Large Dictators. Name the Largest
June 6, 2024
This essay is the work of a dinobaby. Unlike some folks, no smart software improved my native ineptness.
I read “Social Media Bosses Are the Largest Dictators, Says Nobel Peace Prize Winner.” I immediately thought of “fat” dictators; for example, Benito Mussolini, but I may have him mixed up with Charles Laughton in “Mutiny on the Bounty.”
A mother is trying to implement the “keep your kids off social media” recommendation. Thanks, MSFT Copilot. Good enough.
I think the idea intended is something along the lines of “unregulated companies and their CEOs have more money and power than some countries. These CEOs act like dictators on a par with Julius Caesar. Brutus and friends took out Julius, but the heads of technopolies are indifferent to laws, social norms, and the limp limbs of ethical behavior.”
That’s a lot of words. Ergo: Largest dictators is close enough for horseshoes. It is 2024, and no one wants old-fashioned ideas like appropriate business activities to get in the way of making money and selling online advertising.
The write up shares the quaint ideas of a Noble Peace Prize winner. Here are the main points about social media and technology by someone who is interested in peace:
- Tech bros are dictators with considerable power over information and ideas
- Tech bros manipulate culture, language, and behavior
- The companies these dictators runs “change the way we feel” and “change the way we see the world and change the way we act”
I found this statement from the article suggestive:
“In the Philippines, it was rich versus poor. In the United States, it’s race,” she said. “Black Lives Matter … was bombarded on both sides by Russian propaganda. And the goal was not to make people believe one thing. The goal was to burst this wide open to create chaos.” The way tech companies are “inciting polarization, inciting fear and anger and hatred” changes us “at a personal level, a societal level”, she said.
What’s the fix? A speech? Two actions are needed:
- Dump the protection afforded the dictators by the 1996 Communications Decency Act
- Prevent children from using social media.
Now it is time for a reality check. Changing the Communications Decency Act will take some time. Some advocates have been chasing this legal Loch Ness monster for years. The US system is sensitive to “laws” and lobbyists. Change is slow and regulations are often drafted by lobbyists. Therefore, don’t hold your breath on revising the CDA by the end of the week.
Second, go to a family-oriented restaurant in the US. How many of the children have mobile phones? Now, be a change expert, and try to get the kids at a nearby table to give you their mobile devices. Let me know how that works out, please.
Net net: The Peace Prize winner’s ideas are interesting. That’s about it. And the fat dictators? Keto diets and chemicals do the trick.
Stephen E Arnold, June 6, 2024
Guarantees? Sure … Just Like Unlimited Data Plans
May 30, 2024
This essay is the work of a dinobaby. Unlike some folks, no smart software improved my native ineptness.
I loved this story: “T-Mobile’s Rate Hike Raises Ire over Price Lock Guarantees.” The idea that something is guaranteed today is a hoot. Remember “unlimited data plans”? I think some legal process determined that unlimited did not mean without limits. This is not just wordsmithing; it is probably a behavior which, if attempted in certain areas of Sicily, would result in something quite painful. Maybe a beating, a knife in the ribs, or something more colorful? But today, are you kidding me?
The soon-to-be-replaced-by-a-chatbot AI entity is reassuring a customer about a refund. Is the check in the mail? Will the sales professional take the person with whom he is talking to lunch? Absolutely. This is America, a trust outfit for sure. Thanks, MSFT Copilot. Working on security today?
The write up points out:
…in T-Mobile’s case, customers are seething because T-Mobile is raising prices on plans that were offered with “guarantees” they wouldn’t go up, such as T-Mobile One plans.
Unusual? No, visit a big time grocery store. Select 10 items at random. Do the prices match what was displayed on the shelves? Let me know. Our local outfit is batting 10 percent incorrect pricing per 10 items. Does the manager care? Sure, but does the pricing change or the database errors get adjusted. Ho ho ho.
The article reported:
“Clearly this is bad optics for T-Mobile since it won many people over as the ‘non-corporate’ un-carrier,” he [Eric Michelson, a social and digital media strategist] said.
Imagine a telecommunications company raising prices and refusing to provide specific information about which customers get the opportunity to pay more for service.
Several observations:
- Promises mean zero. Ask people trying to get reimbursed for medical expenses or for post-tornado house repairs
- Clever is more important that behaving in an ethical and responsible manner. Didn’t Google write a check to the US government to make annoying legal matters go away?
- The language warped by marketers and shape shifted by attorneys makes understanding exactly what’s afoot difficult. How about the wording in an omnibus bill crafted by lobbyists and US elected officials’ minions? Definitely crystal clear to some. To others, well, not too clear.
Net net: What’s up with the US government agencies charged with managing corporate behavior and protecting the rights of citizens? Answer: These folks are in meetings, on Zoom calls, or working from home. Please, leave a message.
Stephen E Arnold, May 30, 2024
Telegram: No Longer Just Mailing It In
May 29, 2024
This essay is the work of a dinobaby. Unlike some folks, no smart software improved my native ineptness.
Allegedly about 900 million people “use” Telegram. More are going to learn about the platform as the company comes under more European Union scrutiny, kicks the tires for next-generation obfuscation technology, and become a best friend of Microsoft… for now. “Telegram Gets an In-App Copilot Bot” reports:
Microsoft has added an official Copilot bot within the messaging app Telegram, which lets users search, ask questions, and converse with the AI chatbot. Copilot for Telegram is currently in beta but is free for Telegram users on mobile or desktop. People can chat with Copilot for Telegram like a regular conversation on the messaging app. Copilot for Telegram is an official Microsoft bot (make sure it’s the one with the checkmark and the username @CopilotOfficialBot).
You can “try it now.” Just navigate to Microsoft “Copilot for Telegram.” At this location, you can:
Meet your new everyday AI companion: Copilot, powered by GPT, now on Telegram. Engage in seamless conversations, access information, and enjoy a smarter chat experience, all within Telegram.
A dinobaby lecturer explains the Telegram APIs and its bot function for automating certain operations within the Telegram platform. Some in the class are looking at TikTok, scrolling Instagram, or reading about a breakthrough in counting large numbers of objects using a unique numerical recipe. But Telegram? WhatsApp and Signal are where the action is, right? Thanks, MSFT Copilot. You are into security and now Telegram. Keep your focus, please.
Next week, I will deliver a talk about Telegram and some related information about obfuscated messaging at the TechnoSecurity & Digital Forensics Conference. I no longer do too many lectures because I am an 80 year old dinobaby, and I hate flying and standing around talking to people 50 years younger than I. However, my team’s research into end-to-end encrypted messaging yielded some interesting findings. At the 2024 US National Cyber Crime Conference about 260 investigators listened to my 75 minute talk, and a number of them said, “We did not know that.” I will also do a Telegram-centric lecture at another US government event in September. But in this short post, I want to cover what the “deal” with Microsoft suggests.
Let’s get to it.
Telegram operates out of Dubai. The distributed team of engineers has been adding features and functions to what began as a messaging app in Russia. The “legend” of Telegram is an interesting story, but I remain skeptical about the company, its links with a certain country, and the direction in which the firm is headed. If you are not familiar with the service, it has morphed into a platform with numerous interesting capabilities. For some actors, Telegram can and has replaced the Dark Web with Telegram’s services. Note: Messages on Telegram are not encrypted by default as they are on some other E2EE messaging applications. Examples include contraband, “personal” services, and streaming video to thousands of people. Some Telegram users pay to get “special” programs. (Please, use your imagination.)
Why is Telegram undergoing this shift from humble messaging app to a platform? Our research suggests that there are three reasons. I want to point out that Pavel Durov does not have a public profile on the scale of a luminary like Elon Musk or Sam AI-Man, but he is out an about. He conducted an “exclusive” and possibly red-herring discussion with Tucker Carlson in April 2024. After the interview, Mr. Pavlov took direct action to block certain message flows from Ukraine into Russia. That may be one reason: Telegram is actively steering information about Ukraine’s view of Mr. Putin’s special operation. Yep, freedom.
Are there others? Let me highlight three:
- Mr. Pavlov and his brother who allegedly is like a person with two PhDs see an opportunity to make money. The Pavlovs, however, are not hurting for cash.
- American messaging apps have been fat and lazy. Mr. Pavlov is an innovator, and he wants to make darned sure that he rungs rings around Signal, WhatsApp, and a number of other outfits. Ego? My team thinks that is part of Mr. Pavlov’s motivation.
- Telegram is expanding because it may not be an independent, free-wheeling outfit. Several on my team think that Mr. Pavlov answers to a higher authority. Is that authority aligned with the US? Probably not.
Now the Microsoft deal?
Several questions may get you synapses in gear:
- Where are the data flowing through Telegram located / stored geographically? The service can regenerate some useful information for a user with a new device.
- Why tout freedom and free speech in April 2024 and several weeks later apply restrictions on data flow? Does this suggest a capability to monitor by user, by content type, and by other metadata?
- Why is Telegram exploring additional network enhancements? My team thinks that Mr. Pavlov has some innovations in obfuscation planned. If the company does implement certain technologies freely disclosed in US patents, what will that mean for analysts and investigators?
- Why a tie up with Microsoft? Whose idea was this? Who benefits from the metadata? What happens if Telegram has some clever ideas about smart software and the Telegram bot function?
Net net: Not too many people in Europe’s regulatory entities have paid much attention to Telegram. The entities of interest have been bigger fish. Now Telegram is growing faster than a Chernobyl boar stuffed on radioactive mushrooms. The EU is recalibrating for Telegram at this time. In the US, the “I did not know” reaction provides some insight into general knowledge about Telegram’s more interesting functions. Think pay-to-view streaming video about certain controversial subjects. Free storage and data transfer is provided by Telegram, a company which does not embrace the Netflix approach to entertainment. Telegram is, as I explain in my lectures, interesting, very interesting.
Stephen E Arnold, May 29, 2024
An Interesting Prediction about Mobile Phones
April 15, 2024
This essay is the work of a dumb dinobaby. No smart software required.
I have hated telephone calls for decades: Intrusive, phone tag baloney, crappy voice mail systems, and wacko dialing codes when in a country in which taxis are donkeys. No thanks. But the mobile phone revolution is here. Sure, I have a mobile phone. Plus, I have a Chinese job just to monitor data flows. And I have an iPhone which I cart around to LE trade shows to see if a vendor can reveal the bogus data we put on the device.
What’s the future? An implant? Yeah, that sounds like a Singularity thing or a big ear ring, a wire, and a battery pack which can power a pacemaker, an artificial kidney, and an AI processing unit. What about a device that is smart and replaces the metal candy bar, which has not manifested innovations in the last five or six years? I don’t care about a phone which is capable of producing TikToks.
The future of the phone has been revealed in the online publication Phone Arena. “AI Will Kill the Smartphone As We Know It. Here’s Why!” explains:
I know the idea may sound very radical at first glance, but if we look with a cold, objective eye at where the world is going with the software as a service model, it suddenly starts to sound less radical.
The idea is that the candy bar device will become a key fob, a decorative pin (maybe a big decorative pin), a medallion on a thick gold chain (rizz, right?), or maybe a shrinkflation candy bar?
My own sense of the future is skewed because I am a dinobaby. I have a cheapo credit card which is a semi-reliable touch-and-tap gizmo. Why not use a credit card form factor with a small screen (obviously unreadable by a dinobaby but designers don’t care about dinobabies in my experience). With ambient functionality, the card “just connects” and one can air talk and read answers on the unreadable screen. Alternatively, one’s wireless ear buds can handle audio duties.
Net net: The AI function is interesting. However, other technical functions will have to become available. Until then, keep upgrading those mobile phones. No, I won’t answer. No, I won’t click on texts from numbers I don’t have on a white list. No, I won’t read social media baloney. That’s a lot of no’s, isn’t it? Too bad. When you are a dinobaby, you will understand.
Stephen E Arnold, April 15, 2024
Ottawa Law Enforcement and Reasonable Time for Mobile Phone Access
February 5, 2024
This essay is the work of a dumb dinobaby. No smart software required.
The challenge of mobile phones is that it takes time to access the data if a password is not available to law enforcement. As more mobiles are obtained from alleged bad actors, the more time is required. The backlog can be onerous because many law enforcement agencies have a limited number of cyber investigators and a specific number of forensic software licenses or specialized machines necessary to extract data from a mobile device.
Time is not on their side. The Ottawa Citizen reports, “Police Must Return Phones After 175 Million Passcode Guesses, Judge Says.” It is not actually about the number of guesses, but about how long investigators can retain suspects’ property. After several months trying to crack the passwords on one suspect’s phone, Ottawa police asked Ontario Superior Court Justice Ian Carter to allow them to retain the device for another two years. But even that was a long shot. Writer Andrew Duffy tells us:
“Ontario Superior Court Justice Ian Carter heard that police investigators tried about 175 million passcodes in an effort to break into the phones during the past year. The problem, the judge was told, is that more than 44 nonillion potential passcodes exist for each phone. To be more precise, the judge said, there are 44,012,666,865,176,569,775,543,212,890,625 potential alpha-numeric passcodes for each phone. It means, Carter said, that even though 175 million passcodes were attempted, those efforts represented ‘an infinitesimal number’ of potential answers.”
The article describes the brute-force dictionary attacks police had used so far and defines the term leetspeak for curious readers. Though investigators recently added the password-generating tool Mentalist to their arsenal, the judge determined their chances of breaking into the phone were too slim. We learn:
“In his ruling, Carter said the court had to balance the property rights of an individual against the state’s legitimate interest in preserving evidence in an investigation. The phones, he said, have no evidentiary value unless the police succeed in finding the right passcodes. ‘While it is certainly possible that they may find the needle in the next two years, the odds are so incredibly low as to be virtually non-existent,’ the judge wrote. ‘A detention order for a further six months, two years, or even a decade will not alter the calculus in any meaningful way.’ He denied the Crown’s application to retain the phones and ordered them returned or destroyed.”
The judge suggested investigators instead formally request more data from Google, which supplied the information that led to the warrants in the first place. Good idea, but techno feudal outfits are often not set up to handle a large number of often-complex requests. The result is that law enforcement is expected to perform certain tasks while administrative procedures and business processes slam on the brakes. One would hope that information about the reality of accessing mobile devices were better understood and supported.
Cynthia Murrell, February 5, 2024
It Is Here: The AI Generation
February 2, 2024
This essay is the work of a dumb dinobaby. No smart software required.
Yes, another digital generation has arrived. The last two or three have been stunning, particularly when compared to my childhood in central Illinois. We played hide and seek; now the youthful create fake Taylor Swift videos. Ah, progress.
I read “Qustodio Releases 5th Annual Report Studying Children’s Digital Habits, Born Connected: The Rise of the AI Generation.” I have zero clue if the data are actual factual. With the recent information about factual creativity at the Harvard medical brain trust, nothing will surprise me. Nevertheless, let me highlight several factoids and then, of course, offer some unwanted Beyond Search comments. Hey, it is a free blog, and I have some friskiness in my dinobaby step.
Memories. Thanks, MSFT Copilot Bing thing. Not even close to what I specified.
The sample involved “400,000 families and schools.” I don’t remember too much about my Statistics 101 course 60 years ago, but the sample size seems — interesting. Here’s what Qustodio found:
YouTube is number one for streaming, kiddies spent 60 percent more time on TikTok
How much time goes to couch potato-ing? Here’s the answer:
TikTok continued to captivate with children spending a global average of 112 minutes daily on the app – up from 107 in 2022. UK kids were particularly fond of the bottomless scroll as they racked up 127 mins/day.
Why read, play outdoors, or fiddle with a chemistry set? Just kick back and check out ASMR, being thin, and dance move videos. Sounds tasty, doesn’t it?
And what is the most popular kiddie app? Here’s the answer:
Snapchat.
If you want to buy the full report, click this link.
Several observations:
- The smart software angle may be in the full report, but the summary skirts the issue, recycling the same grim numbers: More video, less of other activities like being a child
- Will this “generation” of people be able to differentiate reality from fake anything? My hunch is that the belief that these young folks have super tuned baloney radar may be — baloney.
- A sample of 400,000? Yeah.
Net net: I am glad to be an old dinobaby. Really, really happy.
Stephen E Arnold, February 2, 2024
Apple, Now Number One, But Maybe Not in Mobile Security?
January 26, 2024
This essay is the work of a dumb dinobaby. No smart software required.
MIT Professor Stuart E. Madnick allegedly discovered that iPhone data breaches tripled between 2013-2022. Venture Beat explains more in the article “Why Attackers Love To Target Misconfigured Clouds And Phones.”
Hackers use every method to benefit from misconfiguration, but ransomware is their favorite technique. Madnick discovered a near 50% increase in ransomware attacks in organizations in the first six months of 2023 compared to 2022. After finding the breach, hackers then attack organizations’ mobile phone fleets. They freeze all communications until the ransom is paid.
Bad actors want to find the easiest ways into clouds. Unfortunately organizations are unaware that attacks happen when they don’t monitor their networks:
Merritt Baer, Field CISO at Lacework, says that bad actors look first for an easy front door to access misconfigured clouds, the identities and access to entire fleets of mobile devices. “Novel exploits (zero-days) or even new uses of existing exploits are expensive to research and discover. Why burn an expensive zero-day when you don’t need to? Most bad actors can find a way in through the “front door”– that is, using legitimate credentials (in unauthorized ways).”
Baer added, ‘This avenue works because most permissions are overprovisioned (they aren’t pruned down/least privileged as much as they could be), and because with legitimate credentials, it’s hard to tell which calls are authorized/ done by a real user versus malicious/ done by a bad actor.’”
Almost 99% of cloud security breaches are due to incorrectly set manual controls. Also nearly 50% of organizations unintentionally exposed storage, APIs, network scents, and applications. These breaches cost an average of $4 million to solve.
Organizations need to rely on more than encryption to protect their infrastructures. Most attacks occur because bad actors use authenticate credentials. Unified endpoint management, passwordless multi-factor authentication, and mobile device management housed on a single platform is the best defense.
How about these possibly true revelations about Apple?
Whitney Grace, January 26, 2024
The NSO Group Back in the News: Is That a Good Thing?
January 24, 2024
This essay is the work of a dumb dinobaby. No smart software required.
Some outfits struggle to get PR, not the NSO Group. The situation is no “dream.” I spotted this write up in 9 to 5 Mac: “Apple Wins Early Battle against NSO after Suing Spyware Mercenaries for Attacking iPhone Users.” For me, the main point of the article is:
Judge Donato ruled that NSO Group’s request for dismissal in the US in favor of a trial in Israel didn’t meet the bar. Instead, Judge Donato suggested that Apple would face the same challenges in Israel that NSO faces in the US.
A senior manager who is an attorney skilled in government processes looks at the desk in his new office. Wow, that looks untidy. Thanks, MSFT Copilot Bing thing. How’s that email security issue coming along? Ah, good enough, you say?
I think this means that the legal spat will be fought in the US of A. Here’s the sentence quoted by 9 to 5 Mac which allegedly appeared in a court document:
NSO has not demonstrated otherwise. NSO also overlooks the fact that the challenges will be amenable to a number of mitigating practices.
The write up includes this passage:
An Apple spokesperson tells 9to5Mac that the company will continue to protect users against 21st century mercenaries like the NSO Group. Litigation against the Pegasus spyware maker is part of a larger effort to protect users…
From my point of view, the techno feudal outfit has surfed on the PR magnetism of the NSO Group. Furthermore, the management team at NSO Group faces what seems to be a bit of a legal hassle. Some may believe that the often ineffective Israeli cyber security technology which failed to signal, thwart, or disrupt the October 2023 dust up requires more intense scrutiny. NSO Group, therefore, is in the spotlight.
More interesting from my vantage point is the question, “How can NSO Group’s lawyering-savvy senior management not demonstrate its case in such a way to, in effect, kill some of the PR magnetism. Take it from me. This is not a “dream” assignment for NSO Group’s legal eagles. I would also be remiss if I did not mention that Apple has quite a bit of spare cash with which to feather the nest of legal eagles. Apple wants to be perceived as the user’s privacy advocate and BFF. When it comes to spending money and rounding up those who love their Apple devices, the estimable Cupertino outfit may be a bit of a challenge, even to attorneys with NSA and DHS experience.
As someone said about publicity, any publicity is good publicity. I am not sure the categorical affirmative is shared by everyone involved with NSO Group. And where is Hulio? He’s down by the school yard. He doesn’t know where he’s going, but Hulio is going the other way. (A tip of the hat to Paul Simon and his 1972 hit.)
Stephen E Arnold, January 24, 2024
An Astounding Finding! Who Knew This about Mobile Phone Usage by Kids?
January 22, 2024
This essay is the work of a dumb dinobaby. No smart software required.
Let me answer the question, please. Every parent with a clue.
Why is anyone surprised that yet another round of research demonstrates that too much screen time is bad for kids? ABC News shares the not-so-resounding discovery in: “Screen Time For Kids Under 2 Linked To Sensory Differences In Toddlerhood: Study.” Kids under the age of two exhibit sensory differences when they are exposed to a lot of screen time.
JAMA Pediatrics published a study from Drexel University that analyzed 1500 surveys from parents and caregivers. The surveys asked about kids’ sensory preferences, including questions about preference or avoidance to textures, noises, and lights. The survey only focused on television and not mobile devices because the data was gathered before 2014. The survey results showed that kids who watched TV at 12 months were twice as a likely to develop “atypical sensory processing” by the time they were 3 years old. The more kids were exposed to the boob tube after 1.5 years had a 20% greater chance of having sensory processing differences.
Drexel University’s study augments previous research that found more screen time impacted how kids communicated and felt. Screen time exposure in young kids is linked to developmental delays in problem-solving, critical thinking, and other communication. Sensory processing disordered are linked to other mental aliments, such as autism spectrum disorder, attention deficit disorder, attention deficit hyperactivity disorder, and obsessive compulsive disorder. The study didn’t examine if the kids were diagnosed with these issues.
Johns Hopkins pediatrician and neonatal hospitalist Dr. Jade Cobern encourages parents and caregivers to be mindful of screen time. She notes it is impossible to avoid screens in modern society:
“Cobern also recommends tailoring approaches to the specific family and patient, and collaboratively brainstorming accessible ways to decrease non-interactive screen time and increase healthy developmental activities, such as reading, playing with objects, and socializing with other children, even if those activities might entail screens. “ ‘Everyone has to be realistic when we’re talking about how parents can support their children’s development,’ Cobern said, adding of research like the Drexel study, ‘It’s not to shame screentime exposure because the reality is we live in a world where screens are part of our daily lives.’
She continued,
‘It really is inevitable that most kids will see some screen time even early in life, but it is something I encourage families to be mindful of.’”
Why not pick up a picture book and read to the kid? Or play a game with the kid? Or take the kid outside? Or play an interactive screen game with the kid? It’s hard to find the time but other generations did it.
Whitney Grace, January 22, 2024
No Digital Map and Doomed to Wander Clueless
January 4, 2024
This essay is the work of a dumb dinobaby. No smart software required.
I am not sure if my memory is correct. I believe that some people have found themselves in a pickle when the world’s largest online advertising outfit produces “free” maps. The idea is that cost cutting, indifferent Googlers, and high school science club management methods cause a “free” map to provide information which may not match reality. I do recall on the way to the home of the fellow responsible for WordStar (a word processing program), an online search system, and other gems from the early days of personal computers. Google Maps suggested I drive off the highway, a cliff, and into the San Francisco Bay. I did not follow the directions from the “do no evil” outfit. I drove down the road, spotted a human, and asked for directions. But some people do not follow my method.
No digital maps. No clue. Thanks, MSFT Copilot Bing thing.
“Quairading Shire Erects Signs Telling Travelers to Ignore GPS Maps Including Google” includes a great photo of what appears to be a large sign. The sign says:
Your GPS Is Wrong. This is Not the Best Route to Perth. Turn Around and Travel via the Quairading-York Road.
That’s clear and good advice. As I recall, I learned on one of my visits to Australia that most insects, reptiles, mammals, and fish can kill. Even the red kangaroo can become a problem, which is — I assume — that some in Australia gun them down. Stay on the highway and in your car. That’s my learning from my first visit.
The write up says:
The issue has frustrated the Quairading shire for the past eight years.
Hey, the Google folks are busy. There are law suits, the Red Alert thing, and the need to find a team which is going nowhere fast like the dual Alphabet online map services, Maps and Waze.
Net net: Buy a printed book of road maps and ask for directions. The problem is that those under the age of 25 may not be able to read or do what’s called orienteering. The French Foreign Legion runs a thorough program, and it is available for those who have not committed murder, can pass a physical test, and enjoy meeting people from other countries. Oh, legionnaires do not need a mobile phone to find their way to a target or the local pizza joint.
Stephen E Arnold, January 2024
-
- Subscribe to Beyond Search
Feature archive
News archive
-
