AI: Improving Spam Quality, Reach, and Effectiveness
May 22, 2025
It is time to update our hoax detectors. The Register warns, “Generative AI Makes Fraud Fluent—from Phishing Lures to Fake Lovers.” What a great phrase: “fluent fraud.” We can see it on a line of hats and t-shirts. Reporter Iain Thomson consulted security pros Chester Wisniewski of Sophos and Kevin Brown at NCC Group. We learn:
“One of the red flags that traditionally identified spam, including phishing attempts, was poor spelling and syntax, but the use of generative AI has changed that by taking humans out of the loop. … AI has also widened the geographical scope of spam and phishing. When humans were the primary crafters of such content, the crooks stuck to common languages to target the largest audience with the least amount of work. But, Wisniewski explained, AI makes it much easier to craft emails in different languages.”
For example, residents of Quebec used to spot spam by its use of European French instead of the Québécois dialect. Similarly, folks in Portugal learned to dismiss messages written in Brazilian Portuguese. Now, though, AI makes it easy to replicate regional dialects. Perhaps more eerily, it also make it easier to replicate human empathy. Thomson writes:
“AI chatbots have proven highly effective at seducing victims into thinking they are being wooed by an attractive partner, at least during the initial phases. Wisniewski said that AI chatbots can easily handle the opening phases of the scams, registering interest and appearing to be empathetic. Then a human operator takes over and begins removing funds from the mark by asking for financial help, or encouraging them to invest in Ponzi schemes.”
Great. To make matters worse, much of this is now taking place with realistic audio fakes. For example:
“Scammers might call everybody on the support team with an AI-generated voice that duplicates somebody in the IT department, asking for a password until one victim succumbs.”
Chances are good someone eventually will. Whether video bots are a threat (yet) is up for debate. Wisniewski, for one, believes convincing, real-time video deepfakes are not quite there. But Brown reports the experienced pros at his firm have successfully created them for specific use cases. Both believe it is only a matter of time before video deepfakes become not only possible but easy to create and deploy. It seems we must soon learn to approach every interaction that is not in-person with great vigilance and suspicion. How refreshing.
Cynthia Murrell, May 22, 2025
Employee Time App Leaks User Information
May 22, 2025
Oh boy! Security breaches are happening everywhere these days. It’s not scary unless your personal information is leaked, like what happened to, “Top Employee Monitoring App Leaks 21 Million Screenshots On Thousands Of Users,” reports TechRadar. The app in question is called WorkComposer and it’s described as an “employee productivity monitoring tool.” Cybernews cybersecurity researchers discovered an archive of millions of WorkComposer-generated real time screenshots. These screenshot showed what the employee worked on, which might include sensitive information.
The sensitive information could include intellectual property, passwords, login portals, emails, proprietary data, etc. These leaked images are a major privacy violation, meaning WorkComposer is in boiling water. Privacy organizations and data watchdogs could get involved.
Here is more information about the leak:
“Cybernews said that WorkComposer exposed more than 21 million images in an unsecured Amazon S3 bucket. The company claims to have more than 200,000 active users. It could also spell trouble if it turns out that cybercriminals found the bucket in the past. At press time, there was no evidence that it did happen, and the company apparently locked the archive down in the meantime.”
WorkComposer was designed for companies to monitor the work of remote employees. It allows leads to track their employees’ work and captures an image every twenty seconds.
It’s a useful monitoring application but a scary situation with the leaks. Why doesn’t the Cybernews people report the problem or fix it? That’s a white hat trick.
Whitney Grace, May 22, 2025
Stolen iPhone Building: Just One Building?
May 21, 2025
Just the dinobaby operating without Copilot or its ilk.
I am not too familiar with the outfits which make hardware and software to access mobile phones. I have heard that these gizmos exist and work. Years ago I learned that some companies — well, one company lo those many years ago — could send a text message to a mobile phone and gain access to the device. I have heard that accessing iPhones and some Androids is a tedious business. I have heard that some firms manufacture specialized data retention computers to support the work required to access certain actors’ devices.
So what?
And what happens? The weird orange newspaper published “Inside China’s Stolen iPhone Building.” The write up is from a “real news” outfit, the Financial Times. The story — if dead accurate — may be a reminder that cyber security has been gifted with another hole in its predictive, forward-leaning capabilities.
The write up explains how phones are broken down, parts sold, or (if unlocked) resold. But there is one passage in the write up which hip hops over what may be the “real” story. Here’s the passage:
Li [a Financial Times’ named source Kevin Li, who is an iPhone seller] insisted there was no way for phone sellers to force their way into passcode-locked devices. But posts on western social media show that many who have their phones stolen receive messages from individuals in Shenzhen either cajoling them or threatening them to remotely wipe their devices and remove them from the FindMy app. “For devices that have IDs, there aren’t that many places that have demand for them,” says Li, finishing his cigarette break. “In Shenzhen, there is demand . . . it’s a massive market.”
With the pool of engineering and practical technical talent, is it possible that this “market” in China houses organizations or individuals who can:
- Modify an unlocked phone so that it can operate as a node in a larger network?
- Use software — possibly similar to that developed by NSO Group-type entities — to compromise mobile devices. Then these devices are not resold if they contain high-value information. The “customer” could be a third party like an intelligence technology firm or to a government entity in a list of known buyers?
- Use devices which emulate the functions of certain intelware-centric companies to extract information and further industrialize the process of returning a used mobile to an “as new” condition.
Are these questions ones of interest to the readership of the Financial Times in the British government and its allies? Could the Financial Times ignore the mundane refurbishment market and focus on the “massive market” for devices that are not supposed to be unlocked?
Answer: Nope. Write about what could be said about refurbing iPads, electric bicycles, or smart microwaves. The key paragraph reveals that that building in China is probably one which could shed some light on what is an important business. If specialized hardware and software exist in the US and Western Europe, there is a reasonable chance that similar capabilities are available in the “iPhone building.” That’s a possible “real” story.
Stephen E Arnold, May xx, 2025
How Does One Pay for AI? Maybe Cut Prices and Make Money on Volume? (I Have a Bridge to Sell You Cheap)
May 21, 2025
Just the dinobaby operating without Copilot or its ilk.
Mucho AI marketing from the Google and the Softies. Let’s shift gears and talk about discounts similar to Filene’s Basement sale. A change of pace may put the marketing drag racers in context.
Bloomberg, the terminal people who given Thomson Reuters headaches, published “Salesforce Cuts Slack Price for US Government, Following Google.” The write up explains that lower prices for government customers is now in effect. In my experience, price cutting to get US government sales often leads to some issues. The normal mechanisms involve responding to work in Congress related to appropriations for the coming fiscal year; that is, new money for 2026-2027, one-to-one interaction to move a problem to a Request for Information and then to a project to assist in formulating and writing a Statement of Work, putting bloodhounds on the trail of end-of-year unspent funds, and a couple of other methods.
Price cutting? Well, perhaps if certain conditions have been met. I don’t want to go into these, but you can ask around for individuals who have not had their career path altered with the special deal, lower prices, and annexes to cover what are often inevitable problems with the products or service given a price cut.
Why is this important? For most people, selling services to the US government is handled through specific methods. Fancy dancing is a topic for a luncheon meeting in some organizations, but it is not as popular as talking about Kentucky basketball or the new distillery on the Bourbon Trail.
I find it interesting that Google is cutting prices for the US government. I am not sure what Amazon is doing. There was a burst of activity several years ago, but now the chatter is Microsoft, Microsoft’s deal with Palantir, and Microsoft’s security posture. Google and Salesforce? Sure, maybe.
My concern with price cuts is that Google and Salesforce are infusing smart software into their products and services. Therefore, the investments in said smart technology have to return a profit. How does one return a profit with US government sales by cutting prices? Mind you, those cuts are coming as the pressure on firms to generate a return on their investments in smart software is looking like it is exponentiating. Imagine: Exponentiating text messages, emails, and maybe face-to-face meetings in actual physical conference rooms going up every day or so. Those automated calendars are not a pretty sight in my opinion.
Several observations:
- Price cuts. Hmmm.
- Get more government customers with a K-Mart blue light special. Hmmm
- Assurances of timely service. Hmmm.
Net net: Hmmm. Discounts. Okay.
Stephen E Arnold, May 21, 2025
Google: A Critic Looks in the Rear View Mirror and Risks a Collision with a Smart Service
May 21, 2025
No AI, just a dinobaby watching the world respond to the tech bros.
Courtney Radsch, a director of the Center for Journalism and Liberty, is not Googley. Her opinion about the Google makes this clear in “Google Broke the Law. It’s Time to Break Up the Company.”
. To which facet of the lovable Googzilla direct her attention. Picking one is difficult. Several of her points were interesting and in line with the intellectual stance of the Guardian, which ran her essay on April 24, 2025. Please, read the original write up and do contribute some money to the Guardian newspaper. Their strident pleas are moving, and I find their escalating way to say “donate” informative.
The first statement I circled was:
These global actions [the different legal hassles Googzilla faces with attendant fines and smarmy explanations] reflect a growing consensus: Google’s power is infrastructural and self-reinforcing. It controls the tools that decide what we know, what we see and who profits. The implications are especially acute for journalism, which has been hollowed out by Google’s ad market manipulation and search favoritism. In an era of generative AI, where foundation models are trained on the open web and commodify news content without compensation, this market power becomes even more perfidious.
The point abut infrastructure and self-reinforcing is accurate. I would point out that Google has been building out its infrastructure and the software “hooks” to make its services “self reinforcing.” The behavior is not new. What’s new is that it seems to be a surprise to some people. Where were the “real” journalists when the Google implemented its Yahoo-influenced advertising system? Where were the “real” journalists when Dr. Jeff Dean and other Googlers were talking and writing about the infrastructure “innovations” at the Google?
The second one was:
… global coordination should be built into enforcement.
I want to mention that “global coordination” is difficult at the present time. Perhaps if the “coordination” began 20 years ago, the process might be easier. Perhaps the author of the essay would like to speak with some people at Europol about the time and procedures required to coordinate to take down a criminal online operation. Tackling an outfit which is used by quite a few people for free is a more difficult, expensive, and resource intensive task. There are some tensions in the world, and the Google is going to have to pay some fines and possibly dump some of its assets to reduce the legal pressure being applied to the company. But Google has big bucks, and money has some value in certain circles. Coordination is possible in enforcement, but it is not exactly the magical spooky action at a distance some may think it is.
The third statement I drew a couple of lines under was:
The courts have shown that Google broke the law. Now, governments must show that the law still has teeth. That means structural remedies, not settlements. Transformation, not tinkering.
News flash. Google is as I type this sentence transforming. If you think the squishy world of search and the two way doors of online advertising were interesting business processes, I suggest one look closely at the artificial intelligence push at the Google. First, it is baked into to Google’s services. I am not sure users know how much Googliness its AI services have. That’s the same problem will looking at Google superficially as people did when the Backdoor was kicked open and the Google emerged. Also, the AI push has the same infrastructure game plan. Exactly who is going to prevent Google from developing its own chips and its next-generation computing infrastructure? Is this action going to come from regulators and lawyers? I don’t think so. These two groups are not closely associated with gradient descents, matrix mathematics, and semi-conductor engineering in my experience. Some individuals in these groups are, but many are users of Google AI, not engineers developing Google AI. I do like the T shirt slogan, “Transformation, not tinkering.”
In summary, I liked the editorial. I have one problem. Google has been being Googley for more than 20 years and now legal action is being taken for yesterday’s businesses at the company. The new Googzilla moves are not even on the essay writer’s, the Guardian’s, or the regulators’ radar.
Net net: Googzilla is rocking to tomorrow, not transformation. You don’t alter the DNA of Googzilla.
Stephen E Arnold, May 21, 2025
IBM CEO Replaces Human HR Workers with AskHR AI
May 21, 2025
An IBM professional asks the smart AI system, “Have I been terminated?” What if the smart software hallucinates? Yeah, surprise!
Which employees are the best to replace with AI? For IBM, ironically, it is the ones with “Human” in their title. Entrepreneur reports, “IBM Replaced Hundreds of HR Workers with AI, According to Its CEO.” But not to worry, the firm actually hired workers in other areas. We learn:
“IBM CEO Arvind Krishna told The Wall Street Journal … that the tech giant had tapped into AI to take over the work of several hundred human resources employees. However, IBM’s workforce expanded instead of shrinking—the company used the resources freed up by the layoffs to hire more programmers and salespeople. ‘Our total employment has actually gone up, because what [AI] does is it gives you more investment to put into other areas,’ Krishna told The Journal. Krishna specified that those ‘other areas’ included software engineering, marketing, and sales or roles focused on ‘critical thinking,’ where employees ‘face up or against other humans, as opposed to just doing rote process work.’”
Yes, the tech giant decided to dump those touchy feely types in personnel. Who need human sensitivity with issues like vacations, medical benefits, discrimination claims, or potential lawsuits? That is all just rote process work, right? The AskHR agent can handle it.
According to Wedbush analyst Dan Ives, IBM is just getting started on its metamorphosis into an AI company. What does that mean for humans in other departments? Will their jobs begin to go the way of their former colleagues’ in HR? If so, who would they complain to? Watson, are you on the job?
Cynthia Murrell, May 21, 2025
Yo, Open Source Cheerleaders: Department of Defense News
May 21, 2025
Add this to the many changes we have recently seen in the federal government: We learn from Tech Radar, “Pentagon Looks to Shake Up ‘Outdated’ Software Procurement, Declares War on Open Source.” As much as we love open-source software, we know it poses certain security risks for sensitive systems. With an initiative dubbed the Software Fast-Track (SWFT), DOD CIO Katherine Arrington aims to overhaul the department’s software acquisition, authorization, and testing processes. The new framework is to be published by the end of July. Writer Craig Hale reports:
“In the memo, Arrington explained the SWFT Framework will define ‘clear’ and ‘specific’ cybersecurity and Supple Chain Risk Management (SCRM) requirements, rigorous software security verification processes, secure information sharing mechanisms and Federal Government-led risk determinations to expedite the cybersecurity authorizations for rapid software adoption. She continued to explain that current systems are best seen as ‘outdated,’ noting that acquisition processes don’t enable the agility that departments need. Arrington also noted that the use of open source software ‘presents a significant and ongoing challenge,’ with a lack of visibility into the origins and security of software code particularly troubling. Malware and partner leaks have already exposed vulnerabilities in DOD systems, with software vulnerabilities among the most popular entry points for attackers.”
Excellent point. We note the DOD seems to have several goals for this initiative. One can only hope security will take precedence over rapid adoption and penny-pinching. We are curious to see how the agency will save money while shifting away from free software.
Cynthia Murrell, May 21, 2025
Microsoft: What Is a Brand Name?
May 20, 2025
Just the dinobaby operating without Copilot or its ilk.
I know that Palantir Technologies, a firm founded in 2003, used the moniker “Foundry” to describe its platform for government use. My understanding is that Palantir Foundry was a complement to Palantir Gotham. How different were these “platforms”? My recollection is that Palantir used home-brew software and open source to provide the raw materials from which the company shaped its different marketing packages. I view Palantir as a consulting services company with software, including artificial intelligence. The idea is that Palantir can now perform like Harris’ Analyst Notebook as well as deliver semi-custom, industrial-strength solutions to provide unified solutions to thorny information challenges. I like to think of Palantir’s present product and service line up as a Distributed Common Ground Information Service that generally works. About a year ago, Microsoft and Palantir teamed up to market Microsoft – Palantir solutions to governments via “bootcamps.” These are training combined with “here’s what you too can deploy” programs designed to teach and sell the dream of on-time, on-target information for a range of government applications.
I read “Microsoft Is Now Hosting xAI’s Grok 3 Models” and noted this subtitle:
Grok 3 and Grok 3 mini are both coming to Microsoft’s Azure AI Foundry service.
Microsoft’s Foundry service. Is that Palantir’s Foundry, a mash up of Microsoft and Palantir, or something else entirely. The name confuses me, and I wonder if government procurement professionals will be knocked off center as well. The “dream” of smart software is a way to close deals in some countries’ government agencies. However, keeping the branding straight is also important.
What does one call a Foundry with a Grok? Shakespeare suggested that it would smell as sweet no matter what the system was named. Thanks, OpenAI? Good enough.
The write up says:
At Microsoft’s Build developer conference today, the company confirmed it’s expanding its Azure AI Foundry models list to include Grok 3 and Grok 3 mini from xAI.
It is not clear if Microsoft will offer Grok as another large language model or whether [a] Palantir will be able to integrate Grok into its Foundry product, [b] Microsoft Foundry is Microsoft’s own spin on Palantir’s service which is deprecated to some degree, or [c] a way to give Palantir direct, immediate access to the Grok smart software. There are other possibilities as well; for example, Foundry is a snappy name in some government circles. Use what helps close deals with end-of-year money or rev up for new funds seeking smart software.
The write up points out that Sam AI-Man may be annoyed with the addition of Grok to the Microsoft toolkit. Both OpenAI and Grok have some history. Maybe Microsoft is positioning itself as the role of the great mediator, a digital Henry Clay of sorts?
A handful of companies are significant influencers of smart software in some countries’ Microsoft-centric approach to platform technology. Microsoft’s software and systems are so prevalent that Israel did some verbal gymnastics to make clear that Microsoft technology was not used in the Gaza conflict. This is an assertion that I find somewhat difficult to accept.
What is going on with large language models at Microsoft? My take is:
- Microsoft wants to offer a store shelf stocked with LLMs so that consulting service revenue provides evergreen subscription revenue
- Customers who want something different, hot, or new can make a mark on the procurement shopping list and Microsoft will do its version of home delivery, not quite same day but convenient
- Users are not likely to know what smart software is fixing up their Miltonic prose or centering a graphic on a PowerPoint slide.
What about the brand or product name “Foundry”? Answer: Use what helps close deals perhaps? Does Palantir get a payoff? Yep.
Stephen E Arnold, May 20, 2025
Meta Knows How to Argue: The Ad Hominem Tactic
May 20, 2025
No AI, just the dinobaby expressing his opinions to Zillennials.
This is exciting for me, the dinobaby. Meta (a Telegram inspired outfit) is now going after “real” media people. Yep, individuals as in ad hominin just like the old times in Greek discourse. Cool. A blast from the past. Check out the title from the pay-to-read outfit, The Verge:
Now that is a headline: Meta, antitrust trial, attorney, failed, and the ultimate “real” journalist pejorative “blogger.” A blogger. Wow. Harsh.
The write up says, which for the purpose of this short essay, as the sacred truth:
In court, he [Meta’s lead attorney] projected a headline about her [Kara Swisher] recently calling Mark Zuckerberg a “small little creature with a shriveled soul.”
But who is the failed blogger because Ms. Swisher is no longer just a blogger; she is a media personality? It is Om Malik. Before you say, “Who?” Here’s a snapshot: Mr. Malik is the founder of Gigaom. He is a venture capitalist.
The Verge story asserts:
Malik critiqued Facebook’s intentions for offering free access to its apps and others in India, after board member Marc Andreessen blamed local resistance to the program on “anti-colonialism” in a later-deleted tweet. “I am suspicious of any for-profit company arguing its good intentions and its free gifts,” Malik wrote at the time.
How will this trial play out? I have zero idea. I am not sure the story with the “failed blogger” headline will do much to change opinions about Meta and its “bring people together properties.”
Several observations:
- What types of argumentative strategies are taught in law school? I thought the ad hominem method was viewed as less than slick.
- Why is Meta in court? The company has been chugging along for 21 years, largely unimpeded by regulations and researchers who have suggested that the company has remarkable influence on certain user cohorts? Will a decision today remediate alleged harms from yesterday? Probably not too much in my opinion.
- With Meta’s increasing involvement in political activities in the US, won’t other types of argumentative techniques be more effective and less subject to behaviors of the judicial processes?
Net net: Slick stuff.
Stephen E Arnold, May 20, 2025
Salesforce CEO Criticizes Microsoft, Predicts Split with OpenAI
May 20, 2025
Salesforce CEO Marc Benioff is very unhappy with Microsoft. Windows Central reports, “Salesforce CEO Says Microsoft Did ‘Pretty Nasty’ Things to Slack and Its OpenAI Partnership May Be a Recipe for Disaster.” Writer Kevin Okemwa reminds us Benioff recently dubbed Microsoft an “OpenAI reseller” and labeled Copilot the new Clippy. Harsh words. Then Okemwa heard Benioff criticizing Microsoft on a recent SaaStr podcast. He tells us:
“According to Salesforce CEO Marc Benioff: ‘You can see the horrible things that Microsoft did to Slack before we bought it. That was pretty bad and they were running their playbook and did a lot of dark stuff. And it’s all gotten written up in an EU complaint that Slack made before we bought them.’ Microsoft has a long-standing rivalry with Slack. The messaging platform accused Microsoft of using anti-competitive techniques to maintain its dominance across organizations, including bundling Teams into its Microsoft Office 365 suite.”
But, as readers may have noticed, Teams is no longer bundled into Office 365. Score one for Salesforce. The write-up continues:
“Marc Benioff further indicated that Microsoft’s treatment of Slack was ‘pretty nasty.’ He claimed that the company often employs a similar playbook to gain a competitive advantage over its rivals while referencing ‘browser wars’ with Netscape and Internet Explorer in the late 1990s.”
How did that one work out? Not well for the once-dominant Netscape. Benioff is likely referring to Microsoft’s dirty trick of making IE 1.0 free with Windows. This does seem to be a pattern for the software giant. In the same podcast, the CEO predicts a split between Microsoft and ChatGPT. It is a recent theme of his. Okemwa writes:
“Over the past few months, multiple reports and speculations have surfaced online suggesting that Microsoft’s multi-billion-dollar partnership with OpenAI might be fraying. It all started when OpenAI unveiled its $500 billion Stargate project alongside SoftBank, designed to facilitate the construction of data centers across the United States. The ChatGPT maker had previously been spotted complaining that Microsoft doesn’t meet its cloud computing needs, shifting blame to the tech giant if one of its rivals hit the AGI benchmark first. Consequently, Microsoft lost its exclusive cloud provider status but retains the right of refusal to OpenAI’s projects.”
Who knows how long that right of refusal will last. Microsoft itself seems to be preparing for a future without its frenemy. Will Benioff crow when the partnership is completely destroyed? What will he do if OpenAI buys Chrome and pushes forward with his “everything” app?
Cynthia Murrell, May 20, 2025
-
- Subscribe to Beyond Search
Feature archive
News archive
-
