A Partial Look: Data Discovery Service for Anyone

July 18, 2019

F-Secure has made available a Data Discovery Portal. The idea is that a curious person (not anyone on the DarkCyber team but one of our contractors will be beavering away today) can “find out what information you have given to the tech giants over the years.” Pick a social media service — for example, Apple — and this is what you see:

fsecure

A curious person plugs in the Apple ID information and F-Secure obtains and displays the “data.” If one works through the services for which F-Secure offers this data discovery service, the curious user will have provided some interesting data to F-Secure.

Sound like a good idea? You can try it yourself at this F-Secure link.

F-Secure operates from Finland and was founded in 1988.

Do you trust the Finnish anti virus wizards with your user names and passwords to your social media accounts?

Are the data displayed by F-Secure comprehensive? Filtered? Accurate?

Stephen E Arnold, July 18, 2019

Intel: Chips Like a Brain

July 18, 2019

We noted “Intel Unveils Neuromorphic Computing System That Mimics the Human Brain.” The main idea is that Intel is a chip leader. Forget the security issues with some Intel processors. Forget the fabrication challenges. Forget the supply problem for certain Intel silicon.

Think “neuromophic computing.”

According to the marketing centric write up:

Intel said the Loihi chips can process information up to 1,000 times faster and 10,000 times more efficiently than traditional central processing units for specialized applications such as sparse coding, graph search and constraint-satisfaction problems.

Buzz, buzz, buzz. That’s the sound of marketing jargon zipping around.

How about this statement, offered without any charts, graphs, or benchmarks?

With the Loihi chip we’ve been able to demonstrate 109 times lower power consumption running a real-time deep learning benchmark compared to a graphics processing unit, and five times lower power consumption compared to specialized IoT inference hardware,” said Chris Eliasmith, co-chief executive officer of Applied Brain Research Inc., which is one of Intel’s research partners. “Even better, as we scale the network up by 50-times, Loihi maintains real-time performance results and uses only 30% more power, whereas the IoT hardware uses 500% more power and is no longer in real-time.”

Excited? What about the security, fab, and supply chain facets of getting neuromorphic disrupting other vendors eager to support the artificial intelligence revolution? Not in the Silicon Angle write up.

How quickly will an enterprise search vendor embrace “neuromorphic”? Proably more quickly than Intel can deliver seven nanometer nodes.

Stephen E Arnold, July 18, 2019

YouTube Videos with Zero Views

July 18, 2019

DarkCyber does a video news program. But DarkCyber does not watch videos. Some do. What about watching videos no one bothers to watch? Navigate to Astronaut.io. Just click and chill. Interesting content. So far, no DarkCyber researcher has spotted our programs. This service may be the future of search; that is, do nothing. Just watch.

Stephen E Arnold, July 18, 2019

Need a Machine Learning Algorithm?

July 17, 2019

r entry

The R-Bloggers.com Web site published “101 Machine Learning Algorithms for Data Science with Cheat Sheets.” The write up recycles information from DataScienceDojo, and some of the information looks familiar. But lists of algorithms are not original. They are useful. What sets this list apart is the inclusion of “cheat sheets.”

What’s a cheat sheet?

In this particular collection, a cheat sheet looks like this:

r entry example

You can see the entry for the algorithm: Bernoulli Naive Bayes with a definition. The “cheat sheet” is a link to a python example. In this case, the example is a link to an explanation on the Chris Albon blog.

What’s interesting is that the 101 algorithms are grouped under 18 categories. Of these 18, Bayes and derivative methods total five.

No big deal, but in my lectures about widely used algorithms I highlight 10, mostly because it is a nice round number. The point is that most of the analytics vendors use the same basic algorithms. Variations among products built on these algorithms are significant.

As analytics systems become more modular — that  is, like Lego blocks — it seems that the trajectory of development will be to select, preconfigure thresholds, and streamline processes in a black box.

Is this good or bad?

It depends on whether one’s black box is a dominant solution or platform?

Will users know that this almost inevitable narrowing has upsides and downsides?

Nope.

Stephen E Arnold, July 17, 2019

Is Google Aiding the Chinese Government?

July 17, 2019

DarkCyber does not know if Google is aiding the Chinese government. Axios published this story — “Peter Thiel says FBI, CIA should probe Google” — which seems to suggest that the fun loving Googlers are up to something. Here’s the segment of the write up which we circled in red:

“Number one, how many foreign intelligence agencies have infiltrated your Manhattan Project for AI?

“Number two, does Google’s senior management consider itself to have been thoroughly infiltrated by Chinese intelligence?

“Number three, is it because they consider themselves to be so thoroughly infiltrated that they have engaged in the seemingly treasonous decision to work with the Chinese military and not with the US military… because they are making the sort of bad, short-term rationalistic [decision] that if the technology doesn’t go out the front door, it gets stolen out the backdoor anyway?”

These appear to be allegations wrapped in a question bundle. Who can get upset with a few questions?

One thing is certain: Google needs big, new revenue to keep the system rolling. With costs of infrastructure skyrocketing, Google has to generate revenue or face the unpleasant task of curtailing spending. Add to the mix the Bezos bulldozer; that is, the system which gets people to pay for the Amazon plumbing as the company expands its online advertising, policeware, and services businesses. Facebook — despite its self inflicted wounds — continues to push forward. Libra, the proposed digital currency for the country of Facebook, seems more innovative than Google’s new social media meet up service.

Who can answer the Peter Thiel questions? Perhaps Palantir Gotham armed with the “right” data? Will Google trip on its shoelaces?

Stephen E Arnold, July 17, 2019

Factualities for July 17, 2019

July 17, 2019

A new feature appears in this week’s round up of remarkable numbers, statistics, and quantifiable things. This is “Craziest Number of the Week.” DarkCyber must admit that identifying just one craziest number is difficult work. But we did it.

Craziest Number of the Week:

Virtual agents will add $2 trillion in business “value.”

The number comes from a font of predictions, Gartner Group. Here’s the number for fans of zeros: 2,000,000,000,000. Yeah, virtual agents. Why ask questions like What?, How?, Method? Waste of time. It’s 12 zeros and may sell some consulting work or a new outstanding report. Source: Venture Beat

Regular Fantastical Data

-26. Percentage decline in CNN viewers in the last 12 months. Source: Summit News

1. Number of electric scooter injuries per 5,000 rides. Source: Boing Boing

3. Rank of Florida in terms of danger among the 50 US states. Source: WPTV

5. Number of automobiles emitting pollution required to equal the environmental impact of an organization’s training one “modest” machine learning model. Source: Boing Boing

50 percent. Amount of untagged (not indexed) data in the world now. Source: Information Management

50 percent. Employees who don’t follow email security protocols. Source: InfoSecurity

62 percent. Percentage of UK millennials who believe their generation will be worse off that their parents’ generation. Source: Telegraph

97. Number of virtual private networks owned by 23 companies. Source: VPN Pro

219. Number of years in prison for UCLA professor who stole missile secrets for China and got caught. Source: Newsweek

1,000. Number of Android apps which harvest user data after the user has denied permission for such harvesting. Source: CNet

3,500. Number of sex trafficking cases reported to US National Human Trafficking Resource Center in 2018. Source: Christian Journal

$500,000. Amount stolen from 7-Eleven’s secure mobile payment system. Source: The Verge

5,500,000. The number of monthly viewing hours in the US on smart TVs. “But growth is slowing.” Source: Mediapost

10,000,000. Number of fake installs of a Samsung app. Source: How to Geek

£183,000,000. Fine levied against British Airways for data breach. Source: BBC

25,000,000. Number of new Android malware installations via doppelgangers. Doppelgangers! Source: ZDNet

$32,000,000. Amount of digital currency stolen from Bitpoint in possibly one day. Source: ZDNet

$800 million. Value of meth seized by Australian police in a single drug bust. Source: Time

$38,000,000,000. Amount Jeff Bezos paid his ex wife in a divorce settlement. Source: Reuters

Keep counting.

Stephen E Arnold, July 17, 2019

Google Is a Curious Outfit: Who, How, Why, Where, Buy, and Build?

July 16, 2019

Ah, the familiar Silicon Valley question: Buy or build?

Reuters, a “real news” outfit, published “Google Accused of Ripping Off Digital Ad Technology in U.S. Lawsuit.” DarkCyber has no idea if the alleged lawsuit is valid or if Google “ripped off” a company called Impact Engine.

According to the “real news” story:

Impact Engine Inc filed the complaint in federal court in San Diego, California, alleging various Google online advertising platforms, including Google Ads and Google AdSense, infringed on six patents.

DarkCyber believes that Impact Engine is convinced that Googlers took technology developed by the smaller firm. Google’s present senior management is probably unaware of the actions of young at heart Googlers.

Based on DarkCyber’s experience interacting with large, successful corporations, Google-type outfits ask a lot of questions. But these are predictable and probably should not be answered without prior thought. Scripting answers is a reasonable way to prepare for a lunch with a predator.

Now what about the basic questions. Here are a few I have experienced:

  • Who are you?
  • Who developed the innovation?
  • Why was it developed?
  • Why is it better than existing innovations?
  • When did you develop the innovation?
  • Did you patent the innovation and receive a patent?
  • Where can this innovation be implemented?
  • How much of a revenue boost does the innovation represent?
  • How much did you spend in cash to create the innovation?
  • How long did it take to create the innovation?
  • How many people worked on the innovation in [a] its preliminary phase, [b] its testing phase, and [c] its commercialization phase?
  • What is the programming language used?
  • Does the innovation run from the cloud or on premises?
  • What are the next series of enhancements you plan to add to your innovation?
  • How long will those take?
  • How much money do you need to implement the enhancements in half your time estimate?
  • Who are your competitors?
  • What are the gotchas in your innovation?
  • Who is your nightmare competitor?
  • What do you worry about relative to this innovation when you go to bed at night?
  • If you had a magic wand, what changes would you make in the innovation as it exists at this time?
  • Would you rough out a block diagram of the major components of the innovation?
  • Would you walk us through your basic slide deck?

There are other questions, of course.

Now a company talking with a Google-type firm is likely to be darned excited to be in proximity to a deep pocket power center. Consequently the visitors are probably going to say too much, be too specific, and reveal more than the visiting team thought was possible.

Yep, well, there’s the fact that power and potential money loosens lips.

What happens when the small outfit leaves with booth leftovers in hand, a reasonable vegan lunch, and worshipful praise from the big company’s “team players”?

Let me boil down the gist of the debriefs in which I have participated:

  1. Is this innovation any good?
  2. Can we duplicate it quickly and easily? (Build?)
  3. If not, how much do you think the innovation is worth?
  4. Can we just license the innovation? (Semi-buy?)
  5. Should we forget this outfit and go to the competitors named in the meeting?
  6. Don’t we already have this functionality?
  7. Does anybody remember meeting with this company or anyone who works there before?
  8. Should we buy this outfit?

There are other considerations, of course.

In short, when big Google type outfits meet with small innovative outfits, the expectations of the small company are likely to be different from those at the big company.

Therefore, the legal dust up. Worth monitoring this particular action. But the matter of patents, prior art, and the patents which the big company may have tucked in their cloud storage device are likely to have some bearing on the matter.

One thing is certain: The lawyers involved will get paid a lot of money. And the money people? Sure. Money people.

Stephen E Arnold, July 16, 2019

Palantir Technologies: Soldiering Forward

July 16, 2019

On the positive side, Palantir Technologies landed a $144 million blanket purchase agreement from the US Navy. Presumably, Palantir will provide its government-centric investigation and intelligence analysis system and engineering services. According to GovConWire:

The fixed-price BPA [blanket purchase agreement] has a one-year base term valued at $27.6M and four option years that could run through July 11, 2024.

IBM, Oracle, and other traditional intelware vendors are unlikely to be thrilled with the award.

On the negative side, Liberation, an online information service, reported that protests were held in Palo Alto. The group wants Palantir to be shut down. This is a dramatic statement, and it is not going to stop Palantir from licensing its technology to government agencies.

So, good news and bad news for Palantir. DarkCyber believes the company will focus on staying open and closing deals. Competitive systems are proliferating, and some of the newer systems are easier to use and eliminate some of the fussiness associated with the ageing Gotham system.

Stephen E Arnold, July 16, 2019

DarkCyber for July 16, 2019, Now Available

July 16, 2019

This week’s program is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/348009146. The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web, cybercrime, and lesser known Internet services.

This week’s story line up includes: An Australian teen with 20,000 LSD doses; a money laundering operation run within a Florida prison; a how to guide for credit card fraudsters; Facebook’s digital currency triggers domain name land rush; and Interpol smashes a global child sex crime operation.

This week’s lead story talks about Facebook’s digital currency. Regulators in the US have expressed some reservations about what could be considered a sovereign currency. Facebook’s effort to unify its messaging applications and integrate encryption into the service poses one additional hurdle for investigators. The proposed digital currency called Libra may enable seamless, friction free financial transactions within the encrypted Facebook system. Bad actors are likely to test the system to find ways to use Facebook for illegal activities. Messaging apps can provide access to digital content like pirated videos, child pornography, commercial software with its security compromised, and similar digital contraband.

Other stories in the July 16, 2019, program are:

First, an Australian teenager used the Dark Web to purchase LSD, a controlled substance. The Australian Joint Agency Strike Team monitored the teenager’s activity which included setting up a mail drop in the central business district of Adelaide. When police moved in, they seized 20,000 doses or “tabs” of LSD. The contraband had an estimated street value of US$200,000. The legal representative of the alleged drug dealer pointed out that the young man had good family support. The teen also had knowledge of the Dark Web, a mail drop, and the 20,000 LSD tabs.

Second, Terbium Labs issued a new report which provides information about credit card fraud. For security professionals, the report is a concise review of key factors. To an individual looking for a primer explaining credit card fraud or “carding” the Terbium report is an interesting resource. Terbium points out that lesson plans for would be credit card fraudsters are available on the Dark Web. Most of the instructional material and guides cost between $4 and $13. Similar information can be located using Regular Web search engines. DarkCyber reveals that Yandex.com offers both current credit card fraud instruction guides as well as direct links to explanatory videos. This type of information may pose a dilemma for public search engines. For an individual seeking information about how to perform financial fraud, the abundance of available information is remarkable for its scope and its ready availability.

Third, convicted criminals in Pasco Country, Florida, operated a money laundering scheme from their cells. The angle was to obtain stolen credit cards from a Dark Web marketplace and transfer money from the credit card to a prisoner’s personal commissary account. Many US prisons allow inmates to purchase snacks and approved items from this prison store. Once the money was in a prisoner’s account, the ringleader then submitted a request for the prison to transfer the money to the account of an individual who was not in prison. Investigators identified the prisoners involved in the scheme, arrested one person who acted as an accomplice, and identified seven other individuals involved the the operation. A total of $8,000 was stolen in 40 separate transactions.

Finally, DarkCyber reports that Interpol’s Blackwrist investigated a global child sex crime operation. Dozens of individuals were arrested. One pedophile has been sentenced to more than 100 years in a Thailand prison. Others snared in the sweep are allegedly individuals who have abused children, some as young as 15 months. Blackwrist continues its investigations and more arrests are expected.

Kenny Toth, July 16, 2019

A Reminder about Deleting Data

July 15, 2019

If you believe data are deleted, you may want to take a deep breath and read “Good Luck Deleting Someone’s Private Info from a Trained Neural Network – It’s Likely to Bork the Whole Thing. Researchers Show Limited Success in Getting Rid of Data.”

With a title like this, there’s not much left to say. We did note this one, cautious quote:

Zou [a whiz researcher] said it isn’t entirely impossible, however. “We don’t have tools just yet but we are hoping to develop these deletion tools in the next few months.”

Will there be such tools? I have been stumbling along with databases since the 1960s, and deletes which delete are still not available.

Just a reminder that what one believes is not what happens within data management systems.

Stephen E Arnold, July 15, 2019

Next Page »

  • Archives

  • Recent Posts

  • Meta