CyberOSINT banner

Quotes to Note: The Thiel-Hulk Matter

May 26, 2016

The downsizing New York Times is channeling the Gawker thing. I read “Tech Billionaire in a Secret War with Gawker.” [Note: You may or may not be able to view this. Speak to the Gray Lady, not me.] The billionaire is Peter Thiel, a founder of PayPal and a number of other high profile and wildly successful companies. He is, I learned, a member of the PayPal mafia. Who knew?


I was not sure what a “demigod” was. I turned to Google. The first hit is this illustration apparently from a video game. Who knew?

I am not interested in the news story about a person who wants to fight for truth, justice, and the Silicon Valley way. I am not sure who Hulk Hogan is. That’s okay. The write up contained some quotes to note. I don’t want to lose track of these. I might want to spice up a report or a lecture with these allegedly accurate statements made by a powerful, rich wizard. Here you go:

  1. The story is not a story. It is a “bizarre and astounding back story.” [The New York Times] I once read similar headlines in the IGA store waiting for a human to check out my toothpaste and sparkling water purchases. Who published stories with these words? I think it was the National Enquirer.
  2. “I refuse to believe that journalism means massive privacy violations.”—Peter Thiel
  3. “We wanted flying cars, instead we got 140 characters,” is the Founders Fund tag line.—The New York Times quoting a Web site.

Great stuff. I wonder how Palantir Technologies, a company founded by Mr. Thiel, who is characterized as having “demigod status”, about the leaks to Buzzfeed. Should that reporter be concerned about legal action? I hope not.

Stephen E Arnold, May 26, 2016

The Office of Personnel Management Hack Is Very Bad

May 11, 2016

The US Office of Personnel Management (OPM) was hacked for more than a year before it was discovered in April 2015.  The personal information of 21 million current and former government employees was stolen, including their Social Security numbers and home addresses.  The hack does not seem that important, unless you were or are a government employee, but the Lawfare Blog explains differently in “Why The OPM Hack Is Far Worse Than You Imagine.”

The security breach is much worse than simple identity theft, because background checks were stolen as well.  It might seem that a background check is not that serious (so the hackers discovered a person got a speeding ticket?), but in reality these background checks were far more extensive than the usual as they were used for purposes of entering government mandated areas.  The security clearances included information about family, sexual behavior, and risk of foreign exploitation.  If that was not bad enough,

“Along with the aforementioned databases, the OPM systems are linked electronically to other agencies and databases, and it stored much of this data alongside the security clearance files. According to a 2007 White House report on OPM security clearance performance, checks of State Passport records and searches of military service records are now conducted electronically. According to this report, then, there are electronic linkages between the OPM Security Clearance files, Department of Defense service records, and State Department Passport records.”

OPM took measures to ensure future security, but they either expose whom the victims of the breach are and would allow private contractors access to sensitive data to mitigate future attacks.  OPM is not willing to acknowledge these deficiencies, but would rather continue to expose the victims (and future victims) to further danger.


Whitney Grace, May 11, 2016
Sponsored by, publisher of the CyberOSINT monograph

European Cybersecurity Companies

May 8, 2016

We’ve run across an interesting list of companies at Let’s Talk Payments, “Europe’s Elite Cybersecurity Club.” The bare-bones roster names and links to 28 cybersecurity companies, with a brief description of each. See the original for the descriptions, but here are their entries:

SpamTitan, Gemalto, Avira, itWatch, BT, Sophos, DFLabs, ImmuniWeb, Silent Circle, Deep-Secure, SentryBay , AVG Technologies, Clearswift, ESNC, DriveLock,  BitDefender, neXus, Thales, Cryptovision, SecuniaOsirium, Qosmos, Digital Shadows, F-Secure, SmoothwallBrainloop, TrulyProtect, and Enorasys Security Analytics

It is a fine list as far as it goes, but we notice it is not exactly complete. For example, where is FinFisher’s parent company, Gamma International? Still, the list is a concise and valuable source for anyone interested in learning more about these companies.


Cynthia Murrell, May 8, 2016

Sponsored by, publisher of the CyberOSINT monograph

New Security Service Enters Consumer Space

April 29, 2016

It looks like another company is entering the arena of consumer cybersecurity. An article from Life Hacker, Privacy Lets You Create “Virtual” Credit Card Numbers, Deactivate One Instantly If It’s Stolen, shares the details of Privacy. Their tool generates disposable card numbers online, which can be tied to accounts with participating banks or Visa cards, and then allows users to easily deactivate if one is stolen. The service is free to users because Privacy makes money acting as a credit card processor. The article tells us,

“Privacy just gives you the ability to create virtual “accounts” that are authorized to charge a given amount to your account. You can set that account to be single use or multi-use, and if the amount is used up, then the transaction doesn’t go through to your main account. If one of your virtual accounts gets hit with an account you don’t recognize, you’ll be able to open the account from the Privacy Chrome or Firefox extension and shut it down immediately. The Chrome extension lets you manage your account quickly, auto-fill shopping sites with your virtual account numbers, or quickly create or shut down numbers.”

We think the concept of Privacy and the existence of such a service points to the perception consumers find security measures increasingly important. However, why trust Privacy? We’re not testing this idea, but perhaps Privacy is suited for Dark Web activity.


Megan Feil, April 29, 2016

Sponsored by, publisher of the CyberOSINT monograph

Businesses as Beneficiaries of the Dark Web

April 28, 2016

Who makes money off the Dark Web? Vice’s Motherboard covers this in a recent article, The Booming and Opaque Business of Dark Web Monitoring. Much coverage exists on the cybercriminals using Tor, but this article describes the two types of threat intelligence monitoring businesses which specialize in crawling the Dark Web. The first approach is algorithm-based, such as the method used by Terbium Labs’ Matchlight product which scans and scours marketplaces for sensitive data or intellectual property. The alternative approach used by some companies is explained,

“The other tactic is a more human approach, with analysts going undercover in hacking forums or other haunts, keeping tabs on what malware is being chatted about, or which new data dump is being traded. This information is then provided to government and private clients when it affects them, with each monitoring company digesting it in their own particular way. But, there is a lot of misleading or outright fabricated information in the dark web. Often, particular listings or entire sites are scams, and forum chatter can be populated with people just trying to rip each other off. For that reason, it’s not really good enough to just report everything and anything you see to a customer.”

Recent media coverage mostly zeroes in on cybercrime related to the Dark Web, so this article is a refreshing change of pace as it covers the businesses capitalizing on the existence of this new platform where stolen data and security breaches can find a home. Additionally, an important question about this business sector is raised: how do these Dark Web monitoring companies valuable leads from scams aimed at deceiving?


Megan Feil, April 28, 2016

Sponsored by, publisher of the CyberOSINT monograph

Google. No One Can Stop It. No One. No One. Aaaargh.

April 24, 2016

When I was a wee lad in days when admission to a motion picture was 25 cents, I recall watching with eyeballs wide open The Blob. Look at the poster for the film which flickered across the silver screen in 1958:

The words chosen to promote the film were “indescribable,” “indestructible,” and “Nothing can stop it.”

I read “If the Eurocrats Don’t Take on Google, No One Will Be Able to Stop It.” I find it interesting that the shock and awe words used by a promotion team in 1958 have become the currency of “real” journalism and punditry. Nothing can stop it lacks only an exclamation point.

The write up, wittingly or unwittingly, evokes “the molten meteor” as a metaphor for Google. The article reminded me:

If the commission decides that Google has indeed broken European competition law, then it can levy fines of up to 10% of the company’s annual global revenue for each of the charges. Given that Google’s global sales last year came to nearly $75bn, we’re talking about a possible fine of $15bn (£10.5bn). Even by Google standards, that’s serious money. And it’s not exactly an idle threat: in the past, the Eurocrats have taken more than a billion dollars off both Microsoft and Intel for such violations.

Money. The molten meteor cannot ignore that financial blood bank contribution. Imagine. Messrs. Brin and Page losing color and wheezing toward a Foosball game in the Alphabet Google offices in Mountain View. Frightening.

The legal system lacks a Steve McQueen it seems. The forces of good (the European Commission) has to find a way to stop the Alphabet Google from spelling doom. The article whines:

Once upon a time, we relied on the state to do this on our behalf – to cut monopolies down to size, to keep corporate power in check. The strange thing about the digital world is that states now seem unequal to this task. At the moment, the EC is the only game in town. Which makes one wonder if the Brexit enthusiasts have thought of that.

The Google has been doing exactly one thing consistently for more than 15 years. To stop the Google is an interesting thought. I am not confident that fines will do the trick. After cranking out three monographs about the Google between 2004 and 2009, it is pretty clear that the Google is falling victim to flawed reproduction of its own DNA. The death of the Alphabet Google will come from within the company itself. Regulators may find themselves looking in the mirror and see Mr. McQueen, but my research suggested:

  1. The shift to mobile is putting new stresses upon the governance structure of the Google
  2. The endless photocopying of the company’s online ad DNA is producing fuzzier and fuzzier systems and methods. I ran a query and had to work to spot an objective result. Try this query yourself from your laptop and then from your mobile phone: “Manhattan lawyers.” What’s an ad?
  3. The founders, once passionate about search, are now involved in math and science club projects like solving death.
  4. Users make the Google and the users are less and less aware of options. Online services coalesce into monopolies and the process has been chugging along for more than 15 years.

I like the zing of the “Nothing can stop it.” But the Alphabet Google thing is not forever no matter what regulators and alarmists assert. The blob did not die. It was put on ice. With the situation facing the European Community, I don’t think a suitable cooling system is available at this time. A small USB fan maybe?

Stephen E Arnold, April 24, 2016

Graceful, Tasteful Essay about Gawker and Hulk Hogan

April 24, 2016

Short honk: I am certainly no expert in “real” journalism. I am not an “academic.” I just paddle around the duck pond in rural Kentucky. I like to highlight interesting writing. An essay caught my attention because it had an interesting, although confusing, title; to wit:

“The First Amendment and a Couple of Pricks.”

When I read it, I thought about “If you prick us, do we not bleed?” Wrong. the write up uses a Shakespeare-echoing in a thoroughly modern Millie way. The write up discusses the US Constitution, the US legal system, and the behaviors of two notable persons.

Quite graceful, tasteful essay. I wish I could write with this elegant blend of colloquial phrase and rich metaphor. How many middle school teachers will use this particular personal essay as an illustration of a personal opinion? Lots? Only in New York?

Stephen E Arnold, April 24, 2016

ID Agent Alerts Government Contractors to Cyber Risk

April 12, 2016

All kinds of information shows up on the Dark Web, including thousands of emails of federal contractors. A recent article from Fierce Government IT, Report: Thousands of contractor emails found on Dark Web, shares several findings from a study conducted by ID Agent, a firm promoting its Dark Web security intelligence product. The study, “Federal Supply Chain Analysis: Cyber Threats from the Dark Web” relied on historical data loss information regarding numbers of email accounts stolen to analyze contracting areas based on their cyber risk.

The write-up expands on where ID Agent sees opportunity,

“Having cyber criminals with access to these accounts is scary enough, but malicious actors operating on the Dark Web have also taken many more forms in recent years. “While stolen personal information is concerning, national and corporate espionage continues to play a major role in the activities conducted via the Dark Web,” the report noted. ID Agent is by no means a disinterested party in disclosing the risk of these email accounts, as it hopes to market its Dark Web ID product that regularly provides this sort of threat intelligence to customers. Still, the study’s findings are a wake-up call to government contractors and the agencies employing them.”

ID Agent uses a proprietary algorithm for situating the risk of various companies and organizations. While this is a new market space, they are certainly not the only game in town when it comes to security and intelligence solutions which take the Dark Web into account. This appears to be an expanding ecosystem.


Megan Feil, April 12, 2016

Sponsored by, publisher of the CyberOSINT monograph


FBI Runs Child Porn Website to Take down Child Porn Website

April 12, 2016

The article on MotherBoard titled How The FBI Located Suspected Administrator of the Dark Web’s Largest Child Porn Site provides a comprehensive overview of the events that led to the FBI being accused of “outrageous conduct” for operating a child pornography site for just under two weeks in February of 2015 in order to take down Playpen, a dark web child porn service. The article states,

“In order to locate these users in the real world, the agency took control of Playpen and operated it from February 20 to March 4 in 2015, deploying a hacking tool to identify visitorsof the site. The FBI hacked computers in the US, Greece, Chile, and likely elsewhere.

But, in identifying at least two high ranking members of Playpen, and possibly one other, the FBI relied on information provided by a foreign law enforcement agency (FLA), according to court documents.”

Since the dial-up era, child pornographers have made use of the Internet. The story of comedian Barry Crimmins exposing numerous child pornographers who were using AOL’s early chat rooms to share their pictures is a revealing look at that company’s eagerness to turn a blind eye. In spite of this capitulation, the dark web is the current haven for such activities, and the February 2015 hacking project was the largest one yet.




Chelsea Kerwin, April 12, 2016

Sponsored by, publisher of the CyberOSINT monograph

UK Cybersecurity Director Outlines Agencys Failures in Ongoing Cyberwar

April 8, 2016

The article titled GCHQ: Spy Chief Admits UK Agency Losing Cyberwar Despite £860M Funding Boost on International Business Times examines the surprisingly frank confession made by Alex Dewdney, a director at the Government Communications Headquarters (GCHQ). He stated that in spite of the £860M funneled into cybersecurity over the past five years, the UK is unequivocally losing the fight. The article details,

“To fight the growing threat from cybercriminals chancellor George Osborne recently confirmed that, in the next funding round, spending will rocket to more than £3.2bn. To highlight the scale of the problem now faced by GCHQ, Osborne claimed the agency was now actively monitoring “cyber threats from high-end adversaries” against 450 companies across the UK aerospace, defence, energy, water, finance, transport and telecoms sectors.”

The article makes it clear that search and other tools are not getting the job done. But a major part of the problem is resource allocation and petty bureaucratic behavior. The money being poured into cybersecurity is not going towards updating the “legacy” computer systems still in place within GCHQ, although those outdated systems represent major vulnerabilities. Dewdney argues that without basic steps like migrating to an improved, current software, the agency has no hope of successfully mitigating the security risks.


Chelsea Kerwin, April 8, 2016

Sponsored by, publisher of the CyberOSINT monograph


Next Page »