TikTok: Is Joe Rogan the Person to Blow the Whistle on Chinese Surveillance?
August 3, 2022
TikTok has been around since 2015 as A.me and Douyin. If you want to scrape below the shiny surface of the TikTok rags-to-riches story, there something called Musical.ly which surfaced in 2014. In 2018, the Musical.ly management team decided that selling to ByteDance was a super great idea. Then TikTok was created to entertain and log data. Few talk about the link to certain entities in the Chinese political structure. Even fewer think that short videos were bad. Sure, there were allegations of self harm, addiction, erosion of self worth, and students who preferred watching vids pumped at them by a magical algorithm. Nobody, including some Silicon Valley real news people with an inflated view of their intellectual capabilities said, “Yo, TikTok is a weaponized content delivery and surveillance system.” Nope. Just cute videos. What’s the problemo?
Who is now concerned about TikTok? The NSA? The CIA? The badge-and-gun entities in the US Federal government? Well, maybe. But the big voice is now a semi-real sports event announcer. “Joe Rogan Warns Americans about TikTok: China Knows Every … Thing You type.” Hey, Joe, don’t forget psychographic profiling to identify future insider operators, please.
The article reports:
Rogan listed the other data being collected by the popular platform. “‘User agent, mobile carrier, time zone settings, identifiers for advertising purpose, model of your device, the device system, network type, device IDs, your screen resolution and operating system, app and file names and types,’” he said. “So all your apps and all your file names, all the things you have filed away on your phone, they have access to that.” He continued: “‘File names and types, keystroke patterns or rhythms.’”
Hot intel, Mr. Rogan.
Where did this major news originate? From Mr. Rogan’s wellness infused research?
Nope. He read the terms of service.
The estimable newspaper pointed out:
… the tech news site Gizmodo reported that leaked internal documents from TikTok showed the extent to which the app sought to “downplay the China association.” The documents, labeled “TikTok Master Messaging” and “TikTok Key Messages,” detail the social media giant’s public relations strategy during a period of mounting scrutiny from regulators and lawmakers over its parent company ByteDance and its ties to the Chinese Community Party.
Gizmodo? Is this Silicon Valley type “real news” outlet emulating Cryptome.org?
According to the cited New York Post story:
TikTok has pledged to “publish insights about the covert influence operations we identify and remove from our platform globally to show how seriously we take attempts to mislead our community.”
That sounds good just like a cyber security firm’s PowerPoint deck. Talk, however, is not action.
Maybe Mr. Rogan can use his ring announcer voice to catch people’s attention? I am not sure some of the TikTok lovers will listen or believe what Mr. Rogan discovered in the super stealthy terms of service for TikTok.
That’s real open source intel. Put Mr. Rogan on a panel at the next OSINT conference, please. I mean TikTok has a 10 year history and it seems to be quite new to some folks.
Stephen E Arnold, August 3, 2022
Time Travel in the Datasphere: Lock In Is Here Again
August 3, 2022
“Lock in” was a phrase I associated with my university’s data processing and computer center in 1962. I was a 17 year old freshman, and I got a tour of the school’s state of the art IBM mainframes located in one of the buildings in the heart of the campus. Remember I went to a middling private college because I fooled some scholarship outfit into ponying up money to pay for tuition and books. That still amazes me 60 years later.
I do remember looking at the IBM machines lined up inside a room within a room. A counter separated the “user” from the machines. Another room held three keypunch machines. There was a desk with a sign in sheet and a sign that said, “Help wanted.” Hey, even then it was clear that money was to be had doing the computer thing.
The tour was uneventful. Big machines blinked and hummed. The person giving the tour did not want to explain anything to a small group of students who qualified to enter the digital sanctuary. No problem. I got it. If a person wanted to use a computer, one had to work in the computer center. It was infinitely better to work behind the counter, wear a white lab coat, and stuff the front pocket with pencils. I was in. I even wore a slide rule strapped to my belt like Roy Rogers with a math fetish. Quick log, Stephen was my moniker.
I learned very quickly that using computers was done the IBM way. Don’t bend, fold, spindle, or mutilate. Don’t push buttons on the keyboard unless you knew what that key press did. Don’t think about learning anything about any of the other computing devices. IBM was the way. Why? The funding for the computer center and much of the engineering department came from an outfit engaged in manufacturing equipment to produce big holes in the ground or eliminate pesky trees from the path of the Trans Amazon Highway. The company was an IBM outfit.
Ergo, lock in. My mind was locked into IBM. Even today if someone mentions an MIT LINC, I am quick to snort. Hey, big iron.
Well, lock in is back, and there are many Millennials, GenXers, and whatever other category marketers use to describe young people who don’t know about lock in. Navigate to “A Third of Businesses Feel Locked In to Major Cloud Providers.” The write up explains that lock in is here again:
new research from Civo shows that 34 percent of users feel locked into the services these major providers deliver, with 65 percent of these saying that data transfer costs are too expensive for them to move off their current cloud.
This is the goal of lock in. Switching costs are too high. A lousy economy provides an endless parade of people who think that those low entry fees for the cloud will persist. Then the lucky customers discover the joy of per unit transactional pricing. Now the deal is more expensive than other ways to access computers and software. But to kick the cloud habit, one has to do more than spend a month in rehab. One must reengineer, invest, plan, and be smart enough to actively manage complex systems.
Yep, lock in.
That 33 percent figure may be bogus. But one thing is absolutely certain. More companies will embrace the cloud and find them with me, back in the university’s computer center, learning that there is one way to do computers. What’s amusing is that lock in is here again. Too bad IBM was not able to become the big dog. But the IBM notion of lock in lives on. And for some today, it is a fresh and new as a Rivian truck. There is one difference. That 1962 computer set up was actually pretty reliable. Today’s cloud systems are a work in progress. Choose cloud providers wisely. Digital divorces, like real world divorces, can be messy, expensive, and damaging.
Stephen E Arnold, August 3, 2022
Accidental News: There Is a Google of the Dark Web.
August 2, 2022
Yesterday one of the research team was playing the YouTube version of TWIT which is Silicon Valley acronym speak for “This Week in Tech.” The program is hosted by a former TV personality and features “experts”. The experts discuss major news events. The August 1, 2022 (captured on July 31, 2022) has the title “The Barn Has Left the Horse — CHIPS Act, Earnings Week, FTC Sues Meta, Twitter Blue Price Hike.” The “experts” fielding questions and allegedly insightful observations by Mr. LaPorte can be viewed at this link. The “experts” on the “great panel” for this program included:
- Jason Snell
- Shoshana Weissmann
- Dan Patterson.
In the midst of recycled information and summaries of assorted viewpoints, there was what I thought was information warranting a bit more attention. You can watch and hear what Dan Patterson says at 2:22:30. A bit of context: Mr. Patterson announced that he is the Editorial Director at Cybersixgill, [supplemental links appear below my name at the foot of this blog post] a firm named after a shark and with, until now, a very low profile. I think the outfit is based in Tel Aviv and it, as I recall, provides what I call specialized software and services to government entities. A few other firms in this particular market space are NSO Group and Voyager Labs, among other. Rightly or wrongly, I think of Herliya as the nerve center for certain types of sophisticated intercept, surveillance, analytic, and stealth systems. Thus, “low profile” is necessary. Once the functionality of an NSO Group-type system becomes known, then the knock on effect is to put Candiru-type firms in the spotlight too. (Other fish swimming unseen in the digital ocean have inspired names like “FinFisher,” “Candiru,” and “Sixgill.”)
So what’s the big news? A CBS technology reported quitting is no big deal. A technology reporter who joins a commercial software and services firm is not a headline maker either.
This is, in my opinion, a pretty remarkable assertion, and I think it should be noted. Mr. Patterson was asked by Mr. LaPorte, “So CyberSixgill is a threat intelligence…” Mr. Patterson added some verbal filler with a thank you and some body movement. Then this…
CyberSixgill is like a Google for the Dark Web.
That’s an interesting comparison because outfits like Kagi and Neva emphasize how different they are from Google. Like Facebook, Google appears to on the path to becoming an icon for generating cash, wild and crazy decisions, and an emblem of distrust.
Mr. Patterson then said:
I don’t want to log roll…. I joined the threat detection company because their technology is really interesting. It really mines the Dark Web and provides a portal into it in ways that are really fascinating.
Several observations:
- Mr. Patterson’s simile caught my attention. (I suppose it is better than saying, “My employer is like an old school AT&T surveillance operation in 1941.”
- Mr. Patterson’s obvious discomfort when talking about CyberSixgill indicates that he has not yet crafted the “editorial message” for CyberSixgill.
- With the heightened scrutiny of firm’s with specialized software causing outfits like Citizens Lab in Toronto to vibrate with excitement and the Brennan Center somewhat gleefully making available Voyager Labs’s information, marketing a company like CyberSixgill may be a challenge. These specialized software companies have to be visible to government procurement officers but not too visible to other sectors.
Net net: For specialized software and services firms in Israel, Zurich, Tyson’s Corner, and elsewhere, NSO Group’s visibility puts specialized software and services company on the horns of a dilemma: Visible but not too visible. These companies cannot make PR and marketing missteps. Using the tag line from a “real” journalist’s lips like “a Google for the Dark Web” is to me news which Mr. LaPorte and the other members of the panel should have noticed. They did not. There you go: “Like a Google for the Dark Web”. That’s something of interest to me and perhaps a few other people.
Stephen E Arnold, August 2, 2022
—
Notes:
1 “Sixgill” is the blunt nose “six gill” shark, hexnchoid (Hexanchus griseus). It is big and also called the cow shark by fish aficionados. The shark itself can be eaten.
2 The company’s product is explained at https://www.cybersixgill.com/products/portal/. One “product” is a cloud service which delivers “exclusive access to closed underground sources with the most comprehensive, automated collection from the deep and dark Web. The investigative portal delivers the threat intel security teams need: Real time context and actionable alerts along with the ability to conduct cover investigations.” Mr. Patterson may want to include in his list of work tasks some rewriting of this passage. “Covert investigations,” “closed underground sources,” and “automated collection” attract some attention.
3 The company’s blog provides some interesting information to those interested in specific investigative procedures; for example, “Use Case Blog: Threat Monitoring & Hunting.” I noted the word “hunting.”
4 The company received a fresh injection of funding from CrowdStrike, Elron Ventures, OurCrowd, and Sonae. According to CyberGestion, the firm’s total funding as of May 2022 is about $55 million US.
5 The Dark Web, according to my research team, is getting smaller. Thus, what does “deep web”? The term is undefined on the cited CyberSixgill page. “Like Google” suggests more than 35 billion Web pages in its public index. Is this what CyberSixgill offers?
Wikipedia and Legal Decisions: What Do Paralegals Really Do for Information?
August 2, 2022
I read an interesting and, I think, important article about legal search and retrieval. The good news is that use of the go to resource is, so far, free. The bad news is that if one of the professional publishing outfits big wigs reads the cited article, an acquisition or special licensing deal may result. Hasta la vista, Wikipedia maybe?
Navigate to “How Wikipedia Influences Judicial Behavior.” The main idea of the article is that if a legal decision gets coverage in Wikipedia, that legal decision influences some future legal decisions. I interpret this as saying, “Lawyers want to reduce online legal research costs. Wikipedia is free. Therefore, junior lawyers and paralegals use free services like Wikipedia for their info-harvesting.
The write up states:
“To our knowledge, this is the first randomized field experiment that investigates the influence of legal sources on judicial behavior. And because randomized experiments are the gold standard for this type of research, we know the effect we are seeing is causation, not just correlation,” says MIT researcher Neil Thompson, the lead author of the research. “The fact that we wrote up all these cases, but the only ones that ended up on Wikipedia were those that won the proverbial “coin flip,” allows us to show that Wikipedia is influencing both what judges cite and how they write up their decisions. Our results also highlight an important public policy issue. With a source that is as widely used as Wikipedia, we want to make sure we are building institutions to ensure that the information is of the highest quality. The finding that judges or their staffs are using Wikipedia is a much bigger worry if the information they find there isn’t reliable.”
Now what happens if misinformation is injected into certain legal write ups available via Wikipedia?
The answer is, “Why that can’t happen.”
Of course not.
That’s exactly why this article providing some data and an interesting insight. Now is the study reproducible, in line with Stats 101, and produced in an objective manner? I have no idea.
Stephen E Arnold, August 2, 2022
Mobile Surveillance: Morocco?
August 2, 2022
I read “L’Union Européenne a Discrètement Fourni au Maroc de Puissants Systèmes de Piratage des Téléphones.” I try to believe everything I read on the information superhighway’s sign posts. So far, this story which appeared on July 24, 2022, in Disclose is yet to be verified by my super duper thumbtyping research team. Therefore, I cannot agree or disagree with its statements or the spin put on the story. If you don’t read French, you can try the service at this link to render the mysteries of French is the world’s most lawyer-friendly language.
The company identified as providing mobile phone forensics does business as MSAB, which is a sponsor of the European Academy of Forensic Science conference on mobile device forensics. The firm’s customers are government agencies.. The firm provides “complete solutions.” Its Web site is MSAB.com.
The “Oxygen” referenced in the article may be the entity doing business as Oxygen Forensics. The firm’s Web site is www.oxygenforensic.com. The firm’s mobile phone software is called Detective. Years ago, I did a DarkCyber video about the tool’s capabilities. I have removed my DarkCyber videos from public access because some perceived my explanations as too revealing. For example, I believe I mentioned that the core technology was developed in Russia. Now the firm’s company profile here does not mention much about the non-US facets of the firm.
The write up points out with what I might call Gallic skepticism that the use of the forensic tools is related to immigration. Yep, tools can be used for many purposes. Think about those Buzzfeed articles which explain how to use household products for surprising applications. Who knew dish washing liquid was a jack of all trades?
Worth monitoring because non-US forensic technology is, in my team’s opinion, outperforming US developed solutions in some intelware and policeware sectors. Examples? Sure, just check out the companies in Herliya focused on specialized services.
Stephen E Arnold, August 2, 2022
Smart Technology: There Will Be Glitches
August 2, 2022
Here’s a simple and clear question: What do like best about smart hardware, software, and systems?
[a] Everything
[b] Everything and the dividends paid on my shares in a company
[c] Everything even when there is a trivial glitch which will be fixed promptly?
Pretty nifty too. No wonder I was asked to resign from some group creating tests for fresh, nimble, young minds.
Consider two examples of smartness.
The first has been reported but since the incident took place in Moscow, the story did not have traction. “7-Year-Old’s Finger Broken By Chess-playing Robot” includes a video. The main idea is easy to grasp: The smart chess playing robot experienced a Tesla moment. Instead of running into a barrier on Highway 101, the robot snapped the child’s finger. Why not mount a weapon on a friendly robot dog? Right. No problemo.
The second mini case is described in “Computer Glitches Harmed Nearly 150 Patients after Oracle Cerner System Go-Live.” The main takeaway from this write up is:
Computer errors following the go-live of a new Oracle Cerner electronic health records system harmed nearly 150 patients at a Washington hospital, as revealed during a hearing in the US.
Net net: Technology is wonderful, does no harm, and definitely will benefit mankind. Young children and sick people? Well, maybe, maybe not.
Stephen E Arnold, August 2, 2022
Horsefeathering: The Intel Arc of Optane
August 1, 2022
Intel’s announcement of the Horse Ridge quantum thing caught my attention in 2020. Then there was Horse Ridge II a year later. I jotted in my notebook containing high-tech confections the idea for putting giant water consuming semiconductor fabs in Arizona. The idea for Optane seems to have fizzled.
Has Intel has reached peak “horse.” I dub the new era Horsefeather Arcs. Intel has not matched the privacy oriented outfit Apple’s chips. How far apart are these puppies? Far. Furthermore, Intel has not been able to blast past AMD and nVidia. Is Intel the future of the resurgent and reinvigorated semiconductor manufacturing sector? Sure, sure. There a big chip bill that is going to make this trivial task come true. Will it be similar to remediating Flint’s water issue? No problem, of course.
I read “Intel Arc Graphics Cards Could Be in Serious Trouble – Will Team Blue Throw in the Towel?” and formulated the concept of the Horsefeathers Arc.
The write up says:
Arc Alchemist and Battlemage might get the ax entirely over unfixable hardware flaws that are kneecapping their performance, and it’s threatening to scrap Intel’s entire Arc discrete graphics line.
Who says “the ax”? The write up’s author, that’s who? If true, will Alchemist and Battlemage produce analyst melting revenue? Maybe not?
According to the cited article:
This report comes from YouTuber Moore’s Law is Dead, and it is a doozy, full of internal politics, bitterness, and recriminations at Intel over the company’s graphics unit being unable to actually deliver the discrete graphics cards that have been hyped up for more than a year.
Even if this report from the cited article and the YouTuber, the delays and the reports about performance for Intel Arc are causing my confidence meter to curve toward zero. Horsefeathering?
Stephen E Arnold, August 1, 2022
Zucking Up: The Instagram Innovation
August 1, 2022
I read a bonkers article about Instagram (a Zucked up property of the Zuckbook empire). You can get the allegedly accurate information from this article: “Instagram Knows You Don’t Like Its Changes. It Doesn’t Care.” I know that “real journalists” select and maybe shape information to fit into the good old pyramid method of real news craftsmanship. For the purposes of this blog post, let’s just go with the flow like good GenXers do and believe everything in the article. Keep in mind that Zucksters are flexible. The TikTok emulation is a word in progress, pending approval from the Jenner-Kardashian Consulting Company.
But here we go anyway:
- The Zuckbook does not care what its addicts — oh, sorry, I mean users — think. [This is something new?]
- Kim Kardashian does not like Instagram de-Instagraming itself and getting digital plastic surgery to be more like TikTok? [Yeah, plastic surgery can disappoint. Ms Kardashian might be able to provide some additional information on this back story.]
- There’s a “don’t change Instagram” petition with an alleged 190,000 signatures. [How many are sock puppets’ inputs?]
- Picketers appeared outside the Zuckster’s New York office. [Did anyone in Manhattan notice or even care? If I were still working in the Big Apple, I would have crossed to the other side of the street and kept on going to a meeting at 245 Park Avenue or 101 Park Avenue South, both former dinobaby offices from the ancient days of work.]
- Two “meme account administrators” handcuffed themselves to the Instagram office doors. [Well, not good if someone like me wanted to exit quickly in order to be on time for a really important dinobaby meeting. I can hear myself saying, “Hey, sorry about breaking your wrist. Gotta run. Let’s have lunch.]
One thing is clear: Another Zuckup. Advertisers will be thrilled with this publicity, won’t they?
Now what if this write up has been crafted from the addled thoughts of a sci-fan loopy on Game of Thrones re-runs? Definitely a bad look for the Zucksters.
Stephen E Arnold, August 1, 2022
Facebook to News Partners: Spike That!
August 1, 2022
I assume news publications can still advertise on the Zuckbook. However, if the information in “Scoop: Meta Officially Cuts Funding for U.S. News Publishers” is accurate, the Zucker has said, “Spike that paying for news deal.” The allegedly spot on write up states:
As the company moves forward with sweeping changes to the Facebook experience, news has become less of a priority. Meta’s VP of media partnerships, Campbell Brown, told staffers the company was shifting resources away from its news products to support more creative initiatives…
And what might “creative” mean? Perhaps more me-too innovations?
Last year, Meta’s president of global affairs, Nick Clegg, said fewer than one in every 25 posts in the News Feed contained links to a news story.
So creative means perhaps generating engagement, clicks, and money. News fails apparently as a creative initiative? I was under the impression that fake news was creative. Whoops, wrong again. How much “real news” does TikTok provide? From a person with access to user log data, pretty creative. From a person who just inhales crunchy short videos, not too much.
I think that the Zucker thing is trying to change. That’s good. Anyone signing a contract with the Zuck may face the “spike that” approach to relationship building. I would suggest we change the “spike that” to “Zuck you”. Will that fly in the metaverse?
Stephen E Arnold, August 1, 2022
Google and Kids: The School Push Squeezes Some New Concessions… Allegedly
August 1, 2022
I read “Chrome Use Subject to Restrictions in Dutch Schools over Data Security Concerns.” The write up reports:
Several schools and other educational organizations are having to restrict usage of Google’s software, including its Chrome browser and Chrome OS offerings over security and privacy fears. The Dutch Ministry of Education has ordered the country’s education industry to implement the changes following over fears that Google’s software is in conflict with the General Data Protection Regulation (GDPR) and other privacy-related regulations in the country.
I am not surprised. I noted that the article presents some familiar wordage; for example:
… The ministers discussed these issues with the representatives of Google, Microsoft, and Zoom, and that these companies assured the ministers that their future versions will be more transparent, and more compatible, with the country’s (and the EU bloc’s) privacy and data protection laws.
I like the “assured the ministers” phrase. It reminds me of “Senator, thank you for the question. I will forward the information to your office. And I am sorry, really, really sorry. We are constantly trying to improve.”
Improve what?
Well, in my opinion it is the collection of fine grained data, actionable intelligence, and insight into what those kiddies are doing. But that’s just my point of view. The giant technology firms just want to do good. No, really.
Do good.
Those assurances sparked an update to the original article and guess what?
… Chrome and Chrome OS are not banned in the education sector of the country, and that schools may continue using them provided that they perform certain actions themselves to strengthen data security and ensure student privacy.
Progress.
Stephen E Arnold, August 1, 2022
-
- Subscribe to Beyond Search
Feature archive
News archive
-
