AI technology: Mistral and H (formerly Holistic). I was disappointed that M. Macron did not highlight the quite remarkable AI technology of Preligens, which is in the midst of a sale. I would suggest that Preligens is an example of why the “insane”  dominance of China and the US in AI is the current reality. The company is ensnared in French regulations and in need of the type of money pumped into AI start ups in the two countries leading the pack in AI.

M. Macron is making changes; specifically, according to the write up:

Macron has cut red tape, loosened labor protections, and reduced taxes on the wealthy. He’s also attracted foreign investment, including a €15bn funding package from the likes of Microsoft and Amazon announced earlier this month. Macron has also committed to a pan-European AI strategy. At a meeting in the  Elysée Palace this week, he hinted at the first step of a new plan: “Our aim is to Europeanize [AI], and we’re going to start with a Franco-German initiative.”

I know from experience the quality of French information-centric technologists. The principal hurdles for France are, in my opinion, are:

  1. Addressing the red tape. (One cannot grasp the implications of this phrase unless one tries to rent an apartment in France.)
  2. Juicing up the investment system and methods.
  3. Overcoming the ralentisseurs on the Information Superhighway running between Paris, DC, and Beijing.

Net net: Check out Preligens.

Stephen E Arnold, May 28, 2024

US Big Tech to EU: Please, Knock Off the Outputs

May 23, 2024

dinosaur30a_thumb_thumbThis essay is the work of a dinobaby. Unlike some folks, no smart software improved my native ineptness.

I read “Big Tech to EU: “Drop Dead.” I think the write up depicts the US alleged quasi monopolies of indifference to the wishes of the European Union. Stated another way, “The Big Dogs are battling for AI dominance.” The idea is that these outfits do not care what the EU wants. The Big Dogs care about what they want.

The write up contains several interesting statements. Let me highlight a handful and encourage you to read this article which explains some of the tension between governments and companies with more cash than some nation states. In fact, some of the Big Boys control more digitally inclined people than the annoying countries complaining about predatory business models. The illustration shows how much attention some Big Dogs allow EU and other government regulatory authorities.

image

The Big Dogs of technology participate in a Microsoft Teams’s session with and EU official. The Big Dogs seem to be more interested in their mobile phones than the political word salad from the august official. Thanks, MSFT Copilot. Keep following your security recipe.

Consider this statement:

Right from the start, it was obvious that the tech giants were going to war against the [European Digital Markets Act or] DMA, and the freedom it promised to their users.

But isn’t that what companies in a free market do?

Here’s another gem:

Apple charges app vendors a whopping 30 percent commission on most transactions, both the initial price of the app and everything you buy from it thereafter. This is a remarkably high transaction fee —compare it to the credit-card sector, itself the subject of sharp criticism for its high 3-5 percent fees. To maintain those high commissions, Apple also restricts its vendors from informing their customers about the existence of other ways of paying (say, via their website) and at various times has also banned its vendors from offering discounts to customers who complete their purchases without using the app.

What’s the markup for blue chip consulting firms or top end lawyers? Plus, Apple is serving its shareholders. As a public company, that is what shareholders have a right to expect. Once again, the underlying issue is how capitalism works in the US market.

And this statement:

These are high-stakes clashes. As the tech sector grew more concentrated, it also grew less accountable, able to substitute lock-in and regulatory capture for making good products and having their users’ backs. Tech has found new ways to compromise our privacy rights, our labor rights, and our consumer rights – at scale.

Once again the problem is capitalism. The companies have to generate growth, revenue, and profits. Can a government agency manage the day-to-day operations of these technology-centric firms? Governments struggle to maintain roads and keep their Web sites updated. The solution may have been a bit more interest 25 years ago. In my opinion, the “better late than never” approach is not going to work unless governments put these outfits out of business… one way or another.

Net net: The write up is not about Big Dog tech companies ignoring the DMA. The write up wants the basic function of publicly-traded companies to change. Go to a zoo. Find a jungle cat. Tell it to change its stripes. How is that going to work out?

Stephen E Arnold, May 23, 2024

Googzilla Makes a Move in a High Stakes Contest

May 22, 2024

dinosaur30a_thumb_thumbThis essay is the work of a dinobaby. Unlike some folks, no smart software improved my native ineptness.

The trusted “real news” outfit Thomson Reuters published this popular news story about dancing with Googzilla. The article is titled by the click seekers as “Google Cuts Mystery Check to US in Bid to Sidestep Jury Trial.” I love the “mystery check.” I thought FinCEN was on the look out for certain types of transactions.

image

The contest is afoot. Thanks, MSFT Copilot.

Here’s the core of the story: On one side of the multi-dimensional Go board is the US Department of Justice. Yes, that was the department with the statues in the area where employees once were paid each week. On the other side of the game board is Googzilla. This is the digital construct which personifies the Alphabet, Google, YouTube, DeepMind, et al outfit. Some in Google’s senior management are avid game players. After all, one must set up a system in which no matter who plays a Googzilla-branded game, the “just average wizards” who run the company wins. The mindset has worked wonders in the online advertising and SEO sector. The SEO “experts” were the people who made a case to their clients for the truism “If you want traffic, it is a pay-to-play operation.” The same may be said for YouTube and content creators who make content so Google can monetize that digital flow and pay a sometimes unknown amount to a creator who is a one-person 1930s motion picture production company. Ditto for the advertisers who use the Google system to buy advertising and benefit by providing advertising space. What’s Google do? It makes the software that controls the game.

Where’s this going? Google is playing a game with the Department of Justice. I am certain some in the DoJ understand this approach. Others may not grasp the concept of Googzilla’s absolute addiction to gaming and gamesmanship. Casinos are supposed to make money. There are exceptions, of course. I can think of a high-profile case history of casino failure, but Google is a reasonably competent casino operator. Sure, there are some technical problems when the Cloud back end fails and the staff become a news event because they protest with correctly spelled signage. But overall, I would suggest that the depth of Googzilla’s game playing is not appreciated by its users, its competition, or some of the governments trying to regain data and control of information pumped into the creatures financial blood bank.

Let’s look at the information the trusted outfit sought to share as bait for a begging-for-dollars marketing play:

Google has preemptively paid damages to the U.S. government, an unusual move aimed at avoiding a jury trial in the Justice Department’s antitrust lawsuit over its digital advertising business. Google disclosed the payment, but not the amount, in a court filing last week that said the case should be heard and decided by a judge directly. Without a monetary damages claim, Google argued, the government has no right to a jury trial.

That’s the move. The DoJ now has to [a] ignore the payment and move forward to a trial with a jury deciding if Googzilla is a “real” monopoly or a plain vanilla, everyday business like the ones Amazon, Facebook, and Microsoft have helped go out of business. [b] Cash the check and go back to scanning US government job listings for a positive lateral arabesque on a quest to the SES (senior executive service). [c] Keep the check and pile on more legal pressure because the money was an inducement, not a replacement for the US justice system. With an election coming up, I can see option [d] on the horizon: Do nothing.

The idea is that in multi-dimensional Go, Google wants to eliminate the noise of legal disputes. Google wins if the government cashes the check. Google wins if the on-rushing election causes a slow down of an already slow process. Google wins if the DoJ keeps piling on the pressure. Google has the money and lawyers to litigate. The government has a long memory but that staff and leadership turnover shifts the odds to Googzilla. Google Calendar keeps its attorneys filing before deadlines and exploiting the US legal system to its fullest extent. If the US government sues Google because the check was a bribe, Google wins. The legal matter shifts to resolving the question about the bribe because carts rarely are put in front of horses.

In this Googzilla-influenced games, Googzilla has created options and set the stage to apply the same tactic to other legal battles. The EU may pass a law prohibiting pre-payment in lieu of a legal process, but if that does not move along at the pace of AI hyperbole, Google’s DoJ game plan can be applied to the lucky officials in Brussels and Strasbourg.

The Reuters’ report says:

Stanford Law School’s Mark Lemley told Reuters he was skeptical Google’s gambit would prevail. He said a jury could ultimately decide higher damages than whatever Google put forward.

“Antitrust cases regularly go to juries. I think it is a sign that Google is worried about what a jury will do,” Lemley said. Another legal scholar, Herbert Hovenkamp of the University of Pennsylvania’s law school, called Google’s move "smart" in a post on X. “Juries are bad at deciding technical cases, and further they do not have the authority to order a breakup,” he wrote.

Okay, two different opinions. The Google check is proactive.

Why? Here are some reasons my research group offered this morning:

  1. Google has other things to do with its legal resources; namely, deal with the copyright litigation which is knocking on its door
  2. The competitive environment is troubling so Googzilla wants to delete annoyances like the DoJ and staff who don’t meet the new profile of the ideal Googler any longer
  3. Google wants to set a precedent so it can implement its pay-to-play game plan for legal hassles.

I am 99 percent confident that Google is playing a game. I am not sure that others perceive the monopoly litigation as one. Googzilla has been refining its game plan, its game-playing skills, and its gaming business systems for 25 years. How long has the current crop of DoJ experts been playing Googley games? I am not going to bet against Googzilla. Remember what happened in the 2021 film Godzilla vs. Kong. Both beasties make peace and go their separate ways. If that happens, Googzilla wins.

Stephen E Arnold, May 22, 2024

E2EE: Not Good Enough. So What Is Next?

May 21, 2024

dinosaur30a_thumb_thumbThis essay is the work of a dinobaby. Unlike some folks, no smart software improved my native ineptness.

What’s wrong with software? “

I think one !*#$ thing about the state of technology in the world today is that for so many people, their job, and therefore the thing keeping a roof over their family’s head, depends on adding features, which then incentives people to, well, add features. Not to make and maintain a good app.

image

Who has access to the encrypted messages? Someone. That’s why this young person is distraught as she is escorted to the police van. Thanks, MSFT Copilot. Good enough.

This statement appears in “A Rant about Phone Messaging Apps UI.” But there are some more interesting issues in messaging; specifically, E2EE or end to end encrypted messaging. The current example of talking about the wrong topic in a quite important application space is summarized in Business Insider, an estimable online publication with snappy headlines like this one: “”In the Battle of Telegram vs Signal, Elon Musk Casts Doubt on the Security of the App He Once Championed.” That write up reports as “real” news:

Signal has also made its cryptography open-source. It is widely regarded as a remarkably secure way to communicate, trusted by Jeff Bezos and Amazon executives to conduct business privately.

I want to point out that Edward Snowden “endorses” Signal. He does not use Telegram. Does he know something that others may not have tucked into their memory stack?

The Business Insider “real” news report includes this quote from a Big Dog at Signal:

“We use cryptography to keep data out of the hands of everyone but those it’s meant for (this includes protecting it from us),” Whittaker wrote. “The Signal Protocol is the gold standard in the industry for a reason–it’s been hammered and attacked for over a decade, and it continues to stand the test of time.”

Pavel Durov, the owner of Telegram, and the brother of the person like two Ph.D.’s (his brother Nikolai), suggests that Signal is insecure. Keep in mind that Mr. Durov has been the subject of some scrutiny because after telling the estimable Tucker Carlson that Telegram is about free speech. Why? Telegram blocked Ukraine’s government from using a Telegram feature to beam pro-Ukraine information into Russia. That’s a sure-fire way to make clear what country catches Mr. Durov’s attention. He did this, according to rumors reaching me from a source with links to the Ukraine, because Apple or maybe Google made him do it. Blaming the alleged US high-tech oligopolies is a good red herring and a sinky one at that.

What Telegram got to do with the complaint about “features”? In my view, Telegram has been adding features at a pace that is more rapid than Signal, WhatsApp, and a boatload of competitors. have those features created some vulnerabilities in the Telegram set up? In fact, I am not sure Telegram is a messaging platform. I also think that the company may be poised to do an end run around open sourcing its home-grown encryption method.

What does this mean? Here are a few observations:

  1. With governments working overtime to gain access to encrypted messages, Telegram may have to add some beef.
  2. Established firms and start ups are nosing into obfuscation methods that push beyond today’s encryption methods.
  3. Information about who is behind an E2EE messaging service is tough to obtain? What is easy to document with a Web search may be one of those “fake” or misinformation plays.

Net net: E2EE is getting long in the tooth. Something new is needed. If you want to get a glimpse of the future, catch my lecture about E2EE at the upcoming US government Cycon 2024 event in September. Want a preview? We have a briefing. Write benkent2020 at yahoo dot com for restrictions and prices.

Stephen E Arnold, May 21, 2024

Germany Has Had It with Some Microsoft Products

May 20, 2024

dinosaur30a_thumb_thumbThis essay is the work of a dinobaby. Unlike some folks, no smart software improved my native ineptness.

Can Schleswig-Holstein succeed where Munich and Lower Saxony failed? Those two German states tried switching their official IT systems from Microsoft to open source software but were forced to reverse course. Emboldened by Microsoft’s shove to adopt Windows 11 and Office 365, informed by its neighbors’ defeats, and armed with three years of planning, Germany’s northernmost state is forging ahead. The Register frames the initiative as an epic battle in, “Open Source Versus Microsoft: The New Rebellion Begins.”

With cries of “Digital Sovereignty,” Schleswig-Holstein shakes its fist at its corporate overlord. Beginning with the aptly named LibreOffice suite, these IT warriors plan to replace Microsoft products top to bottom with open source alternatives. Writer Rupert Goodwins notes open source software has improved since Munich and Lower Saxony were forced to retreat, but will that be enough? He considers:

“Microsoft has a lot of cards to play here. Schleswig-Holstein will have to maintain compatibility with Windows within its own borders, with the German federation, with Europe, and the rest of the world. If a change to Windows happens to break that compatibility, guess who picks up the pain and the bills. Microsoft wouldn’t dream of doing that deliberately, no matter how high the stakes, yet these things happen. Freedom to innovate, don’t you know. If in five years the transition is a success, the benefits to the state, the people, and open source will be immeasurable. As well as bringing data protection back to those charged with providing it, it will give European laws new teeth. It will increase expertise, funding, and opportunities for open source. Schleswig-Holstein itself will become a new hub of technical excellence in an area that intensely interests the rest of the world, in public and private organizations. Microsoft cannot afford to let this happen. Schleswig-Holstein cannot back down, now it’s made it a battle for independence.”

See the write-up for more warfare language as well as Goodwins’ likening of user agreements to the classic suzerain-vassal relationship. Will Schleswig-Holstein emerge victorious, or will mighty Microsoft prevail? Governments depend on Microsoft. The US is now putting pressure on the Softies to do something more than making Windows 11 more annoying and creating a Six Flags Over Cyber Crime with their security methods. Will anything change? Nah.

Cynthia Murrell, May 22, 2024

Next Page »

  • Archives

  • Recent Posts

  • Meta