OSINT: As Good as Government Intel
November 16, 2021
It is truly amazing how much information private citizens in the OSINT community can now glean from publicly available data. As The Economist puts it, “Open-Source Intelligence Challenges State Monopolies on Information.” Complete with intriguing examples, the extensive article details the growth of technologies and networks that have drastically changed the intelligence-gathering game over the last decade. We learn of Geo4Nonpro, a project of the James Martin Centre for Nonproliferation
Studies (CNS) at the Middlebury Institute for International Studies at Monterey, California. The write-up reports:
“The CNS is a leader in gathering and analyzing open-source intelligence (OSINT). It has pulled off some dramatic coups with satellite pictures, including on one occasion actually catching the launch of a North Korean missile in an image provided by Planet, a company in San Francisco. Satellite data, though, is only one of the resources feeding a veritable boom in non-state OSINT. There are websites which track all sorts of useful goings-on, including the routes taken by aircraft and ships. There are vast searchable databases. Terabytes of footage from phones are uploaded to social-media sites every day, much of it handily tagged. … And it is not just the data. There are also tools and techniques for working with them—3D modeling packages, for example, which let you work out what sort of object might be throwing the shadow you see in a picture. And there are social media and institutional settings that let this be done collaboratively. Eclectic expertise and experience can easily be leveraged with less-well-versed enthusiasm and curiosity in the service of projects which link academics, activists, journalists and people who mix the attributes of all three groups.”
We recommend reading the whole article for more about those who make a hobby of painstakingly analyzing images and footage. Some of these projects have come to startling conclusions. Government intelligence agencies are understandably wary as capabilities that used to be their purview spread among private OSINT enthusiasts. Not so wary, though, that they will not utilize the results when they prove useful. In fact, the government is a big customer of companies that supply higher-resolution satellite images than one can pull from the Web for free—outfits like American satellite maker Maxar and European aerospace firm Airbus. The article is eye-opening, and we can only wonder what the long-term results of this phenomenon will be.
Cynthia Murrell November 16, 2021
Talkwalker Acquires Reviewbox: The Start of a Roll Up Play?
November 8, 2021
Keeping up with shifting customer sentiment is the realm of consumer intelligence, a field underpinned by AI that differs a bit from traditional market research. We learn from Silicon Luxembourg that one consumer intelligence firm is boosting its capabilities through a recent acquisition in, “Talkwalker Acquires Reviewbox And Expands Its Reach.” The write-up specifies:
“As a global brand today, selling a quality service or product is no longer sufficient to stay relevant. Interacting with consumers and responding to trends has become just as important. A vital piece of this process lies in timely and appropriate responses to customer feedback. By acquiring Reviewbox, Talkwalker integrates product data and reviews from sites such as Amazon, eBay and Wal-Mart, thus giving their customers an improved understanding of how their customers feel about their products. ‘Talkwalker and Reviewbox are a perfect fit,’ said Reviewbox CEO James Horey, who will join Talkwalker to continue developing reviews as a prominent channel. ‘Over the past 5 years, Reviewbox’s unified analytics platform has supplied customers with top-of-the-line industry review data, providing an essential part of the customer intelligence puzzle. Our integration into Talkwalker completes this puzzle, enabling our clients to turn insights into real-time actions.’ By uniting award-winning technology with industry-leading customer support, Talkwalker helps companies connect the dots between what customers think, say and do. This helps companies get a fuller picture of what drives their customers, better react to their input and increase revenue and retention.”
Based in Luxembourg, Talkwalker also maintains offices in New York, San Francisco, Frankfurt, Singapore, Paris, Tokyo, London, and Milan. The company was founded in 2009 and was itself bought out by Marlin Equity Partners in 2018. Since its launch in 2016, Reviewbox has snagged several global corporate clients, from label-maker Avery to appliance manufacturer Whirlpool. The firm is based in Knoxville, Tennessee.
Cynthia Murrell November 8, 2021
Who Remembers Palantir or Anduril? Maybe Peter Thiel?
November 4, 2021
Despite sci-fi stoked fears about artificial general intelligences (AGI) taking over the world, CNBC reports, “Palantir’s Peter Thiel Thinks People Should Be Concerned About Surveillance AI.” Theil, co-founder of Palantir and investor in drone-maker Anduril, is certainly in the position to know what he is talking about. The influential venture capitalist made the remarks at a recent event in Miami. Writer Sam Shead reports:
“Tech billionaire Peter Thiel believes that people should be more worried about ‘surveillance AI’ rather than artificial general intelligences, which are hypothetical AI systems with superhuman abilities. … Those that are worried about AGI aren’t actually ‘paying attention to the thing that really matters,’ Thiel said, adding that governments will use AI-powered facial recognition technology to control people. His comments come three years after Bloomberg reported that ‘Palantir knows everything about you.’ Thiel has also invested in facial recognition company Clearview AI and surveillance start-up Anduril. Palantir, which has a market value of $48 billion, has developed data trawling technology that intelligence agencies and governments use for surveillance and to spot suspicious patterns in public and private databases. Customers reportedly include the CIA, FBI, and the U.S. Army. AGI, depicted in a negative light in sci-fi movies such as ‘The Terminator’ and ‘Ex Machina,’ is being pursued by companies like DeepMind, which Thiel invested in before it was acquired by Google. Depending on who you ask, the timescale for reaching AGI ranges from a few years, to a few decades, to a few hundred years, to never.”
Yes, enthusiasm for AGI has waned as folks accept that success, if attainable at all, is a long way off. Meanwhile, Thiel is now very interested in crypto currencies. For the famously libertarian mogul, that technology helps pave the way for his vision of the future: a decentralized world. That is an interesting position for a friend of law enforcement.
Cynthia Murrell, November 4, 2021
Rogue in Vogue: What Can Happen When Specialized Software Becomes Available
October 25, 2021
I read “New York Times Journalist Ben Hubbard Hacked with Pegasus after Reporting on Previous Hacking Attempts.” I have no idea if the story is true or recounted accurately. The main point strikes me that a person or group allegedly used the NSO Group tools to compromise the mobile of a journalist.
The article concludes:
Hubbard was repeatedly subjected to targeted hacking with NSO Group’s Pegasus spyware. The hacking took place after the very public reporting in 2020 by Hubbard and the Citizen Lab that he had been a target. The case starkly illustrates the dissonance between NSO Group’s stated concerns for human rights and oversight, and the reality: it appears that no effective steps were taken by the company to prevent the repeated targeting of a prominent American journalist’s phone.
The write up makes clear one point I have commented upon in the past; that is, making specialized software and systems available without meaningful controls creates opportunities for problematic activity.
When specialized technology is developed using expertise and sometimes money and staff of nation states, making these tools widely available means a loss of control.
As access and knowledge of specialized tool systems and methods diffuses, it becomes easier and easier to use specialized technology for purposes for which the innovations were not intended.
Now bad actors, introductory programming classes in many countries, individuals with agendas different from those of their employer, disgruntled software engineers, and probably a couple of old time programmers with a laptop in an elder care facility can:
- Engage in Crime as a Service
- Use a bot to poison data sources
- Access a target’s mobile device
- Conduct surveillance operations
- Embed obfuscated code in open source software components.
If the cited article is not accurate, it provides sufficient information to surface and publicize interesting ideas. If the write up is accurate, the control mechanisms in the countries actively developing and licensing specialized software are not effective in preventing misuse. For cloud services, the controls should be easier to apply.
Is every company, every nation, and every technology savvy individual a rogue? I hope not.
Stephen E Arnold, October 25, 2021
Digital Shadows Announces Social Monitor
October 19, 2021
Deep fakes? They are here and Digital Shadows has a service for those who live in fear of digital manipulation.
Bad actors often pose as corporations’ executives and other key personnel on social media. Sometimes the goal is to damage the target’s reputation, but more often it is to enact a phishing scheme. Either way, companies must put a stop to these efforts as soon as possible. We learn there is a new tool for that from, “Digital Shadows Launches SocialMonitor—a Key Defense Against Executive Impersonation on Social Media” posted at PR Newswire. The press release tells us:
“All social media platforms will take down fake accounts once alerted but keeping on top of the constant creation of fake profiles is a challenge. SocialMonitor overcomes these challenges by adding targeted human collection to SearchLight’s existing broad automated coverage. Digital Shadows customers simply need to register key staff members within the SearchLight portal. Thereafter, users will receive ‘Impersonating Employee Profile’ alerts which will be pre-vetted by its analyst team. This ensures that organizations only receive relevant notifications of concern. Russell Bentley at Digital Shadows comments: ‘Fake profiles on social media are rife and frequently used to spread disinformation or redirect users to scams or malware. Social media providers have taken steps such as providing a verified profile checkmark and removing fake accounts. However, there is often too long a window of opportunity before action can be taken. SocialMonitor provides organizations with a proactive defense so that offending profiles can be taken down quickly, protecting their customers and corporate reputation.’”
Note this is yet another consumer-facing app from Digital Shadows, the firm that appears to be leading the Dark Web indexing field. Curious readers can click here to learn more about SocialMonitor. Digital Shadows offers a suite of products to protect its clients from assorted cyber threats. Based in San Francisco, the company was founded in 2011.
Cynthia Murrell October 19, 2021
Voyager Labs Expands into South America
October 14, 2021
Well this is an interesting development. Brazil’s ITForum reports, “Voyager Labs Appoints VP and Opens Operations in Latin America and the Caribbean.” (I read and quote from Google’s serviceable translation.)
Voyager Labs is an Israeli specialized services firm that keeps a very low profile. Their platform uses machine learning to find and analyze clues to fight cyber attacks, organized crime, fraud, corruption, drug trafficking, money laundering, and terrorism. Voyager Labs’ clients include private companies and assorted government agencies around the world.
The brief announcement reveals:
“Voyager Labs, an AI-based cybersecurity and research specialist, announced this week the arrival in Latin America and the Caribbean. To lead the operation, the company appointed Marcelo Comité as regional vice president. The executive, according to the company, has experience in the areas of investigation, security, and defense in Brazil and the region. Comité will have as mission to consolidate teams of experts to improve the services and support in technologies in the region, according to the needs and particularities of each country. ‘It is a great challenge to drive Voyager Labs’ expansion in Latin America and the Caribbean. Together with our network of partners in each country, we will strengthen ties with strategic clients in the areas of government, police, military sector and private companies’, says the executive.”
We are intrigued by the move to South America, since most of the Israeli firms are building operations in Singapore. What’s Voyager know that its competitors do not? Not familiar with Voyager Labs? Worth knowing the company perhaps?
Cynthia Murrell, October 14, 2021
Key Words: Useful Things
October 7, 2021
In the middle of nowhere in the American southwest, lunch time conversation turned to surveillance. I mentioned a couple of characteristics of modern smartphones, butjec people put down their sandwiches. I changed the subject. Later, when a wispy LTE signal permitted, I read “Google Is Giving Data to Police Based on Search Keywords, Court Docs Show.” This is an example of information which I don’t think should be made public.
The write up states:
Court documents showed that Google provided the IP addresses of people who searched for the arson victim’s address, which investigators tied to a phone number belonging to Williams. Police then used the phone number records to pinpoint the location of Williams’ device near the arson, according to court documents.
I want to point out that any string could contain actionable information; to wit:
- The name or abbreviation of a chemical substance
- An address of an entity
- A slang term for a controlled substance
- A specific geographic area or a latitude and longitude designation on a Google map.
With data federation and cross correlation, some specialized software systems can knit together disparate items of information in a useful manner.
The data and the analytic tools are essential for some government activities. Careless release of such sensitive information has unanticipated downstream consequences. Old fashioned secrecy has some upsides in my opinion.
Stephen E Arnold, October 7, 2021
NSO Group and Collateral Damage: Shadowdragon
September 23, 2021
The NSO Group has captured headlines and given a number of journalists a new beat to cover: Special service vendors. This phrase “specialized service vendors” is the one I use to capture the market niche served by companies as diverse as Anduril to Voyager Labs. Most of these firms walk a fine line: Providing enough public information so that a would-be customer like a government agency can locate a contact point to staying out of the floodlights looking for next NSO Group to research and write about.
I read “Shadowdragon: Inside the Social Media Surveillance Software That Can Watch Your Every Move.” The exposé appearing in the The Intercept follows a predictable pattern: Surveillance, law enforcement, technology, sources, similar software (in this story Kaseware), and rights violations.
A Wall Street Journal reporter is allegedly working on a book that will surf on the the NSO Group’s tsunami of surveillance shock.
I have spelled out three concerns about what I call the conversion of NSO Group from a low-profile outfit to the poster child for misuse of certain types of technology. Let me recap these:
- SNOWDEN. Edward Snowden’s oath to keep information secret was broken with his notable data dump. Some of these 2013 materials provided sufficient information about specialized software and services to create or release a desire to know more about the market segment.
- CITIZENS LAB. In 2016 Citizen’s Lab kicked off its coverage of the specialized software niche with “The Million Dollar Dissident: NSO Group’s iPhone Zero Days Used against a UAE Human Rights Defender.”
- PITCHING NSO. In 2017, Francisco Partners’ mounted an effort to sell NSO Group for an asking price of around $1 billion. Venture and finance types perked up their ears. Some asked, “What’s this specialized service cyber software?”
- BOOK. In 2019, Shoshana Zuboff published “The Age of Surveillance Capitalism,” which provided a “name” to some of the specialized software functions.
Reporters, activists, researchers, academics, and companies not previously aware of the specialized service sector are now chasing information. Unlike some commercial market sectors, funds are available. The appetite for advanced software and services is growing.
Now back to the company named associated by some with an insect. What impact will the Intercept write up have. I don’t know, but I have three ideas:
First, the company will become a subject of interest for some; for example, an investigative reporter working on a book about the specialized service sector.
Second, non-LE and intel-related organizations will express an interest in licensing the software and gaining access to the firm’s database and other technology. (Voyager Labs has explored selling its software for “marketing.”)
Third, the company’s willingness to market its products and services more aggressively may be reduced. Shadowdragon advertised for a marketing professional, presumably to support the company’s sales efforts. One of the firm’s senior managers posts on LinkedIn in order to express support for certain activities and retain visibility in that Microsoft owned service.
From my narrow point of view, some information should not be exposed to the public; for example, the Snowden dump. And some of the marketing activities of specialized service providers should be wound back to the low profile activities of the pre-911 era.
Unfortunately it may be too late. Commercial success may be more important than creating solutions which support LE and intelligence operations. Today anyone can enjoy useful tools. Check out Hunchly OSINT or Maltego. Explore what these tools can do.
Will Shadowdragon become collateral damage as a consequence of NSO Group?
Stephen E Arnold, September 23, 2021
Alleged DHS Monitoring of Naturalized Citizens
September 9, 2021
Are the fates of millions of naturalized immigrants are at the mercy of one secretive algorithm run by the Department of Homeland Security and, unsurprisingly, powered by Amazon Web Services?
The Intercept examined a number of documents acquired by the Open Society Justice Initiative and Muslim Advocates through FOIA lawsuits and reports, “Little-Known Federal Software Can Trigger Revocation of Citizenship.” Dubbed ATLAS, the software runs immigrants’ information through assorted federal databases looking for any sign of dishonesty or danger. Journalists Sam Biddle and Maryam Saleh write:
“ATLAS helps DHS investigate immigrants’ personal relationships and backgrounds, examining biometric information like fingerprints and, in certain circumstances, considering an immigrant’s race, ethnicity, and national origin. It draws information from a variety of unknown sources, plus two that have been criticized as being poorly managed: the FBI’s Terrorist Screening Database, also known as the terrorist watchlist, and the National Crime Information Center. Powered by servers at tech giant Amazon, the system in 2019 alone conducted 16.5 million screenings and flagged more than 120,000 cases of potential fraud or threats to national security and public safety. Ultimately, humans at DHS are involved in determining how to handle immigrants flagged by ATLAS. But the software threatens to amplify the harm caused by bureaucratic mistakes within the immigration system, mistakes that already drive many denaturalization and deportation cases.”
DHS appears reluctant to reveal details of how ATLAS works or what information it uses, which makes it impossible to assess the program’s accuracy. It also seems the humans who act on the algorithm’s recommendations have misplaced faith in the accuracy of the data behind it. The article cites a 2020 document:
“It also notes that the accuracy of ATLAS’s input is taken as a given: ‘USCIS presumes the information submitted is accurate. … ATLAS relies on the accuracy of the information as it is collected from the immigration requestor and from the other government source systems. As such, the accuracy of the information in ATLAS is equivalent to the accuracy of the source information at the point in time when it is collected by ATLAS.’ The document further notes that ‘ATLAS does not employ any mechanisms that allow individuals to amend erroneous information’ and suggests that individuals directly contact the offices maintaining the various databases ATLAS uses if they wish to correct an error.”
We are sure that process must be a piece of cake. The authors also report:
“Denaturalization experts say that putting an immigrant’s paper trail through the algorithmic wringer can lead to automated punitive measures based not on that immigrant’s past conduct but the government’s own incompetence. … According to [Muslim Advocates’ Deborah] Choi, in some cases ‘denaturalization is sought on the basis of the mistakes of others, such as bad attorneys and translators, or even the government’s failures in record-keeping or the failures of the immigration system.’ Bureaucratic blundering can easily be construed as a sign of fraud on an immigrant’s part, especially if decades have passed since filling out the paperwork in question.”
Worth monitoring. Atlas may carry important payloads, or blow up on the launch pad.
Cynthia Murrell, September 9, 2021
TikTok: No Big Deal? Data Collection: No Big Deal Either
September 7, 2021
Here’s an interesting and presumably dead accurate statement from “TikTok Overtakes YouTube for Average Watch Time in US and UK.”
YouTube’s mass audience means it’s getting more demographics that are comparatively light internet users… it’s just reaching everyone who’s online.
So this means Google is number one? The write up points out:
The Google-owned video giant has an estimated two billion monthly users, while TikTok’s most recent public figures suggested it had about 700 million in mid-2020.
Absolutely. To me, it looks as if two billion is bigger than 700 million.
But TikTok has “upended the streaming and social landscape.”
How? Two billion is bigger than 700 million. Googlers like metrics, and that’s a noticeable difference.
I learned that the average time per user spent on the apps is higher for TikTok than for YouTube. TikTok has a high levels of “engagement.”
Google YouTube has more users, but TikTok users are apparently more hooked on the short form content from the quasi-China influenced outfit.
Advertisers will care. Retailers who want to hose users with product pitches via TikTok care.
Data harvesters at TikTok will definitely care. The more time spent on a monitored app provides a more helpful set of data about the users. These users can be tagged and analyzed using helpful open source tools like Bootleg.
Just a point to consider: How useful will time series data be about a TikTok user or user cluster? How useful will such data be when it comes time to identify a candidate for insider action? But some Silicon Valley wizards pooh pooh TikTok data collection. Maybe a knowledge gap for this crowd?
Stephen E Arnold, September 9, 2021
-
- Subscribe to Beyond Search
Feature archive
News archive
-
