MIT Thinks the Ideas of US Attorney General Are Not Good

October 4, 2019

Let’s put this article “Facebook Is Being Asked to Give Access to Encrypted Messages. It’s a Bad Idea” is perspective. First, a number of countries have taken steps to deal with the unexpected consequences of encrypted real time messages. Example? Australia. The issues range from the application of a non slick coating to routine criminal misbehavior to larger-scale actions. Example: Paris night club bombing.

MIT, as you may recall, tried to push under a mattress in Baker House, some interesting information; specifically:

As a result, I am not sure I am convinced that the arguments set forth in the “Facebook Is Being Asked” write up is in alignment of with my 76 year old ethical compass.

There are some involved in law enforcement and intelligence activities seeking ways to deal with the threats — yes, threats — from bright-as-a-button engineers’ innovation machines.

The problem is that when an institution aligned with Jeffrey Epstein suggests that the US Attorney General has a bad idea, why not focus on the processes which created the MIT-Epstein tie up. Once that’s fixed, maybe — just maybe — I will view MIT’s and its instruments’ pronouncements as objective, credible, and in the best interests of dealing with certain problems certain bright-as-a-button innovators have created.

Stephen E Arnold, October 4, 2019

Roy Cohn Documents Released by FBI

September 30, 2019

If you are interested in Roy Cohn, a New York attorney, new information is available. Released by the FBI, the documents contain about 700 pages of information. You can access the data at this link. The documents are redacted. Mr. Cohn interacted with a number of individuals with a high profile. Mr. Cohn died in 1986, that’s 33 years ago. The New York Post ran a photo of Mr. Cohn with a youthful President Trump and mentioned some of Mr. Cohn’s high profile activities.

Stephen E Arnold, September 30, 2019

Should Social Media Algorithms be Used to Predict Crime?

September 18, 2019

Do we want Thought Police? Because this is how you get Thought Police. Though tragedies like the recent mass shootings in El Paso and Dayton are horrifying, some “solutions” are bound to do more harm than good. President Trump’s recent call for social-media companies to predict who will become a mass shooter so authorities can preemptively move against them is right out of Orwell’s 1984. Digital Trends asks, “Can Social Media Predict Mass Shootings Before They Happen?” Technically, it probably can, but with limited accuracy. Journalist Mathew Katz writes:

“Companies like Google, Facebook, Twitter, and Amazon already use algorithms to predict your interests, your behaviors, and crucially, what you like to buy. Sometimes, an algorithm can get your personality right – like when Spotify somehow manages to put together a playlist full of new music you love. In theory, companies could use the same technology to flag potential shooters. ‘To an algorithm, the scoring of your propensity [to] purchase a particular pair of shoes is not very different from the scoring of your propensity to become a mass murderer—the main difference is the data set being scored,’ wrote technology and marketing consultant Shelly Palmer in a newsletter on Sunday. But preventing mass shootings before they happen raises some thorny legal questions: how do you determine if someone is just angry online rather than someone who could actually carry out a shooting? Can you arrest someone if a computer thinks they’ll eventually become a shooter?”

That is what we must decide as a society. We also need to ask whether algorithms are really up to the task. We learn:

“The Partnership on AI, an organization looking at the future of artificial intelligence, conducted an intensive study on algorithmic tools that try to ‘predict’ crime. Their conclusion? ‘These tools should not be used alone to make decisions to detain or to continue detention.’”

But we all know that once people get an easy-to-use tool, the ease-of-use can quickly trump accuracy. Think of how often you see ads online for products you would never buy, Katz prompts. Then consider how it would feel to be arrested for a crime you would never commit.

Cynthia Murrell, September 18, 2019

Code Skill for Everyone? An Interesting Question

August 8, 2019

Amazon, Google, and Microsoft want “everyone” to code. Not so fast.

Necessity is the mother of invention and prisoners are some of the most ingenious individuals when it comes to making food, tattoo machines, booze, and shanks. Prisoners also prove their dexterity in hiding contraband items and getting them into prisons. Books were being used to get contraband items into prisons and it got so bad many prisons have forbidden people to send books to those behind bars. Specific books have also been banned by prisons because of their content and Oregon and other states are taking a stand by forbidding books that teach code. Motherboard Vice shares why in the article, “Prisons Are Banning Books That Teach Prisoners How To Code.”

Oregon’s Department of Corrections wants to set the record straight that not all technology-related books are banned, but each one that is sent through the mail room is assessed to see if it presents “a clear and present danger.” Some of the books that are deemed unsuitable include Microsoft Excel 2016 for Dummies, Google Adsense for Dummies, and Windows 10 For Dummies. It is not surprising that Black Hat Python by Justin Seitz is on the list, because it does include hacking tricks and black hat is dubbed black hat for a reason.

However, basic programming languages are not inherently a clear and present danger. Some of the content in the books is outdated and not a danger to the prison. Then again prisons, like most federal organizations, are notoriously under budgeted and could still be running on Windows 98 or even worse Windows ME. Not allowing prisoners to gain computer literacy skills is more harmful, because you need to be sufficient in computers for even the most basic jobs. Without the proper skills, it is much easier to slip back into a life of crime.

But…

“Officials at the Oregon Department of Corrections (DOC) argue, however, that knowledge of even these basic programs can pose a threat to prisons. ‘Not only do we have to think about classic prison escape and riot efforts like digging holes, jumping fences and starting fires, modernity requires that we also protect our prisons and the public against data system breaches and malware,’ DOC spokesperson Jennifer Black said in an emailed statement. ‘It is a balancing act we are actively trying to achieve.’”

That is a good point, but…

“According to Rutgers law professor Todd Clear, security concerns are overblown because learning to hack can require more than reading a book (for example, unrestricted internet access and some savvy comrades), and prison staff can monitor prisoners’ activities. “They are different places, no doubt, but the security claim is often specious,’ he said.”

In Oregon’s defense 98% of books and magazines sent into prisons are approved. Items that are banned based on “based on IT experience, DOC technical architecture and DOC’s mandate to run safe and secure institutions for all.” Coding classes, where offered, are popular among inmates.

Should prisoners be given access to educational classes, so they improve their lives and break free of the prison system? Perhaps the “everyone” push needs a footnote?

Whitney Grace, August 8, 2019

Trovicor: A Slogan as an Equation

August 2, 2019

We spotted this slogan on the Trovicor Web site:

The Trovicor formula: Actionable Intelligence = f (data generation; fusion; analysis; visualization)

The function consists of four buzzwords used by vendors of policeware and intelware:

  • Data generation (which suggests metadata assigned to intercepted, scraped, or provided content objects)
  • Fusion (which means in DarkCyber’s world a single index to disparate data)
  • Analysis (numerical recipes to identify patterns or other interesting data
  • Virtualization (use of technology to replace old school methods like 1950s’ style physical wire taps, software defined components, and software centric widgets).

The buzzwords make it easy to identify other companies providing somewhat similar services.

Trovicor maintains a low profile. But obtaining open source information about the company may be a helpful activity.

Stephen E Arnold, August 2, 2019

Palantir: Did ICE Paid $60 Million for an App

August 2, 2019

DarkCyber spotted a short article in Counterpunch. The title?

Records Show Palantir Made $60 Million Contracting with ICE for Mobile App

The write up said:

A critical July 2019 exposé from WNYC based on documents obtained via FOIA request shows how Palantir’s proprietary software, in this case the FALCON mobile app, is essential to the removal operations of ICE and related agencies. As WNYC explained, “FALCON mobile allows agents in the field to search through a fusion of law enforcement databases that include information on people’s immigration histories, family relationships, and past border crossings.”

Counterpunch then shared its own research findings:

Counterpunch has learned that since 2016, Palantir has made more than $60 million in contract awards from ICE for access to FALCON and for Operations & Maintenance (O&M) for the mobile application. This, of course, is solely for FALCON and related services, and likely just scratches the surface of the true scope of Palantir’s profits from collaboration with ICE, to say nothing of Palantir’s lucrative relations with other government agencies such as CIA, DoD, etc.

The write up covers some other information about Palantir. DarkCyber finds the $60 million for an app interesting.

Stephen E Arnold, August 2, 2019

Amazon and Law Enforcement: Irrelevant or Something Else?

August 1, 2019

I have given lectures about Amazon’s policeware initiative. The information about this facet of the online bookstore’s work has attracted little attention. Rumor has it that one big time reporter tried to ask questions about Ring doorbells and related technologies and found a “No Entry” sign posted.

DarkCyber’s approach is to rely on real news stories. It appears that the Bezos bulldozer has revved its engine with regard to the role of the Ring doorbell and a handful of law enforcement entities. (Yes, DarkCyber perceives an alleged 200 tie ups as a handful. We are talking about the Bezos bulldozer’s pulling capacity. Think in terms of larger numbers. Think Five Eyes. Think financial regulators around the world.)

If the information in Ars Technica is accurate, DarkCyber learned:

Amazon reportedly provides marketing scripts to more than 200 police partners.

If true, this is indeed interesting. LE and intel professionals are not too keen on publicity. Amazon, a master of financial reporting to the SEC, is not like a Hollywood producer using communications to make a dead duck fly.

The write up “Amazon Writes Scripts for for Cops to Sling Ring Home Cameras, Report Says” cites another publication which reproduces an allegedly “real” email. The email includes this text:

Hi, all,

Appreciate your patience here as we are currently hashing out some across the board approaches for these exact scenarios. Given that this has been in the works for quite some time and the circumstances you describe, can we agree on the following timeline of events as a compromise:

Wed, June 5th, Boca PD Onboarding to Neighbors Portal (PS can use portal by commenting and engaging, no external promotion or discussion of portal beyond that)

Thurs, June 6th: Boca Foundation Subsidy Launch Event

Mon, June 24th: Earliest day for any Boca PD neighbors Portal external, public facing announcement (to be coordinated with Ring and reviewed in advance to ensure appropriate messaging and not conflated with Subsidy program)

Please, let us know if this timeline is acceptable! This will allow PD to become familiar and state using portal while given the subsidy program full public attention and greatest chance for success. While sticking with our strict policy of not conjoining the two in practice or in presentation.

This text comes from Engadget.

DarkCyber’s attempt to make sense of this alleged Amazon email to someone in the Boca PD is hypothetical. Here’s what the research team derived from the text of the allegedly “real” email, our open source information about Amazon policeware, and suppositions and rumors floated at conferences.

First, Amazon is providing funds to jump start the “program.” This marketing method is just like the LexisNexis “make the legal information available to law school students.” The goal is to condition young attorneys to use the for fee LexisNexis when they get an job in a law firm, government agency, or non profit. The subsidy essential makes it possible for cash strapped police departments to get access to technology and data. The approach may have some other benefits like good PR for Amazon, police departments, and city officials.

Second, the approach appears to minimize the law enforcement value of the Ring video doorbell to law enforcement. That’s okay, but Amazon appears to view the Ring project as a way to control information flows and decision making within “independent” law enforcement entities. This strikes DarkCyber as a variation of the methods spelled out in the classic “How to Sell Anything to Anybody.” Getting the customer to say “yes” or do what the sales person wants is one theme of this decades old classic.

Third, Amazon is not “connecting the dots” for its policeware system. (If you want a for fee webinar for your team about Amazon policeware, write us at darkcyber333 at yandex dot com.) A key part of the Amazon way to present discrete services as islands which are loosely coupled. In order to connect these islands, one has to be [a] told about the connections by Amazon, [b] take Amazon AWS training and become Amazon certified, [c] grunt around for open source information which is written to make the larger connections in the Amazon policeware system difficult to discern.

DarkCyber finds the Ars Technica write up, the allegedly “real” memo from Amazon to a police department, and the lack of understanding by many Amazon observers interesting.

Amazon sells cameras, dog food, and T shirts, right?

Absolutely, but it also is working overtime to create an Oracle Axiom dominator plus a few other minor things. Definitely “minor.”

Stephen E Arnold, August 1, 2019

Exclusive: DataWalk Explained by Chris Westphal

July 9, 2019

An Interview with Chris Westphal” provides an in-depth review of a company now disrupting the analytic and investigative software landscape.

DataWalk is a company shaped by a patented method for making sense of different types of data. The technique is novel and makes it possible for analysts to extract high value insights from large flows of data in near real time with an unprecedented ease of use.

DarkCyber interviewed in late June 2019 Chris Westphal, the innovator who co-founded Visual Analytics. That company’s combination of analytics methods and visualizations was acquired by Raytheon in 2013. Now Westphal is applying his talents to a new venture DataWalk.

Westphal, who monitors advanced analytics, learned about DataWalk and joined the firm in 2017 as the Chief Analytics Officer. The company has grown rapidly and now has client relationships with corporations, governments, and ministries throughout the world. Applications of the DataWalk technology include investigators focused on fraud, corruption, and serious crimes.

Unlike most investigative and analytics systems, users can obtain actionable outputs by pointing and clicking. The system captures these clicks on a ribbon. The actions on the ribbon can be modified, replayed, and shared.

In an exclusive interview with Mr. Westphal, DarkCyber learned:

The [DataWalk] system gets “smarter” by encoding the analytical workflows used to query the data; it stores the steps, values, and filters to produce results thereby delivering more consistency and reliability while minimizing the training time for new users. These workflows (aka “easy buttons”) represent domain or mission-specific knowledge acquired directly from the client’s operations and derived from their own data; a perfect trifecta!

One of the differentiating features of DataWalk’s platform is that it squarely addresses the shortage of trained analysts and investigators in many organizations. Westphal pointed out:

…The workflow idea is one of the ingredients in the DataWalk secret sauce. Not only do these workflows capture the domain expertise of the users and offer management insights and metrics into their operations such as utilization, performance, and throughput, they also form the basis for scoring any entity in the system. DataWalk allows users to create risk scores for any combination of workflows, each with a user-defined weight, to produce an overall, aggregated score for every entity. Want to find the most suspicious person? Easy, just select the person with the highest risk-score and review which workflows were activated. Simple. Adaptable. Efficient.

Another problem some investigative and analytic system developers face is user criticism. According to Westphal, DataWalk takes a different approach:

We listen carefully to our end-user community. We actively solicit their feedback and we prioritize their inputs. We try to solve problems versus selling licenses… DataWalk is focused on interfacing to a wide range of data providers and other technology companies. We want to create a seamless user experience that maximizes the utility of the system in the context of our client’s operational environments.

For more information about DataWalk, navigate to www.datawalk.com. For the full text of the interview, click this link. You can view a short video summary of DataWalk in the July 2, 2019, DarkCyber Video available on Vimeo.

Stephen E Arnold, July 9, 2019

Follow Intelligence? Watch the National Geospatial-Intelligence Agency

April 12, 2019

I read “Is Geospatial Intel the New Framework for Civilization? The NGA’s New Director Speaks His Mind.” The article contains several points which DarkCyber has identified as important. Are you into geo-fencing? If not, you may want to learn a bit more about this function.

Stephen E Arnold, April 12, 2019

Silos Persist: GAO Analysis of DHS Asserts

March 23, 2019

Government reports are often filled with useful information. Some reports can be difficult to locate. A good example is GAP-19-210 “Homeland Security: Research & Development Coordination Has Improved, but Additional Actions Need to Track and Evaluate Project.” This report is online as of March 23, 2019, at this link: https://www.gao.gov/products/GAO-19-210. In order to obtain a copy, right click on the link and download the PDF. Rendering of the document in a browser is not reliable.

I think this findability issue provides a good example of the information sharing issues discussed in the 59 page report.

If you are interested in the structure of DHS, the report contains several current organization charts.

The information about the technologies in use for border control is one of the first lists of this type which I have seen recently. You can find these data in Appendix I: Overview of the Science Technology Directorate’s Research and Development Projects on pages 48 and following.

This is a useful document because future procurements are hinted at.

A quick heads up. If you look for the document at www.gao.gov, the document does not appear on the public facing Web site yet. Experimenting with the different options for locating public information, one selector returned a list of DHS related reports with the most recent document dated 2014.

Stephen E Arnold, March 23, 2019

Next Page »

  • Archives

  • Recent Posts

  • Meta