Why Encrypted Messaging Is Getting Love from Bad Actors
August 17, 2023
Note: This essay is the work of a real and still-alive dinobaby. No smart software involved, just a dumb humanoid.
The easier it is to break the law or circumvent regulations, the more people will give into their darker nature. Yes, this is another of Arnold’s Laws of Online along with online data flows erode ethical behavior. I suppose the two “laws” go together like Corvettes and fuel stops, tattoos and body art, or Barbie and Ken dolls.
“Banks Hit with $549 Million in Fines for Use of Signal, WhatsApp to Evade Regulators’ Reach” explains a behavior I noticed when I was doing projects for a hoop-de-do big time US financial institution.
Let’s jump back in time to 2005: I arrived for a meeting with the bank lugging my lecture equipment. As I recall, I had a couple of laptops, my person LCD projector, a covey of connectors, and a couple of burner phones and SIMs from France and the UK.
“What are you looking at?” queries the young financial analyst on the sell side. I had interrupted a young, whip-smart banker who was organizing her off-monitoring client calls. I think she was deciding which burner phone and pay-as-you-go SIM to use to pass a tip about a major financial deal to a whale. Thanks, MidJourney. It only took three times for your smart software to show mobile phones. Outstanding C minus work. Does this MBA CFA look innocent to you? She does to me. Doesn’t every banker have multiple mobile phones?
One bright bank type asked upon entering the meeting room as I was stowing and inventorying my gear after a delightful taxi ride from the equally thrilling New York Hilton, “Why do you have so many mobile phones?” I explained that I used the burners in my talks about cyber crime. The intelligent young person asked, “How do you connect them?” I replied, “When I travel, I buy SIMs in other countries. I also purchase them if I see a US outfit offering a pay-as-you-go SIM.” She did not ask how I masked my identity when acquiring SIMs, and I did not provide any details like throwing the phone away after one use.
Flash forward two months. This time it was a different conference room. My client had his assistant and the bright young thing popped into the meeting. She smiled and said, “I have been experimenting with the SIMs and a phone I purchased on Lexington Avenue from a phone repair shop.”
“What did you learn?” I asked.
She replied, “I can do regular calls on the mobile the bank provides. But I can do side calls on this other phone.”
I asked, “Do you call clients on the regular phone or the other phone?”
She said, “I use the special phone for special clients.”
Remember this was late 2005.
The article dated August 8, 2023, appeared 18 years after my learning how quickly bright young things can suck in an item of information and apply it to transferring information supposedly regulated by a US government agency. That’s when I decided my Arnold Law about people breaking the law when it is really easy one of my go-to sayings.
The write up stated:
U.S. regulators on Tuesday announced a combined $549 million in penalties against Wells Fargo and a raft of smaller or non-U.S. firms that failed to maintain electronic records of employee communications. The Securities and Exchange Commission disclosed charges and $289 million in fines against 11 firms for “widespread and longstanding failures” in record-keeping, while the Commodity Futures Trading Commission also said it fined four banks a total of $260 million for failing to maintain records required by the agency.
How long has a closely regulated sector like banking been “regulated”? A long time.
I want to mention that I have been talking about getting around regulations which require communication monitoring for a long time. In fact, in October 2023, at the Massachusetts / New York Association of Crime Analysts conference. In my keynote, I will update my remarks about Telegram and its expanding role in cyber and regular crime. I will also point out how these encrypted messaging apps have breathed new, more secure life into certain criminal activities. We have an organic ecosystem of online-facilitated crime, crime that is global, not a local stick up at a convenient store at 3 am on a rainy Thursday morning.
What does this news story say about regulatory action? What does it make clear about behavior in financial services firms?
I, of course, have no idea. Just like some of the regulatory officers at financial institutions and some regulatory agencies.
Stephen E Arnold, August 17, 2023
Wanna Be an AI Entrepreneur? Part 2
August 17, 2023
MIT digital-learning dean Cynthia Breazeal and Yohana founder Yoky Matsuoka have a message for their entrepreneurship juniors. Forbes shares “Why These 50 Over 50 Founders Say Beware of AI ‘Hallucination’.” It is easy to get caught up in the hype around AI and leap into the fray before looking. But would-be AI entrepreneurs must approach their projects with careful consideration.
An entrepreneur “listens” to the AI experts. The AI machine spews money to the entrepreneur. How wonderful new technology is! Thanks, MidJourney for not asking me to appeal this image.
Contributor Zoya Hansan introduces these AI authorities:
“‘I’ve been watching generative AI develop in the last several years,’ says Yoky Matsuoka, the founder of a family concierge service called Yohana, and formerly a cofounder at Google X and CTO at Google Nest. ‘I knew this would blow up at some point, but that whole ‘up’ part is far bigger than I ever imagined.’
Matsuoka, who is 51, is one of the 20 AI maestros, entrepreneurs and science experts on the third annual Forbes 50 Over 50 list who’ve been early adopters of the technology. We asked these experts for their best advice to younger entrepreneurs leveraging the power of artificial intelligence for their businesses, and each one had the same warning: we need to keep talking about how to use AI responsibly.”
The pair have four basic cautions. First, keep humans on board. AI can often offer up false information, problematically known as “hallucinations.” Living, breathing workers are required to catch and correct these mistakes before they lead to embarrassment or even real harm. The founders also suggest putting guardrails on algorithmic behavior; in other words, impose a moral (literal) code on one’s AI products. For example, eliminate racial and other biases, or refuse to make videos of real people saying or doing things they never said or did.
In terms of launching a business, resist pressure to start an AI company just to attract venture funding. Yes, AI is the hot thing right now, but there is no point if one is in a field where it won’t actually help operations. The final warning may be the most important: “Do the work to build a business model, not just flashy technology.” The need for this basic foundation of a business does not evaporate in the face of hot tech. Learn from Breazeal’s mistake:
“In 2012, she founded Jibo, a company that created the first social robot that could interact with humans on a social and emotional level. Competition with Amazon’s Alexa—which takes commands in a way that Jibo, created as a mini robot that could talk and provide something like companionship, wasn’t designed to do—was an impediment. So too was the ability to secure funding. Jibo did not survive. ‘It’s not the most advanced, best product that wins,’ says Breazeal. ‘Sometimes it’s the company who came up with the right business model and figured out how to make a profit.'”
So would-be entrepreneurs must proceed with caution, refusing to let the pull of the bleeding edge drag one ahead of oneself. But not too much caution.
Cynthia Murrell, August 17, 2023
The ISP Ploy: Heck, No, Mom. I Cannot Find My Other Sock?
August 16, 2023
Note: This essay is the work of a real and still-alive dinobaby. No smart software involved, just a dumb humanoid.
Before I retired, my team and I were doing a job for the US Senate. One day at lunch we learned that Google could not provide employment and salary information to a government agency housed in the building in which we were working. The talk, as I recall, was tinged with skepticism. If a large company issues paychecks and presumably files forms with the Internal Revenue Service, records about who and wages were available. Google allowed many people to find answers, but the company could not find its employment data. The way things work in Washington, DC, to the best of my recollection, a large company with considerable lobbying help and a flock of legal eagles can make certain processes slow. As staff rotate, certain issues get pushed down the priority pile and some — not everyone, of course — fade away.
A young teen who will mature into a savvy ISP tells his mom, “I can’t find my other sock. It is too hard for me to move stuff and find it. If it turns up, I will put it in the laundry.” This basic play is one of the keys to the success of the Internet Service Provider the bright young lad runs today. Thanks, MidJourney. You were back online and demonstrating gradient malfunctioning. Perhaps you need a bit of the old gain of function moxie?
I thought about this “inability” to deliver information when I read “ISPs Complain That Listing Every Fee Is Too Hard, Urge FCC to Scrap New Rule.” I want to focus on one passage in the article and suggest that you read the original report. Keep in mind my anecdote about how a certain big tech outfit handles some US government requests.
Here’s the snippet from the long source document:
…FCC order said the requirement to list “all charges that providers impose at their discretion” is meant to help broadband users “understand which charges are part of the provider’s rate structure, and which derive from government assessments or programs.” These fees must have “simple, accurate, [and] easy-to-understand name[s],” the FCC order said. “Further, the requirement will allow consumers to more meaningfully compare providers’ rates and service packages, and to make more informed decisions when purchasing broadband services. Providers must list fees such as monthly charges associated with regulatory programs and fees for the rental or leasing of modem and other network connection equipment,” the FCC said.
Three observations about the information in the passage:
- The argument is identical to that illustrated by the teen in the room filled with detritus. Crap everywhere makes finding easy for the occupant and hard for anyone else. Check out Albert Einstein’s desk on the day he died. Crap piled everywhere. Could he find what he needed? According to his biographers, the answer is, “Yes.”
- The idea that a commercial entity which bills its customers does not have the capacity to print out the little row entries in an accounting system is lame in my opinion. The expenses have to labeled and reported. Even if they are chunked like some of the financial statements crafted by the estimable outfits Amazon and Microsoft, someone has the notes or paper for these items. I know some people who could find these scraps of information; don’t you?
- The wild and crazy government agencies invite this type of corporate laissez faire behavior. Who is in charge? Probably not the government agency if some recent anti-trust cases are considered as proof of performance.
Net net: Companies want to be able to fiddle the bills. Period. Printing out comprehensive products and services prices reduces the gamesmanship endemic in the online sector.
Stephen E Arnold, August 16, 2023
AI and Increasing Inequality: Smart Software Becomes the New Dividing Line
August 16, 2023
Note: This essay is the work of a real and still-alive dinobaby. No smart software involved, just a dumb humanoid.
“Will AI Be an Economic Blessing or Curse?” engages is prognosticative “We will be sorry” analysis. Yep, I learned about this idea in Dr. Francis Chivers’ class about Epistemology at Duquesne University. Wow! Exciting. The idea is that knowing is phenomenological. Today’s manifestation of this mental process is in the “fake data” and “alternative facts” approach to knowledge.
An AI engineer cruising the AI highway. This branch of the road does not permit boondocking or begging. MidJourney disappointed me again. Sigh.
Nevertheless, the article makes a point I find quite interesting; specifically, the author invites me to think about the life of a peasant in the Middle Ages. There were some technological breakthroughs despite the Dark Ages and the charmingly named Black Death. Even though plows improved and water wheels were rediscovered, peasants were born into a social system. The basic idea was that the poor could watch rich people riding through fields and sometimes a hovel in pursuit of fun, someone who did not meet meet their quota of wool, or a toothsome morsel. You will have to identify a suitable substitute for the morsel token.
The write up points out (incorrectly in my opinion):
“AI has got a lot of potential – but potential to go either way,” argues Simon Johnson, professor of global economics and management at MIT Sloan School of Management. “We are at a fork in the road.”
My view is that the AI smart software speedboat is roiling the data lakes. Once those puppies hit 70 mph on the water, the casual swimmers or ill prepared people living in houses on stilts will be disrupted.
The write up continues:
Backers of AI predict a productivity leap that will generate wealth and improve living standards. Consultancy McKinsey in June estimated it could add between $14 trillion and $22 trillion of value annually – that upper figure being roughly the current size of the U.S economy.
On the bright side, the write up states:
An OECD survey of some 5,300 workers published in July suggested that AI could benefit job satisfaction, health and wages but was also seen posing risks around privacy, reinforcing workplace biases and pushing people to overwork.
“The question is: will AI exacerbate existing inequalities or could it actually help us get back to something much fairer?” said Johnson.
My view is not populated with an abundance of happy faces. Why? Here are my observations:
- Those with knowledge about AI will benefit
- Those with money will benefit
- Those in the right place at the right time and good luck as a sidekick will benefit
- Those not in Groups one, two, and three will be faced with the modern equivalent of laboring as a peasant in the fields of the Loire Valley.
The idea that technology democratizes is not in line with my experience. Sure, most people can use an automatic teller machine and a mobile phone functioning as a credit card. Those who can use, however, are not likely to find themselves wallowing in the big bucks of the firms or bureaucrats who are in the AI money rushes.
Income inequality is one visible facet of a new data flyway. Some get chauffeured; others drift through it. Many stand and marvel at rushing flows of money. Some hold signs with messages like “Work needed” or “Homeless. Please, help.”
The fork in the road? Too late. The AI Flyway has been selected. From my vantage point, one benefit will be that those who can drive have some new paths to explore. For many, maybe orders of magnitude more people, the AI Byway opens new areas for those who cannot afford a place to live.
The write up assumes the fork to the AI Flyway has not been taken. It has, and it is not particularly scenic when viewed from a speeding start up gliding on neural networks.
Stephen E Arnold, August 16, 2023
Wanna Be an AI Entrepreneur: Part 1, A How To from Crypto Experts
August 16, 2023
Note: This essay is the work of a real and still-alive dinobaby. No smart software involved, just a dumb humanoid.
For those looking to learn more about AI, venture capital firm Andreessen Horowitz has gathered resources from across the Internet for a course of study it grandly calls the “AI Canon.” It is a VCs dream curriculum in artificial intelligence. Naturally, the authors include a link to each resource. The post states:
“Research in artificial intelligence is increasing at an exponential rate. It’s difficult for AI experts to keep up with everything new being published, and even harder for beginners to know where to start. So, in this post, we’re sharing a curated list of resources we’ve relied on to get smarter about modern AI. We call it the ‘AI Canon’ because these papers, blog posts, courses, and guides have had an outsized impact on the field over the past several years. We start with a gentle introduction to transformer and latent diffusion models, which are fueling the current AI wave. Next, we go deep on technical learning resources; practical guides to building with large language models (LLMs); and analysis of the AI market. Finally, we include a reference list of landmark research results, starting with ‘Attention is All You Need’ — the 2017 paper by Google that introduced the world to transformer models and ushered in the age of generative AI.”
Yes, the Internet is flooded with articles about AI, some by humans and some by self-reporting algorithms. Even this curated list is a bit overwhelming, but at least it narrows the possibilities. It looks like a good place to start learning more about this inescapable phenomenon. And while there, one can invest in the firm’s hottest prospects we think.
Cynthia Murrell, August 16, 2023
Does Information Filtering Grant the Power to Control People and Money? Yes, It Does
August 15, 2023
Note: This essay is the work of a real and still-alive dinobaby. No smart software involved, just a dumb humanoid.
I read an article which I found interesting because it illustrates how filtering works. “YouTube Starts Mass Takedowns of Videos Promoting Harmful or Ineffective Cancer Cures.” The story caught my attention because I have seen reports that the US Food & Drug Administration has been trying to explain its use of language in the midst of the Covid anomaly. The problematic word is “quips.” The idea is that official-type information was not intended as more than a “quip.” I noted the explanations as reported in articles similar to “Merely Quips? Appeals Court Says FDA Denunciations of Iv$erm#ctin Look Like Command, Not Advice.” I am not interested in either the cancer or FDA intentions per se.
Two bright engineers built a “filter machine.” One of the engineers (the one with the hat) says, “Cool. We can accept a list of stop words or a list of urls on a watch list and block the content.” The other says, “Yes, and I have added a smart module so that any content entering the Info Shaper is stored. We don’t want to lose any valuable information, do we?” The fellow with the hat says, “No one will know what we are blocking. This means we can control messaging to about five billion people.” The co-worker says, “It is closer to six billion now.” Hey, MidJourney, despite your troubles with the outstanding Discord system, you have produced a semi-useful image a couple of weeks ago.
The idea which I circled in True Blue was:
The platform will also take action against videos that discourage people from seeking professional medical treatment as it sets out its health policies going forward.
I interpreted this to mean that Alphabet Google is now implementing what I would call editorial policies. The mechanism for deciding what content is “in bounds” and what content is “out of bounds” is not clear to me. In the days when there were newspapers and magazines and non-AI generated books, there were people of a certain type and background who wanted to work in departments responsible for defining and implementing editorial policies. In the days before digital online services destroyed the business models upon which these media depended were destroyed, the editorial policies operated as an important component of information machines. Commercial databases had editorial policies too. These policies helped provide consistent content based on the guidelines. Some companies did not make a big deal out of the editorial policies. Other companies and organizations did. Either way, the flow of digital content operated like a sandblaster. Now we have experienced 25 years of Wild West content output.
Why do II — a real and still alive dinobaby — care about the allegedly accurate information in “YouTube Starts Mass Takedowns of Videos Promoting Harmful or Ineffective Cancer Cures”? Here are three reasons:
- Control of information has shifted from hundreds of businesses and organizations to a few; therefore, some of the Big Dogs want to make certain they can control information. Who wants a fake cancer cure? Like other types of straw men, most people say yes to this type of filtering. A B testing can “prove” that people want this type of filtering I would suggest.
- The mechanisms to shape content have been a murky subject for Google and other high technology companies. If the “Mass Takedowns” write up is accurate, Google is making explicit its machine to manage information. Control of information in a society in which many people lack certain capabilities in information analysis and the skills to check the provenance of information are going to operate in a “frame” defined by a commercial enterprise.
- The different governmental authorities appear to be content to allow a commercial firm to become the “decider in chief” when it comes to information flow. With concentration and consolidation comes power in my opinion.
Is there a fix? No, because I am not sure that independent thinking individuals have the “horsepower” to redirect the direction the big machine is heading.
Why did I bother to write this? My hope is that someone start thinking about the implications of a filtering machine. If one does not have access to certain information like a calculus book, most people cannot solve calculus problems. The same consequence when information is simply not available. Ban books? Sure, great idea. Ban information about a medication? Sure, great idea. Ban discourse on the Internet? Sure, great idea.
You may see where this type of thinking leads. If you don’t, may I suggest you read Alexis de Tocqueville’s Democracy in America. You can find a copy at this link. (Verified on August 15, 2023, but it may be disappeared at any time. And if you can’t read it, you will not know what the savvy French guy spelled out in the mid 19th century.) If you don’t know something, then the information does not exist and will not have an impact on one’s “thinking.”
One final observation to young people, although I doubt I have any youthful readers: “Keep on scrolling.”
Stephen E Arnold, August 15, 2023
Sam AI-Man: A Big Spender with Trouble Ahead?
August 15, 2023
Note: This essay is the work of a real and still-alive dinobaby. No smart software involved, just a dumb humanoid.
$700,000 per day. That’s an interesting number if it is accurate. “ChatGPT In Trouble: OpenAI May Go Bankrupt by 2024, AI Bot Costs Company $700,000 Every Day” states that the number is the number. What’s that mean? First, forget salaries, general and administrative costs, the much-loved health care for humans, and the oddments one finds on balance sheets. (What was that private executive flight to Tampa Bay?)
A young entrepreneur realizes he cannot pay his employees. Thanks, MidJourney, whom did you have in your digital mind?
I am a dinobaby, but I can multiply. The total is $255,500,000. I want to ask about money (an investment, of course) from Microsoft, how the monthly subscription fees are floating the good ship ChatGPT, and the wisdom of hauling an orb to scan eyeballs from place to place. (Doesn’t that take away from watching the bourbon caramel cookies reach their peak of perfection? My hunch is, “For sure.”)
The write up reports:
…the shift from non-profit to profit-oriented, along with CEO Sam Altman’s lack of equity ownership, indicates OpenAI’s interest in profitability. Although Altman might not prioritize profits, the company does. Despite this, OpenAI hasn’t achieved profitability; its losses reached $540 million since the development of ChatGPT.
The write up points out that Microsoft’s interest in ChatGPT continues. However, the article observes:
Complicating matters further is the ongoing shortage of GPUs. Altman mentioned that the scarcity of GPUs in the market is hindering the company’s ability to enhance and train new models. OpenAI’s recent filing for a trademark on ‘GPT-5’ indicates their intention to continue training models. However, this pursuit has led to a notable drop in ChatGPT’s output quality.
Another minor issue facing Sam AI-Man is that legal eagles are circling. The Zuck dumped his pet Llama as open source. And the Google and Googley chugs along and Antropic “clawed” into visibility.
Net net: Sam AI-Man may find that he will an opportunity to explain how the dial on the garage heater got flipped from Hot to Fan Only.
Stephen E Arnold, August 15, 2023
Will the US Take Action against Google? Yes, Just Gentle Action It Seems
August 15, 2023
Note: This essay is the work of a real and still-alive dinobaby. No smart software involved, just a dumb humanoid.
After several years of preparation, the DOJ has finally gotten its case against Google before the US District Court for DC only to have the judge drastically narrow its scope.
A brave young person confronts a powerful creature named Googzilla. The beastie just lumbers forward. MidJourney does nice dinosaurs.
Ars Technica reports, “In Win for Google, Judge Dismisses Many Claims in DOJ Monopoly Case.” We learn:
“In his opinion unsealed Friday, Judge Amit Mehta dismissed one of the more significant claims raised in the case brought by the Justice Department and the attorneys general from 38 states that alleges that Google rigged search results to boost its own products over those of competitors like Amazon, OpenTable, Expedia, or eBay. Mehta said that these claims were ‘raised only by the Colorado plaintiffs’ and failed to show evidence of anticompetitive effects, relying only on the ‘opinion and speculation’ of antitrust legal expert Jonathan Baker, who proposed a theory of anticompetitive harm.”
Hmm, interesting take. Some might assert the anticompetitive harm is self-evident here. But wait, there’s more:
“On top of dropping claims about the anticompetitive design of Google search results, the court ‘also dismissed allegations about Google’s Android Compatibility Agreements, Anti-Fragmentation Agreements, Google Assistant, Internet of Things Devices, and Android Open Source Project,’ Google’s blog noted.”
So what is left? Just the allegedly anticompetitive agreements with Android and certain browsers to make Google their default search engine which, of course, helped secure a reported 94 percent of the mobile search market for the company. Despite Judge Mehta’s many dismissals, Colorado Attorney General Phil Weiser is just pleased Google was unable to stop the case altogether. Now all that remains to be seen is whether Google will receive a slap on the wrist or a pat on the back for its browser shenanigans.
Cynthia Murrell, August 15, 2023
Killing Horses? Okay. Killing Digital Information? The Best Idea Ever!
August 14, 2023
Note: This essay is the work of a real and still-alive dinobaby. No smart software involved, just a dumb humanoid.
Fans at the 2023 Kentucky Derby were able to watch horses killed. True, the sport of kings parks vehicles and has people stand around so the termination does not spoil a good day at the races. It seems logical to me that killing information is okay too. Personally I want horses to thrive without brutalization with mint juleps, and in my opinion, information deserves preservation. Without some type of intentional or unintentional information, what would those YouTuber videos about ancient technology have to display and describe?
“In the Age of Culling” — an article in the online publication tedium.co — I noted a number of ideas which resonated with me. The first is one of the subheads in the write up; to wit:
CNet pruning its content is a harbinger of something bigger.
The basic idea in the essay is that killing content is okay, just like killing horses.
The article states:
I am going to tell you right now that CNET is not the first website that has removed or pruned its archives, or decided to underplay them, or make them hard to access. Far from it.
The idea is that eliminating content creates an information loss. If one cannot find some item of content, that item of content does not exist for many people.
I urge you to read the entire article.
I want to shift the focus from the tedium.co essay slightly.
With digital information being “disappeared,” the cuts away research, some types of evidence, and collective memory. But what happens when a handful of large US companies effectively shape the information training smart software. Checking facts becomes more difficult because people “believe” a machine more than a human in many situations.
Two girls looking at a museum exhibit in 2028. The taller girl says, “I think this is what people used to call a library.” The shorter girl asks, “Who needs this stuff. I get what I need to know online. Besides this looks like a funeral to me.” The taller girl replies, “Yes, let’s go look at the plastic dinosaurs. When you put on the headset, the animals are real.” Thanks MidJourney for not including the word “library” or depicting the image I requested. You are so darned intelligent!
Consider the power information filtering and weaponizing conveys to those relying on digital information. The statement “harbinger of something bigger” is correct. But if one looks forward, the potential for selective information may be the flip side of forgetting.
Trying to figure out “truth” or “accuracy” is getting more difficult each day. How does one talk about a subject when those in conversation have learned about Julius Caesar from a TikTok video and perceive a problem with tools created to sell online advertising?
This dinobaby understands that cars are speeding down the information highway, and their riders are in a reality defined by online. I am reluctant to name the changes which suggest this somewhat negative view of learning. One believes what one experiences. If those experiences are designed to generate clicks, reduce operating costs, and shape behavior — what’s the information landscape look like?
No digital archives? No past. No awareness of information weaponization? No future. Were those horses really killed? Were those archives deleted? Were those Shakespeare plays removed from the curriculum? Were the tweets deleted?
Let’s ask smart software. No thanks, I will do dinobaby stuff despite the efforts to redefine the past and weaponize the future.
Stephen E Arnold, August 14, 2023
Microsoft and Russia: A Convenient Excuse?
August 14, 2023
Note: This essay is the work of a real and still-alive dinobaby. No smart software involved, just a dumb humanoid.
In the Solarwinds’ vortex, the explanation of 1,000 Russia hackers illuminated a security with the heat of a burning EV with lithium batteries. Now Russian hackers have again created a problem. Are these Russians cut from the same cloth as the folks who have turned a special operation into a noir Laurel & Hardy comedy routine?
users in Microsoft Teams chatrooms, pretending to be from technical support. In a blog post [August 2, 2023], Microsoft researchers called the campaign a “highly targeted social engineering attack” by a Russia-based hacking team dubbed Midnight Blizzard. The hacking group, which was previously tracked as Nobelium, has been attributed by the U.S. and UK governments as part of the Foreign Intelligence Service of the Russian Federation.
Isn’t this the Russia producing planners who stalled a column of tanks in its alleged lightning strike on the capital of Ukraine? I think this is the country now creating problems for Microsoft. Imagine that.
The write up continues:
For now, the fake domains and accounts have been neutralized, the researchers said. “Microsoft has mitigated the actor from using the domains and continues to investigate this activity and work to remediate the impact of the attack,” Microsoft said. The company also put forth a list of recommended precautions to reduce the risk of future attacks, including educating users about “social engineering” attacks.
Let me get this straight. Microsoft deployed software with issues. Those issues were fixed after the Russians attacked. The fix, if I understand the statement, is for customers/users to take “precautions” which include teaching obviously stupid customers/users how to be smart. I am probably off base, but it seems to me that Microsoft deployed something that was exploitable. Then after the problem became obvious, Microsoft engineered an alleged “repair.” Now Microsoft wants others to up their game.
Several observations:
- Why not cut and paste the statements from Microsoft’s response to the SolarWinds’ missteps. Why write the same old stuff and recycle the tiresome assertion about Russia? ChatGPT could probably help out Microsoft’s PR team.
- The bad actors target Microsoft because it is a big, overblown system/products with security that whips some people into a frenzy of excitement.
- Customers and users are not going to change their behaviors even with a new training program. The system must be engineered to work in the environment of the real-life users.
Net net: The security problem can be identified when Microsofties look in a mirror. Perhaps Microsoft should train its engineers to deliver security systems and products?
Stephen E Arnold, August 14, 2023
-
- Subscribe to Beyond Search
Feature archive
News archive
-
