ZincSearch: An Alternative to Elasticsearch
December 16, 2022
Recently launched ZincSearch is an Elasticsearch alternative worth looking into, despite the fact that several features are not yet fully formed. The nascent enterprise search engine promises lower complexity and lower costs. The About Us page describes its edge search and an experimental stateless server that can be scaled horizontally. The home page emphasizes:
“ZincSearch is built for Full Text Search: ZincSearch is a search engine that can be used for any kind of text data. It can be used for logs, metrics, events, and more. It allows you to do full text search among other things. e.g. Send server logs to ZincSearch for them or you can push your application data and provide full text search or you can build a search bar in your application using ZincSearch.
- Easy to Setup & Operate: ZincSearch provides the easiest way to get started with log capture, search and analysis. It has simple APIs to interact and integrates with leading log forwarders allowing you to get operational in minutes.
- Low resource requirements: It uses far less CPU and RAM compared to alternatives allowing for lower cost to run. Developers can even run it on their laptops without ever noticing its resource utilization. …
- Schemaless Indexes: No need to work hard to define schema ahead of time. ZincSearch automatically discovers schema so you can focus on search and analysis.
- Aggregations: Do faceted search and analyze your data.”
ZincSearch would not attract many conversions if it made migration difficult, so of course it is compatible with the Elasticsearch API. To a point, anyway—the application is still working on an Elasticsearch-compatible query API. ZincSearch can store data in S3 and MinIO, though that capacity is currently in an experimental phase. Sounds promising; we look forward to seeing how ZincSearch looks a year or so from now.
A blog post by ZincSearch creator Prabhat Sharma not only discusses his reasons for making his solution but also gives a useful summary of enterprise search in general. The startup is based in San Francisco.
Cynthia Murrell, December 16, 2022
Apple, the Privacy and Security Outfit, Has a New Spin for Pix
December 16, 2022
In an alarmingly hilarious situation, iCloud users are seeing photos of strangers on their devices. What sounds like a hacker’s gaff, actually proves to be a security risk. XDA Developers investigates what is going on with iCloud in, “iCloud For Windows Users Are Reportedly Seeing Random Family Photos From Strangers.”
People buy Apple products for its better security and privacy settings than PC devices. While Apple has an iCloud app for PC users, the app is not working as well as its fellow Apple products:
“Based on the reports, the corrupted files seemingly revolve around videos shot on iPhone 13 Pro and iPhone 14 Pro models. The footage in some cases is showing a black screen with scan lines. Though, what’s more worrisome is the random content that is showing up for some users. While it’s not confirmed yet, these photos of families, children, and other private moments could potentially belong to other people’s iCloud libraries. If this is the case, then Apple could get in some serious trouble. Unfortunately, deleting the iCloud for Windows app seemingly doesn’t solve this, as the issues are being reflected on the server.”
No one is certain what is causing the bug, but Apple needs to get on the problem. Apple will probably blame the issue on PCs being inept devices and the compatibility between Macs and PCs could be the reason. Apple is not infallible and here is a lesson in humility.
Whitney Grace, December 16, 2022
Fried Dorsey: Soggy, Not Crispy
December 15, 2022
I noted an odd shift in Big Tech acceptance of responsibility. For now, I will call this the Fried Dorsey Anomaly.
First, CNBC reported about a letter the MIT graduate and top dog at FTX wrote to employees. The article has the snappy title “Here’s the Apology Letter Sam Bankman-Fried Sent to FTX Employees: When Sh—y Things Happen to Us, We All Tend to Make Irrational Decisions. The logic in this victim argument and the use of a categorical affirmative are probably interesting to someone who loved Psychology 101. Here’s the sentence which caught my eye:
“I lost track of the most important things in the commotion of company growth. I care deeply about you all, and you were my family, and I’m sorry…”
This is the “Fried” side of making or not making certain decisions. Then there’s the apology.
Now let’s shift to the Dorsey facet of the anomaly. The estimable Wall Street Journal published “Dorsey Calls Twitter Controls Too Great.” The write up appeared in the December 15, 2022, dead tree version of the Murdoch output. The online, paywalled article is at this link. Here’s the statement I noted:
If you want to blame, direct it at me and my actions.
These quotes are somewhat different from the “Senator, thank you for the question” and “We will improve…” statements from what we can think of as the pre-Covid era of Big Tech.
Now we have individuals accepting blame and demonstrating a soupçon of remorse, regret, or some related mental posture.
Thus, the post-Covid era of Big Tech is now into mea culpa suggestions and acceptance of blame.
Will the Fried Dorsey Anomaly persist? Will the tactic work as the penitents’ anticipate. Wow, I am convinced already.
Stephen E Arnold, December 15, 2022
Juicy Consulting War Stories
December 15, 2022
I have a copy of the collection of war stories which make the what and how of blue chip consulting pretty easy to understand. Of course, if you have been RIFed, reorganized to a suburban office park in Alberta, or found yourself wishing you had paid attention in MBA classes—you don’t need to read the book When McKinsey Comes to Town: The Hidden Influence of the World’s Most Powerful Consulting Firm.
Let me suggest a gloss. Navigate to “In Clover,” an essay by a persona who assert he/she/them worked at Anderson, later Accenture. You remember the accounting outfit that signed off on the Enron confections. Yeah, that outfit.
The essay contains what I would call baby war stories. Some big blue chip consulting firm names are dropped, not just McKinsey. There is a hint of wild and wooly consulting behavior even a bit of regret. I may be imagining that, but my radar bleeped when I read:
The Andersen Consulting new hires were shipped to a programming boot camp in St Charles, a suburb of Chicago. None of us had cars, so the three weeks there were spent entirely on campus, working overtime, getting blind drunk and secretly snogging one another in the stairwells.
Classy.
But the most interesting passage in the In Clover essay in my opinion is this one:
Thanks to the hegemonic model McKinsey and other management consultants invented, these firms not only make and remake businesses and government in the image of their laissez-faire fantasies, but see homo economicus as the last word in modern selfhood.
Yep. I loved working at Booz, Allen & Hamilton. Hire a blue chip consulting firm and we will try to sell an analysis of your unit to the Board of Directors. Billing is not the spice of life; it is life. Snogging? Not so much.
Stephen E Arnold, December 15, 2022
Hello, Lawmakers in Greece. Have You Heard about Open Source Software?
December 15, 2022
I read a story from an outfit which makes quoting one of the stories risky business. The write up in question is “As Wiretap Claims Rattle Government, Greece Bans Spyware.” The article presents as real news — allegedly the old fashioned kind when newspapers were arbiters of truth via stringers — that Greece outlaws what it calls commercial spyware. For a number of years, I have used the term “intelware” to describe the specialized services and software provided to government agencies by commercial enterprises and open source developers.
The article does the normal handwaving associated with products and services which have been available since the mid 19th century. Those early systems chugged along within products from Bell, Systems Development Corporation, and others. I have found the bland names fascinating. Systems Development Corporation? What could be better? If you read Jill Lepore’s techno-noir history, you will know more than you ever wanted to know about Simulmatics. There’s a descriptive company name for you, right?
What happens when a government bans specialized services and software? Some interesting things; for example, it may be tough to know when warships from a friendly country are converging on a critical island. What if a country on Greece’s border gets frisky with its Soviet era tanks and artillery? The answer is, “License those specialized software and systems. Now!”
In terms of the ban on commercial intelware, what’s Greece going to do with the open source version of Maltego or one of dozens of other tools which can ingest digital content and output useful facts. What happens when one of those open source intelware tools requires an extension of functions?
The answer is to hire a consulting firm, hopefully not one affiliated with a certain jewelry store in Athens, to create bespoke code. Once that’s done, won’t government entities use these tools to protect citizen and monitor potential threats?
The answer is, “You bet your life.” The secret word is “politicians.” I am not sure of Greek’s elected officials or the people reporting on the world of intelware understand the difference between handwaving and getting a particular job done.
And the story. Oh, objective and an example of publicizing the considered viewpoints of elected officials.
Stephen E Arnold, December 15, 2022
Using Microsoft? Lucky You in 2023
December 14, 2022
Several days ago, I had a meeting with an executive representing a financial services firm. In the course of confirming the meeting, the person told me, “We use only Microsoft Teams. Our security group has banned our use of Zoom and other video chat services.”
That’s why I found myself sitting at a sticky table in a coffee shop talking with this executive about a notification procedure which caught my attention. In that meeting, I mentioned that for each email sent to my official email by this person I received a notice that the individual was out of the office until mid-September 2022. Since we were meeting in the first week of December 2022, I found the emails from this person confusing.
I asked, “Why are you sending me an email and when I reply, I receive a notification from your corporate email system which tells me you are out of the office until September 2022.”
The response was, “Really? I will get IT to help me.”
Wow. Really.
Many organizations have embraced Microsoft systems and services. My hunch is that people want to use Excel. With full time employees in corporate information technology departments getting crushed by fixes, user issues, and software which does not do what the IT professional expects, companies want an fix.
Enter the cloud, certified consultants who can arrive like Wonder Woman, and big time engineers from a regional office to make everything work. Perfect. What could go wrong?
I read an article which may be accurate or may be presenting an incomplete report. Let’s proceed assuming that there is a kernel of truth in “Ransomware Discovered Carrying Legitimate Windows Certificates.” The write up states:
Cyber security company Sophos has issued a warning over antivirus-nullifying malware it discovered bearing legitimate digital certificates, including signatures from Microsoft’s own digital verification service.
The drivers, found paired with a ‘loader’ executable that was used to install the driver, carried the digital signature of Windows Hardware Compatibility Program (WHCP), and appeared to be specially designed to limit the functions of endpoint detection and response (EDR) security programs. Code signatures are cryptographic certificates that indicate a program has not been altered since its release by its manufacturer. WHCP signatures are only intended to be given to software that Microsoft has checked over and given its personal seal of approval, and therefore seen as trustworthy files to run by Windows systems. Researchers say that the find shows that threat actors are working harder to move up the ‘trust chain’, employing increasingly sophisticated methods to sign malware with legitimate cryptographic signatures so that it can be installed on systems without detection.
The article is in my opinion content marketing; that is, the information is designed to cause someone to license Sophos technology.
The idea is that bad actors can exploit systems and methods set up my Microsoft to make certain their systems are secure. People have struggled with getting Windows to print; others have found that Exchange Server (probably the email system which baffled the financial executive) vulnerabilities have caused some sleepless nights.
Several observations are warranted in my view:
- Microsoft like Google is a Leviathan. It is a target, and is may be that the Softies are in over their heads. Perhaps too big to make secure?
- Users are baffled with fairly simple operations of widely used software. What interesting security issues does this pose? Phishing works for a reason: Users click without th8inking.
- Corporations perceive their decisions to be good ones. The continuing increase in cyber aggression is not something people want to discuss in a meeting of suits, sales professionals, and worker bees.
Net net: Good enough software and systems, PowerPoint presentations from certified partners, and customer cluelessness suggest an exciting 2023. Legitimate Windows Certificates? Oxymoron maybe?
Stephen E Arnold, December 14, 2022
On the Path of a Super App for Crime
December 14, 2022
I know I am in the minority. In fact, I may the only person in Harrod’s Creek, Kentucky, thinking about Telegram and its technical evolution. From a humble private messaging service, Telegram has become the primary mechanism for armchair experts to keep track of Russia’s special operation, send secret messages, and engage in a range of interesting pursuits. Is it possible to promote and sell CSAM via an encrypted messaging app like Telegram? Okay, that’s a good question.
I noted another Telegram innovation which has become public. “No-SIM Signup, Auto-Delete All Chats, Topics 2.0 and More” explains that a person can sign up for the encrypted messaging service without having a SIM card and its pesky identifiers tagging along. To make sure a message about a special interest remains secret, the service allegedly deletes messages on a heartbeat determined by the Telegram user. The Telegram group function makes it possible for those who join a group to discuss a “special” interest to break up a group into sub groups. The idea is that a special interest group has special special interests. I will leave these to your imagination in the event you are wondering where some of the i2p and Tor accessible content has gone in the last few years.
As Telegram approach super app status for certain types of users, keep in mind that even the Telegram emoji have some new tricks. That little pony icon can do much more.
Stephen E Arnold, December 14, 2022
Sisyphus, The EU Has a Job For You
December 14, 2022
I read an article which may be mostly accurate. Its title is “Google Must Delete Search Results about You If They’re Fake, EU Court Rules.” The write up reports:
People in Europe can get Google to delete search results about them if they prove the information is “manifestly inaccurate,” the EU’s top court ruled Thursday [December 8, 2022].
Okay, prove that information is “manifestly inaccurate.”
The article continues:
People who want to scrub inaccurate results from search engines have to provide sufficient proof that what is said about them is false. But it doesn’t have to come from a court case against a publisher, for instance. They have “to provide only evidence that can reasonably be required of [them] to try to find,” the court said.
When legal eagles get into a discussion of what is accurate and what is not accurate, the logic will be fascinating. Then once accuracy has been addressed, the sage birds will deal with the definition of manifestly. You know: What is is?
Justice and billing will be served with word salad.
Stephen E Arnold, December 10. 2022
Does the UK Really Want to End Google and Apple Mobile Monopolies?
December 14, 2022
While there continues to be some market competition with big tech companies, each has their own monopoly in the technology industry. The United Statuses slow to address these industry monopolies, but the United Kingdom wants to end Google and Apples’ control says Mac Rumors in the article: “UK Begins Market Investigation Into Apple and Google’s Mobile Dominance.”
The UK Competition and Markets Authority (CMA) will investigate how Apple and Google dominate the mobile market as well as Apple’s restrictions on cloud gaming through its App Store. Smaller technology and gaming companies stated that Google and Apple are harming their bottom lines and holding back innovation:
“The consultation found 86% of respondents support taking a closer look at Apple and Google’s market dominance. Browser vendors, web developers, and cloud gaming service providers said the tech giants’ mobile ecosystems are harming their businesses, holding back innovation, and adding unnecessary costs. The feedback effectively justifies the findings of a year-long study by the CMA into Apple and Google’s mobile ecosystems, which the regulatory body called an “effective duopoly” that allows the companies to “exercise a stranglehold over these markets.” According to the CMA, 97% of all mobile web browsing in the UK in 2021 happened on browsers powered by either Apple’s or Google’s browser engine, so any restrictions can have a major impact on users’ experiences.”
The CMA will conduct an eighteen-month-long investigation and will require Apple to share information about its business products. After the investigation, the CMA could legally force Apple to make changes to its business practices. Apple, of course, denies its current practices promote innovation and competition as well as protect users’ privacy and security.
Whitney Grace, December 14, 2022
Interesting Search Tool: Tumbex
December 13, 2022
Interest in Open Source Intelligence has crossed what I call the Murdoch Wall Street Journal threshold. My MWSJ is that a topic, person, or idea bubbles along for a period of time, in this instance, decades. OSINT was a concept was discussed by a number of people in the 1980s. In fact, one advocate — a former Marine Corps. officer and government professional — organized open source intelligence conferences decades ago. That’s dinobaby history, and I know that few “real news” people remember Robert David Steele or his concepts about open source in general or OSINT in particular. (If you are curious about the history, email the Beyond Search team at benkent2020 @ yahoo dot com. Why? I participated in Mr. Steele’s conferences for many years, and we worked on a number of open source projects for a range of clients until shortly before his death in August 2021.) Yep, history. Sometimes knowing about events can be helpful.
Let’s talk about online information; specifically, an OSINT tool available since 2014 if my memory is working this morning. The tool is called Tumbex. With it, one can search Tumblr content.
Here’s what the Web site says:
Tumbex indexes only tumblr posts which have caption or tags. We analyse the content and define if tumblr or posts are nsfw/adult. If your tumblr was detected as nsfw by mistake, you can request a review and we will manually check your tumblr.
This is interesting. However, with a bit of query testing one can find some quite sporty content on the service.
The service, allegedly became available in 2014, is hosted by the French outfit OVH. According to StatShow, Tumbex has experienced a jump in traffic. The site is not particularly low profile because it has a user base of an estimated one million humans or bots. (Please, keep in mind that click data are often highly suspect regardless of source.) FYI: StatShow can be a useful OSINT resource as well.
If you are interested in some of the OSINT resources my team relies upon, navigate to www.osintfix.com. Click the image and a new window will open with an OSINT resource displayed. No ads, no trackers, no editorial. Just an old fashioned 1994 Web site which can be used fill an idle moment.
Now that the MWSJ threshold has been crossed, OSINT is a thing, an almost-overnight success with some youthful experts emphasizing that the US government has been asleep at the switch. I am not sure that assessment is one I can fully support.
Stephen E Arnold, December 13, 2022
-
- Subscribe to Beyond Search
Feature archive
News archive
-
