Facebook and Google Get the Scoop in Australia
August 6, 2020
I read “Forcing Tech Giants to the Table.” The write up explains how the pay Australian publishers scheme will function. The article quoted Australian Treasurer Josh Frydenberg making the framework crystal clear:
We want Google and Facebook to continue to provide these services to the Australian community, which are so much loved and used by Australians. But we want it to be on our terms.
Those high school science club managers are not likely to find the phrase “on our terms” what is required to sit at the physicists’ and mathematicians’ table in the cafeteria.
The services required to deliver cash are summarized this way:
The range of Facebook services subject to arbitration includes Facebook News Feed, Instagram and the Facebook News Tab. The Google services are Google Search, Google News and Google Discover.
That defeats the whole purpose of the “free” services Google provides. On the other hand, if Google does pay for news in an above board manner, maybe the online ad giant can run sponsored messages, really tasteful ads, and present news in a logical order determined by black box algorithmic magic?
The write up adds:
A breach of the code by Facebook or Google could have a few potential outcomes. The first is an infringement notice which has a penalty of $A133,200 for each breach. If the ACCC takes one of the tech giants to court, the maximum penalty is the higher of $A10million, 10% of the digital platform’s turnover in Australia in the past 12 months, or three times the benefit obtained by the tech giant as a result of the breach (if this can be calculated).
Net net: The science club crowd is likely to pout and be forced to fork out real money to legal eagles. These advisers will say, “This Australian thing will not fly.”
In the meantime, Facebook and Google will keep on doing stuff like selling ads, buying market share, and innovating to solve problems like death.
Stephen E Arnold, August 6, 2020
TikTok: Our Way or the Huawei
August 4, 2020
Excitement ahead. There’s nothing like the Rona and a financial crisis to catch attention. But these may be also ran topics if the trade tension between China and the US is cranked up.
“China Accuses US of Outright Bullying over TikTok” reports that Wang Wenbin (Chinese official) allegedly said:
“The US, without providing any evidence, has been using an abused concept of national security… unjustifiably suppressing certain non-US companies.”
To add some zest, President Trump wants Microsoft to know that its okay to buy TikTok comes with a price tag? The figures are not available. Whatever the amount, a piece of the action goes to the US government.
That angle is likely to put some on edge. Yep, it seems that the US wants one way or its the Huawei for the only app in several years which may have a chance to generate traction in the wonderlands of Facebook and YouTube.
Stephen E Arnold, August 4, 2020
European Union: Yes, Russia Warrants Some Attention
August 4, 2020
With so many smart people wrestling with the Google and cage fighting with England, I was surprised to read “EU, in First Ever Cyber Sanctions, Hits Russian Intelligence.” The allegedly accurate write up states:
Four members of Russia’s GRU military intelligence agency were singled out. The EU accuses them of trying to hack the wifi network of the Netherlands-based Organization for the Prohibition of Chemical Weapons, which has probed the use of chemical weapons in Syria. The 2018 attack was foiled by Dutch authorities.
In addition, two individuals described as “Chinese nationals” found themselves in the sanction target area.
There are several ways to look at this action. First, the Google is a bigger deal than the EU’s friend to the East. Second, the Brexit fishing rights thing distracted EU officials from mere intelligence and trans-national security matters. Third, maybe someone realized that cyber espionage and cyber attacks are something to think about. A couple of years or more seems pretty snappy compared to other EU projects.
Stephen E Arnold, August 3, 2020
European Union Tries Panenka to Score Against Encrypted Data
July 31, 2020
Let’s assume this write up is accurate: “EU Plans to Use Supercomputers to Break Encryption But Also Wants Platforms to Create Opportunities to Snoop on End-to-End Communications.”
The “going dark” argument is not moving fast enough for European Union regulators. The fix is a “decryption platform.” The idea is to decrypt certain messages. The interesting part of the tactic is summarized in this passage:
Internet service providers such as Google, Facebook and Microsoft are to create opportunities to read end-to-end encrypted communications. If criminal content is found, it should be reported to the relevant law enforcement authorities. To this end, the Commission has initiated an “expert process” with the companies in the framework of the EU Internet Forum, which is to make proposals in a study. This process could later result in a regulation or directive that would force companies to cooperate.
The article points out:
There’s no way to “create opportunities” to read end-to-end encrypted communications without weakening the latter.
Worth monitoring the idea and its implementation and its opportunities.
Stephen E Arnold, July 31, 2020
Stunning NIST Report: Who Knew?
July 30, 2020
Years ago I did some work for the US government. Nothing much. In the course of the work, I learned about some interesting US government reports; for example, some Library of Congress public documents which are not available to the public and a couple of studies whose subjects baffled me.
Kid Durango as a masked bank robber. Who knew that a mask would make it difficult to recognize the bad hombre?
I read “NIST Launches Investigation of Face Masks’ Effect on Face Recognition Software.” The write up reports:
Now that so many of us are covering our faces to help reduce the spread of COVID-19, how well do face recognition algorithms identify people wearing masks? The answer, according to a preliminary study by the National Institute of Standards and Technology (NIST), is with great difficulty. Even the best of the 89 commercial facial recognition algorithms tested had error rates between 5% and 50% in matching digitally applied face masks with photos of the same person without a mask.
Facial recognition works in a couple of basic ways. A system can convert a face to ovals, take calculations of the eye areas, the snoot, and the mouth. Measurements are made and the system looks for matches. As some may know, recognition accuracy can vary widely. When an artificial intelligence, super duper program is used, the oval idea is supplemented with pattern recognition. Most of the systems with which I have modest familiarity use both methods and then display possible to an investigator.
What did the NIST study conclude? Face masks reduce accuracy. Face masks cause FR systems to not recognize the face as a face. The nose plays a big part in accuracy. No nose, reduced accuracy.
The study seems well intentioned. But didn’t bank robbers in the 1840s wear masks? From my point of view, the study validates what most people already know. A person wearing a mask is harder to identify.
What’s that error rate and false positive rate again, partner?
Stephen E Arnold, July 30, 2020
IBM Discloses Iranian Hacking: Was Watson on the Job?
July 30, 2020
We spotted an interesting nugget of information in “Iran-Linked Hackers Mistakenly Leak Videos of Their Operations in Action: Report.”
The story reveals that:
IBM’s X-Force security team acquired about five hours of video footage of hacking operations by APT35, a hacking group linked to the Iranian government…
Where did the video originate? The answer: Iran.
The IBM researchers got a hold of the footage due to “a misconfiguration of security settings on a virtual private cloud server they’d observed in previous APT35 activity,” the report said, adding that the files were uploaded to the exposed server over a few days in May, just as IBM was monitoring the machine. The APT35 hackers recorded their operations to demonstrate to junior team members how to handle hacked accounts, according to the report. The videos show the hackers how to download the contents of compromised Gmail and Yahoo Mail accounts.
The report does not mention Watson. Interesting.
Stephen E Arnold, July 29, 2020
More about India App Banning
July 23, 2020
India and China are not likely to hold a fiesta to celebrate the digital revolution in the next month or two. “Government Said to Ask Makers of 59 Banned Chinese Apps to Ensure Strict Compliance” explains that India has some firm ideas about the potential risks of Chinese-centric and Chinese-developed mobile applications. The risks include actions “prejudicial to sovereignty, integrity and security of the country.”
The write up states:
If any app in the banned list is found to be made available by the company through any means for use within India, directly or indirectly, it would be construed as a violation of the government orders…
It is not clear what action the Indian government can take, but obviously the issue is perceived as important; specifically, the accusation relates to the:
stealing and surreptitiously transmitting users’ data in an unauthorized manner to servers which have locations outside India.
Among the nearly 60 banned apps are:
- Club Factory
- TikTok
- UC Browser
- Xiaomi
Plus, some less high profile services:
- Bigo Live
- CamScanner
- Helo
- Likee
- Shein
There will be workarounds, of course. It is not clear if a citizen persists in using a Xiaomi phone and its baked in apps (some of which route interesting information through data centers in Singapore) what the consequences will be.
Censorship of the Internet is thriving and becoming an active measure in India and other countries. Why? Because Internet, of course.
Stephen E Arnold, July 23, 2020
Data Flow: Getting More Expensive and Non Real Time
July 22, 2020
DarkCyber does not have a dog in this fight. We want to point you to “Top EU Court Ditches Transatlantic Data Transfer Deal.” The write up states:
Europe’s highest court ruled on Thursday [July 16, 2020] that a transatlantic data transfer deal is invalid because of concerns about US surveillance in a decision that could disrupt thousands of companies that rely on the agreement. The ruling effectively ends the privileged access companies in the United States had to personal data from Europe and puts the country on a similar footing to other nations outside the bloc, meaning data transfers are likely to face closer scrutiny.
There are work arounds; however, these add bureaucratic friction and mean that real time data access may be less real time. “Old” data is often “useless” data.
Stephen E Arnold, July 22, 2020
Google May Want to Spin Up Some New Jargon
July 20, 2020
Marketwatch published “Barr Blasts Apple and Google As All Too Willing to Cooperate with China.” The report states:
The criticism of U.S. companies came amid a broad speech on China, in which Barr said the Chinese Communist Party was seeking to “make the world safe for dictatorship” and accused China of waging an “economic blitzkrieg” against the U.S. in a bid for global dominance.
How has Google responded? We noted “Google’s Mission Is to Get Technology to More People: Sundar Pichai”, which is a short video. The article stated:
Google and Jio “would work together to increase internet access for millions of Indians, who do not currently have a smartphone, while improving the mobile experience for all.”
With testimony looming before Congress, Google’s alleged “fraternizing” with a country on the radar of the Attorney General and positioning investments in India as a way to improve “the mobile experience for all” does not capture several nuances about the 21st century of the Google:
- Google needs eyeballs to sell ads in order to keep Wall Street and stakeholders content. So “advertising.”
- Google appears to be keen on finding some way to generate revenue directly or on the periphery of the “China market.” So a country Google suggested change cannot kick the habit of thinking about revenue from the world’s largest market.
- Google seems somewhat disconnected from the increased scrutiny individuals like Mr. Barr are giving the company with the great booth give away: A Googley mouse pad.
Net net: A different PR spin may be needed. Hint: “For all” may connote Google advertising.
Stephen E Arnold, July 20, 2020
Once Again: NSO Group Becomes a Magnet for Real Journalists
July 16, 2020
We spotted one of those “We don’t have or can’t tell you where we got this information” write ups. The article is “Source: Spain Is a Customer of NSO Group.” The main idea of the article is that a government licensed software developed for … wait for it … governments. According to the “source” with some inputs from other real news outfits like The Guardian and El Pais, the NSO Group’s specialized software was used to obtain information about … wait for it … politicians in Spain.
The write up states:
The cell phones of several politicians in Spain, including that of the president of one of the countries’ autonomous regional parliaments, were targeted with spyware made by NSO Group, an Israeli company that sells surveillance and hacking tools to governments around the world, according to The Guardian and El Pais . Motherboard confirmed the specifics with security researchers who investigated the attempted hack and a Facebook employee who has knowledge of the case.
Interesting. But a couple of questions come to mind:
- Was the alleged use of the software a complement to an investigation; for example, inciting civil unrest?
- Was the alleged use of the software gathering data on matter one and obtained information on a collateral or unrelated matter two?
- Why aren’t the sources identified? Policy or some special rules of “real” journalism that elude me?
The disclaimer “We cannot confirm whether these specific attempted hacks” does nothing to alter my perception of the article; to wit: The article wants to draw attention to a particular specialized software developer and connect that company to the alleged use of the software by a licensee of the software. How’s that work? Consider the manufacturer of a knife. The purchaser of the knife uses it to kill an intruder. Is the knife manufacturer responsible? What applies to companies which are in the business of developing specialized software tools is different from the knife manufacturer.
I want to point out the Bank Info Security reported that an Israeli court dismissed a complaint against the NSO Group. Amnesty International accused the NSO group of violating human rights. On the surface, it seems that the allegations of Amnesty International were found to be without much heft.
The real question is, “Why are outfits like Vice and Amnesty International chasing NSO Group?”
DarkCyber has some hunches about the “why”? For example:
- Companies which develop specialized services and operate in a classified or community environment populated by government customers are somehow offensive to the “real” journalists. Is this a factor? Sensibilities are activated.
- The “real” journalists are just now realizing that those charged with enforcing the laws of countries are using specialized tools for investigations or addressing challenges which in the opinion of the government customers threaten civil order. This “sudden discovery” is like a child’s getting a new toy for her birthday. By golly, that toy is going to get some attention because it is novel to the childish mind.
- The “real” journalists are trying to come up with “news” which is stale, routine, and institutionalized in government entities throughout the world. The focus, however, is one the producer of specialized software, not on the specific government entity licensing the software.
DarkCyber believes the truth is closer to the child’s fascination with what the child with its immature perception sees as mesmerizing.
News flash for the “real” journalists: Chasing vendors of specialized software may not be the revenue and attention magnet for which the publications hunger. Plus, there may be some unintended consequences of speculative writing about topics presented without context.
Stick with facts and identified sources. Could the NSO Group articles be converted into a Quibi program? Advance the “real” agenda with short video. Worth a shot? Sources may not be needed for a short form Quibi thing.
Stephen E Arnold, July 16, 2020
-
- Subscribe to Beyond Search
Feature archive
News archive
-
