The European Competition Commission Goes for the Throat
November 3, 2020
I wanted to note the October 30, 3030, Reuters’ story “Online Giants Will Have to Open Ad Archives to EU Antitrust Regulators.” At last regulators are taking steps to gain access to the systems and methods used by Google and other online ad giants. The news story helps cement Margrethe Vestager as someone who uses her position to do more than posture. Also, the news story points out that there is a research agency called Algorithm Watch.
The problem is that the companies asked to provide information have legal options. The delays are likely to slow the regulators’ quest for data. If sufficient time goes by, the landscape can be reworked. Internet time is different from regulators’ time.
There is a counter point. Navigate to “Monopoly Power Is Less Dangerous Today Than in Past.” The argument set forth in this Telegraph Herald write up is unlikely to have a significant impact on the good ship SS Margrethe.
Stephen E Arnold, November 3, 2020
India Asks an Existential Question about Google
November 2, 2020
I noted an article on the India TV News called “Isn’t Google Violating Users’ Fundamental Rights by Controlling Choices? Parliamentary Panel Asks.” The write up states:
A parliamentary panel on Thursday [October 29, 2020] questioned the “neutrality” of Google when it is engaged in both advertising and content, and asked was it not violating the fundamental rights of users by “controlling” their choices. Top executives of the search engine appeared before the Joint Committee of Parliament on the Personal Data Protection Bill and responded to queries related to data security.
The article continued:
During the meeting, MPs cutting across party lines asked how can Google be a “neutral platform” when it is engaged in both advertising and content, and how is it possible that it does not give “preferential treatment” to some advertisers in search results, sources said. Some members also posed questions about whether data being processed and stored in the country of origin or somewhere outside, sources said. Noting that Google has a wider presence and available on different forms on the web, some members said it “has the power to affect the choices of its users” and that needs to be checked.
The story did not speculate about the answer to this question. I am not sure if students of Søren Kierkegaard will be enlisted to assist in determining the answer about fundamental rights, the violation thereof, and related issues.
Stephen E Arnold, November 3, 2020
Inconsistent: Not If You Are Googley
November 2, 2020
In the rip roaring testimony on October 28, 2020, I thought some of those digital illuminati wanted Federal guidelines. But I could be mistaken. “The Technology 202: The Social Media Hearing Was a Missed Opportunity for Lawmakers” stated authoritatively:
The nearly four-hour event was chaotic and disjointed from the outset, as lawmakers frequently jumped from hot-button issue to issue — from the Twitter’s’ handling of dictators’ accounts to Google and Facebook’s effect on local news
I like the “dictators’ accounts.” Plural. Lots of dictators.
I noted “Google Steps Up Campaign against EU Push for Tough New Tech Rules.” I learned this allegedly “real” factoid:
Alphabet Inc unit Google has launched a 60-day strategy to counter the European Union’s push for tough new tech rules by getting U.S. allies to push back against the EU’s digital chief and spelling out the costs of new regulations, according to a Google internal document.
The write up continued:
When asked about the document, Google said new rules should take into account that people and companies are asking more from tech companies, rather than less. “As we’ve made clear in our public and private communications, we have concerns about certain reported proposals that would prevent global technology companies from serving the growing needs of European users and businesses,” Karan Bhatia, vice president, global government affairs and public policy, said. The paper proposed increasing the pushback against European Commissioner for internal market Thierry Breton, who is in charge of the DSA, by reaching out to the U.S. government and embassies with the message that the new rules threaten transatlantic relations.
Inconsistent, no just playing chaos and a game plan.
Stephen E Arnold, November 2, 2020
France: No Palantir Gotham Clone. Really?
October 29, 2020
DarkCyber noted “A French Alternative to Palantir Would Take Two Years to Make, Thales CEO Says.” The Reuters news story contains information which allegedly originated with Patrice Caine, the CEO of Thales, a rough equivalent to a large US defense contractor like Raytheon or the British outfit BAE Systems.
Factoids which appear in the write up:
- DGSI, the French equivalent of a mash up of the FBI and NSA, said there was no comparable product available from a French company
- France wants to achieve digital sovereignty in the intelware and policeware markets; that is, use French products
- The time required to clone Gotham is 24 months; however, the assistance of the French government would be needed.
DarkCyber observations:
First, the perception that no French company can deliver this type of system may come as a surprise to some French companies. Firms like Sinequa have marketed intelligence capabilities for many years. Some policeware and intelware is just enterprise search gussied up with a stage costume and some eye liner. Plus, there are other companies as well who might interpret the “no comparable product” comment as an affront; for example, hot ticket Datanami or the quite functional Amesys Eagle and Shadow technology.
Second, the desire to use French products is important. However, the French government has not moved with sufficient purpose to cultivate the type of innovation in intelware evident in the UK, for example. The UK is a policeware and intelware hot spot; for instance, the Gamma Group among others. The deanonymization of digital currencies revolution has been chugging along for a number of years because one university moved forward.
Third, the idea that two years are needed before France has a system comparable to Palantir Gotham is either wildly optimistic or an understatement about the time required. Fast ramping is possible with a French nucleus, supplemented with strategic acquisitions. For example, tap Dassault Exalead, provide funding, and recommend that innovative companies be identified and moved lock, stock, and barrel to Montpellier or Toulouse.
DarkCyber’s team can identify what to buy and what to do to assemble a French solution to the need for a Palantir-type system. It is important to remember that Palantir Gotham is “old” in Internet years. There are innovators and talent to create what France wants more in step with the modern era, not the emulation of a i2 Ltd’s late 1990’s thinking.
And where did the phrase “red tape” originate? Yep, France.
Stephen E Arnold, October 29, 2020
Google to Government: Deeply Flawed Are Your Arguments
October 21, 2020
Google publishes The Keyword, a blog about public policy. The blog presented an essay called “A Deeply Flawed Lawsuit That Would Do Nothing to Help Consumers.” The argument is interesting. The important section is meta; specifically, “The bigger point the lawsuit misses.” The article asserts:
The bigger point is that people don’t use Google because they have to, they use it because they choose to.
One click away from another services, right? People are smart enough to use a service like Swisscows.com, Qwant.com, or Izito.com.
Another key point:
It’s also trivially easy to change your search engine in our browser, Chrome.
Those who use mobile phones can navigate the menus and options in Chrome on a mobile phone or in a desktop computer.
The essay includes “Next Steps.” In this conclusion to the essay, the article states what appears to be the obvious:
We understand that with our success comes scrutiny, but we stand by our position. American antitrust law is designed to promote innovation and help consumers, not tilt the playing field in favor of particular competitors or make it harder for people to get the services they want.
My summary of the essay is: “If you are Googley, you get it. If not, you are not Googley, and there is not much we can do to assist you.”
What happens when governments asleep at the switch for 20 years are told the Google facts about Google? Not much. Habits like a soft bed are easy to get into and hard to get out of.
Ask someone addicted to an opioid, alcohol, shaping information flows, or just doing whatever one wants.
Stephen E Arnold, October 21, 2020
Surprise! Google Allegedly Collaborates with Enforcement Authorities
October 21, 2020
Google collects user information to create customized, targeted ads. Google has stated more than once that it protects its users’ privacy, including search history. It might even seem impossible for Google to keep the entire world’s search history given the amount of space needed to store that information…but it is not. CNet shares that, “Google Is Giving Data To Police Based On Search Keywords, Court Docs Show.”
Police need a warrant to access someone’s digital information, but a loophole allows law enforcement to go around privacy laws. Instead of requesting a specific individual’s search history, law enforcement can go directly to Google and request data on anyone who searched for a specific term.
This recently happened in August 2020, when Florida police asked Google to disclose the identities of people who searched for a specific address. Michael Williams, an associate of singer and sex offender R. Kelly, was arrested for arson and witness tampering. Williams apparently set fire to a car that belonged to a witness in the ongoing R. Kelly sex offender case.
Google released the IP addresses of people who searched for the arson victim’s address and one of them led back to Williams. Williams used his phone to search for the victim’s address and that tied him to the crime.
While it is great that a bad actor like Williams is brought to justice, law enforcement could use a reverse order for Google information for evil purposes. The law enforcement could effectively become bad actors with a badge. The large search history information requests are a loophole to the Fourth Amendment:
“ ‘This ‘keyword warrant’ evades the Fourth Amendment checks on police surveillance,’ said Albert Fox Cahn, the executive director of the Surveillance Technology Oversight Project. ‘When a court authorizes a data dump of every person who searched for a specific term or address, it’s likely unconstitutional.’
The keyword warrants are similar to geofence warrants, in which police make requests to Google for data on all devices logged in at a specific area and time. Google received 15 times more geofence warrant requests in 2018 compared with 2017, and five times more in 2019 than 2018. The rise in reverse requests from police have troubled Google staffers, according to internal emails.”
Google states they support user privacy and support law enforcement. Google requires a search warrant for broad data requests and they only represent 1% of the total legal demands for user data the company receives.
Broad data requests are a growing concern. Legal professionals are challenging their validity, including Williams’s lawyer. Broad data requests do require probable cause like other search warrants. In Williams’ case, he did conduct other searches that includes the phrases: “where can i buy a .50 custom machine gun,” “witness intimidation” and “countries that don’t have extradition with the United States.” These search phrases were discovered when an individual search warrant for Williams was issued.
Broad search requests have positive results, but all it takes is one misinterpretation of the information to harm an innocent. It also does not take much to abuse this power too.
Whitney Grace, October 21, 2020
AI the New Battlefield in Cyberattack and Defense
October 19, 2020
It was inevitable—in the struggle between cybercrime and security, each side constantly strives to be a step ahead of the other. Now, both bad actors and protectors are turning to AI tools. Darktrace’s Max Heinemeyer describes the escalation in, “War of the Algorithms: The Next Evolution of Cyber Attacks” posted at Information/Age. He explains:
“In recent years, thousands of organizations have embraced AI to understand what is ‘normal’ for their digital environment and identify behavior that is anomalous and potentially threatening. Many have even entrusted machine algorithms to autonomously interrupt fast-moving attacks. This active, defensive use of AI has changed the role of security teams fundamentally, freeing up humans to focus on higher level tasks. … In what is the attack landscape’s next evolution, hackers are taking advantage of machine learning themselves to deploy malicious algorithms that can adapt, learn, and continuously improve in order to evade detection, signaling the next paradigm shift in the cyber security landscape: AI-powered attacks. We can expect Offensive AI to be used throughout the attack life cycle – be it to use natural language processing to understand written language and to craft contextualized spear-phishing emails at scale or image classification to speed up the exfiltration of sensitive documents once an environment is compromised and the attackers are on the hunt for material they can profit from.”
Forrester recently found (pdf) nearly 90% of security pros they surveyed expect AI attacks to become common within the year. Tools already exist that can, for example, assess an organizations juiciest targets based on their social media presence and then tailor phishing expeditions for the highest chance of success. On the other hand, defensive AI tools track what is normal activity for its organization’s network and works to block suspicious activity as soon as it begins. As each side in this digital arms race works to pull ahead of the other, the battles continue.
Cynthia Murrell, October 19, 2020
Domains Seized: What Companies Assisted the US Government?
October 13, 2020
The Straits Times’s article “US Seizes Iran Propaganda Websites” reported:
The US has seized 92 web domains used by Iran, including four which purported to be genuine English language news sites…Four of them, with the domain names “newsstand7.com”, “usjournal.net”, “usjournal.us”, and “twtoday.net”, were “operated by or on behalf” of Iran’s Islamic Revolutionary Guard Corps to influence United States domestic and foreign policy…
The article included an interesting factoid; to wit:
The sites were identified first with intelligence from Google and then also with help from Twitter and Facebook…
Interesting?
Stephen E Arnold, October 13, 2020
Facebook and Encryption
October 12, 2020
A number of experts have pointed to the information about Facebook’s contribution to child exploitation, human trafficking, and related activities. A good example is Robert David Steele’s “Betty Boop: Facebook Responsible for 94% of 69 Million Child Sex Abuse Images Reported by US Tech Firms.” DarkCyber notes “Five Eyes and Japan Call for Facebook Backdoor to Monitor Crime.” The point of that Nikkei Asia paywalled article is that encrypted messaging apps are conduits of information related to criminal activity.
Russia has taken some steps to deal with Telegram messaging traffic. Other countries, including Australia, Canada, England, New Zealand, and the United States express similar thoughts. Japan wants to “move closer” to these initiatives.
DarkCyber’s view is that the similarity of views among these countries is a response to a growing cyber crime challenge. The speed of instant messaging is one factor. The messaging apps’ growing robustness coverts what was Dark Web eCommerce within Tor to encrypted channels operating on the “open” Internet. Plus, the messaging apps allow users to create the equivalent of “chat groups” in which like minded individuals can share images and other information.
The call for a back door is getting louder. Providers of these software services may be reluctant to make changes. It is possible that change may be forced upon certain companies.
Stephen E Arnold, October 12, 2020
GSA Government Okays These Drones
October 12, 2020
The General Services Administration has given five manufacturers its blessing to sell their small unmanned aircraft systems (sUAS) to government agencies. GCN examines the development in, “US-Made Small Drones Added to GSA Schedule.” The Defense Innovation Unit (DIU) and the Army’s Short Range Reconnaissance program (SRR) have been working toward this approval for 18 months. That joint effort has developed drones equipped with situational awareness tools that can be deployed quickly. A related DIU project, Blue sUAS, focused on non-DOD applications of drones, like safety inspections, rescue missions, and fighting forest fires. Writer Stephanie Kanowitz informs us:
“The five companies whose products will be available are Altavian, Parrot, Skydio, Teal and Vantage Robotics. … Recognizing a need for drones that government agencies, including the military, could use, Vantage applied to be part of Blue sUAS and tweaked its Vesper unmanned aerial vehicle for federal agency use. Vesper, developed for DIU, differs from Vantage’s first-generation drone, Snap, in that it is ‘substantially more advanced in just about every way,’ including sensors, flight capabilities, security and materials, said Vantage CEO Tobin Fisher. ‘To be specific, on the sensor side, we developed a camera that can see in the dark in 4K and integrated a thermal sensor as well as 18x zoom,’ Fisher said. Additionally, Vesper can fly for 50 minutes and features an extended radio range with an AES 256-encrypted 5-mile link. Vesper is made with components from trusted sources, which Fisher said includes Qualcomm for the onboard processor, Microhard for the radio and SigmaTron International for assembly.”
Impressive. It was crucial that any component that touched data in any way be from a non-Chinese source. For security reasons, the 2020 National Defense Authorization Act prohibits government agencies from purchasing or using drones made in China. The effort goes beyond government agencies, though. Those eye-popping capabilities will soon grace commercial drones, as well. The article quotes the DIU’s Chris Bonzagni:
“These companies have been able to leverage the roughly $18 million in DOD investments to develop spinoff enterprise solutions to offer secure, domestically produced options to enterprise customers worldwide, ultimately adding a much-needed boost to the U.S. sUAS industrial base.”
Ready or not, drones are here to stay and only getting more capable and numerous. Chinese drones are interesting too, but some may phone home.
Cynthia Murrell, October 12, 2020
-
- Subscribe to Beyond Search
Feature archive
News archive
-
