Internet Routing: Worth Noting

December 13, 2017

Short honk: I read “Major Traffic Destinations Rerouted to Russia.” The main idea is that an event routed traffic to Russia. Worth noting if you are interested in cyber operations. Monitoring is practiced in many locations and countries. Traffic flow routes are important for some operations.

Stephen E Arnold, December 13, 2017

Mitsubishi: Careless Salarymen or Spreadsheet Fever?

November 27, 2017

I read “Mitsubishi Materials Says Over 200 Customers Could be Affected by Data Falsification.” Source of the story is Thomson Reuters, a real news outfit, in my opinion.

The main point of the story is to reveal that allegedly false data were used to obfuscate the fact that 200 customers may have parts which do not meet requirements for load bearing, safety, or durability.

When I was in college, I worked in the Keystone Steel & Wire Company’s mill in Illinois. I learned that the superintendent enforced on going checks for steel grades. I learned that there is a big difference between the melt used for coat hanger wire and the melt for more robust austenitic steel. Think weapons or nuclear reactor components made of coat hanger steel.

Mislabeling industrial components is dangerous. Planes can fall from the sky. Bridges can collapse. Nuclear powered submarines can explode. Or back flipping robots to crush Softbank/Boston Dynamic cheerleaders and an awed kindergarten class.

Reuters calls this a “quality assurance and compliance scandal.” That’s a nicer way to explain the risks of fake data, but not even Reuters’ olive oil based soft soap can disguise the fact that distortion is not confined to bogus information in intelligence agency blog posts.

Online credibility is a single tile in a larger mosaic of what once was assumed to be the norm: Ethical behavior.

Without common values regarding what’s accurate and what’s fake, the real world and its online corollary are little more than video game or Hollywood comic book films.

Silicon Valley mavens chatter about smart software which will recognize fake news. How is that working out? Now about the crashworthiness of the 2018 automobiles?

I think the problem is salarymen, their bosses, and twiddling with outputs from databases and Excel in order to make the numbers “flow.”

Stephen E Arnold, November 27, 2017

KFC: Colonel Faraday Sanders Is Not Online

November 26, 2017

I am proud to live in Kentucky. We have the University of Louisville occupying investigators’ time and energy. We have the exciting West End, which generates quite a bit of news each week. We have the Kentucky Fried Chicken (yum, yum, yum) Faraday cage milestone.

Here in Harrod’s Creek, the gang of geriatric squirrel hunters usually talks about Senator Mitch McConnell’s struggles or the Rand Paul fight with his neighbor. This morning, one of the tobacco chewing professionals drew my attention to “KFC Offering $10K ‘Internet Escape Pod’ Ahead of Cyber Monday.”

I am okay with the notion of Faraday cages, bags, and rooms. I have a Faraday bag myself. I stick my mobile phone in the bag and enjoy annoyance free drives to and from Lexington. (I use the UK library, gentle reader. The U of L makes me nervous when I think of the late, lamented president, the most wonderful basketball coach in the world, and an athletic director whose income makes some investment bankers envious.)

The write up informed me:

KFC’s Escape Pod is just one of several items the chicken chain made available on its new KFC Ltd. online shopping platform, which launched in July. Another collection of merchandise will reportedly be made available in early December, when it will become even more apparent that the executives at KFC have lost all interest in selling us chicken anymore.

What’s this $10,000 item look like? Here you go:


Kentucky deserves its reputation as an innovation center.

Nothing like a Faraday tent to make your chicken eating free of mobile phone calls. It also prevents an owner from uploading a picture of this odd ball product to Facebook.

Well, maybe not. KFC is making Kentucky great again!

Stephen E Arnold, November 26, 2017

Amazon: The New Old AT&T

November 22, 2017

I read “AWS Launches a Secret Region for the U.S. Intelligence Community.” The write up does a reasonable job of explaining that Amazon has become a feisty pup in the Big Dog in the upscale Potomac Fever Kennels.

The main idea, as I understand it, is that Amazon is offering online services tailored to agencies with requirements for extra security. Google is trying to play in this dog park as well, but Amazon seems to have the moxie to make headway.

I would point out that there are some facets to the story which a “real” journalist or a curious investor may want to explore; specifically:

  • AT&T of Ashburn fame may be feeling that the attitude of the Amazon youthful puppy AWS is bad news. AT&T with its attention focused on the bright lights of big media may be unable to deal with Amazon’s speed, agility, and reflexes. If this is accurate, this seemingly innocuous announcement with terms like “air gap” may presage a change in the fortunes of AT&T.
  • IBM Federal Systems, the traffic disaster in Gaithersburg, may feel the pinch as well. What happens if the young pup begins to take kibble from that Beltway player? A few acquisitions here and few acquisitions there and suddenly Amazon can have its way because the others in the kennel know that an alpha dog with tech savvy can be a problem?
  • The consulting environment may also change. For decades, outfits like my former employer, the Boozer, have geared up to bathe, groom, and keep healthy the old school online giants like AT&T, Verizon, et al. Now new skills sets may be required for the possible Big Dog. Where will Amazon “experts” come from? Like right now, gentle reader.

In short, this article states facts. But like many “real” news stories, there are deeper and possibly quite significant changes taking place. I wonder if anyone cares about these downstream changes.

Leftover telecom turkey anyone?

Stephen E Arnold, November 22, 2017

The Underside of the Internet, Just Slightly Off Base

October 11, 2017

Deutsche Welle ran a story about the Dark Web called “Darknet, The Shady Internet.” I found the approach interesting. Let me mention that I am the author of Dark Web Notebook, a guide for law enforcement and intelligence professionals. (Information about the Notebook is at this link.) I don’t want to work pedantically through the write up, pointing out issues I have with some of the assertions. I do want to highlight the conclusion of the article. DW points out that LE and intel professionals have to use methods which seem to be less than elegant. Here’s the passage I highlighted:

So what can police, federal law enforcement officials, secret police and international crime-fighting networks do to combat the darknet? Some tactics are surprisingly old fashioned. One is to purchase an illegal item from a darknet marketplace and then analyze the package and its contents when it comes in the mail. With enough data, police can hone in on the package’s source. Another tactic is to build rapport with the site’s owner, say a drug dealer, and to request a real-life meeting to exchange the goods.

I would point out that there are a number of companies which offer specialized products and services to assist LE and intel professionals with Dark Web investigations. These range from the Google and In-Q-Tel funded Recorded Future to the less well known Terbium Labs. There are other companies as well, and I profile a number of them in Dark Web Notebook.

I am surprised that the DW invested modest effort in its write up. Dark Web content is a tiny fraction of data available online. Nevertheless, as censorship in countries and at such firms as Facebook, Google, and Twitter-type companies increases, the Dark Web will experience some growth despite the hurdles the Dark Web puts in front of users.

I would point out that in the Dark Web Notebook we recount  an anecdote involving a German policeman who explored the Dark Web and found himself caught in a digital bear trap. Thus, knowledge of the sophisticated tools available to LE and intel professionals is important. Leaving these out of an article from a respected “news” organization underscores the need for a bit more attention to detail and context.

Stephen E Arnold, October 11, 2017

Search and Privacy: A Quick Update

October 3, 2017

In my files, I had a copy of “Duck Duck Go: Illusion of Privacy.” This document comments on the hurdles a public Web search system must jump over in order to deliver privacy. You can find the write up at this link. If you want to test some privacy-oriented search systems, there are some alternatives. I am not endorsing these outfits; I am passing along some links because within the last couple of years I learned that privacy is part of the marketing for these systems: [a] Ixquick which is now Startpage at This is a metasearch engine which means that the user’s query is passed (in theory anonymously to Bing, Google, Yandex, et al). [b] (Note that this European service asserts “strong privacy.” The link is  [c] Gibiru service ( emphasizes anonymous search. Gibiru provides a link to the Firefox Anonymox plug in. But the most recent version of Firefox has been tricky for us, however. My personal view on search anonymization is that when I research my books about cyberosint, the Dark Web, and eDiscovery for cyber intelligence, I assume that I have a number of individuals thrilled with the sites we uncover, write up, and describe in our lectures and webinars. In short, I avoid trying to be “tricky” because I can explain the thousands of queries we run about many exciting topics. See for a sampler.

Stephen E Arnold, October 3, 2017

Facebook: A Pioneer in Bro-giveness?

October 2, 2017

The write up “Mark Zuckerberg Asks for Forgiveness from ‘Those I Hurt This Year’ in Yom Kippur Message” surprised me. In my brief encounters with Silicon Valley “bros”, I cannot recall too many apologies or apologetic moments. My first thought was, “Short circuit somewhere.”

The Verge article explained to me:[Mark Zuckerberg, founder of Facebook] publicly asked for forgiveness for those I hurt this year.

I thought online companies were like utilities. Who gets excited if a water main breaks drowns an elderly person’s parakeet? Who laments when a utility pole short circuits a squirrel? Who worries if an algorithm tries to sell me an iPhone when I am an Android-type senior citizen?

I noted this statement:

Zuckerberg acknowledged that Facebook has had a divisive effect on the country, and that he’ll work to do better in the coming year.

I like New Year’s resolutions.

The write up quotes another Silicon Valley source which I sometimes associate with enthusiasm for what’s new and “important”:

Facebook itself needs to do better to improve its efforts in combating the spread of false information and abuse that appears throughout its platform. It and other social media sites have often touted themselves as a neutral platforms for all ideas and beliefs, but underestimate how these ideals can be undermined, which led to tangible impacts in the real world. Zuckerberg may be sincere in his intentions, but the company he founded needs to follow through on them.

Follow through? Okay.

I think of this commitment to do better as the Silicon Valley equivalet of the New Yorker’s breezy, “Let’s have lunch.”

Is bro-giveness is a disruptive approach to forgoveness? If it is, click the Like button.

Stephen E Arnold, October 2, 2017

Silicon Valley and the Butterflies

September 24, 2017

I read “The Tide Is Starting to Turn Against the World’s Digital Giants.” The idea is that those butterfly wings in Brazil can whip up Irma in Miami. Maybe? Maybe not? “Real” journalists have been paddling their canoes away from a whirlpool for decades.

Their efforts, like those sucked into the digital maws of the evil “Internet” have not gone well. The Guardian newspaper, itself whipped by one digital transformation after another, wants the old order restored. The idea is that “real” journalists and other “intermediaries” were gatekeepers. Now the distributed technologies have replaced the “old” gatekeepers with “new” gatekeepers. Oh, the “real” journalists sign, “We want to be Facebook. We were you know.”

The write up explains that the information satans are about to get their comeuppance. About time, I think the write up suggests.

I noted these comments in the “real” news write up:

[a] Multimillion fines are just the start for Facebook and Google, as the world comes to realize how political big tech has become [a piñata? Satan’s right hand? the destroyer of “real” news? Sentence fragments invite completion even when they appear in the Guardian newspaper]

[b] What’s more interesting are various straws in the wind that show how digital behemoths are losing their shine. Many of these relate to Brexit and the election of Donald Trump, and to the dawning of a realization that Google and Facebook in particular may have played some role in these political earthquakes.

[c] What we’ve come to understand over the last two years is that, to coin a slogan, the technical is political.

I find it interesting that the intellectual touchstone for the write up is not the history book but Buzzfeed. Yep, Buzzfeed, a love child of the Guardian in spirit perhaps?

Ah, “real” journalism. Bashing successful companies is effective with a digital information service as one’s inspiration.

Stephen E Arnold, September 24, 2017

Security: Whom Does One Trust?

September 19, 2017

I read “The Market Can’t – and Won’t – Deal with IT Security, It Must Be Regulated, Argues Bruce Schneier.” The write up is about online, which is of interest to me. I found the summary of the remarks of Bruce Schneier, a security expert, interesting.

The main point is that government must regulate security. I highlighted this passage:v”The market can’t fix this. Markets work because buyers choose between sellers, and sellers compete for buyers. In case you didn’t notice, you’re not Equifax’s customer. You’re its product.

Several questions occurred to me:

  1. Which government? Maybe the United Nations?
  2. What’s the enforcement mechanism? Is after-the-fact “punishment” feasible?
  3. What’s the end point of security regulation?

Here in rural Kentucky security boils down to keeping an eye on the two brothers who live in a broken down trailer next to the crazy people who have a collection of wild animals. The wild animals are less threatening than these fine examples of Appalachian oak.

In the larger world which includes a number of nation states which are difficult to influence, how are the regulations to be enforced. What if one of these frisky nation states is behind the headline making security breaches?

Answers to this question are likely to be cause for discussion. Talk is easy. Remediation may be a bit more difficult. Perhaps the barn has burned and the horses already converted to glue and dog food?

Fixes are hard. Talk, well, just talk.

Stephen E Arnold, September 19, 2017

Bing and Google: The News Battle

September 15, 2017

I read “Bing Battles Google News with Its Own Make-Over.” I noted the alliteration: Bing battle. I immediately thought, “Google Gropes.” Both of these companies are trying to reinvent the newspaper using zeros and ones, not dead trees. Let’s look at some of the points I highlighted:

I noted this statement everyone’s most lovable online ad vendor:

Google redesigned their desktop Google News website. Their [sic] new UI has a clean and uncluttered look.

Microsoft responded. I circled this statement:

Microsoft recently updated their Bing News experience that will help users in finding the most up to date and well-rounded information.

Note that the pivot of both sentences is a subjective assertion: “Clean and uncluttered” for the GOOG, and “most up to date and well rounded.”

Some facts would be useful. I am not sure what “clean” or “uncluttered” means. My recollection is that Einstein’s desk like most “dead tree” newspapers are organized in an eclectic manner. Facts supporting these assertions might be difficult to conjure.

The “most up to date” statement should be easy to back up. What’s the latency of the system? The superlative “most” means that Bing is the top dog in news. Hmmm. I don’t buy this.

My point is that the write up provides a useful idea: Neither Bing nor Google has figured out how to present “news” to each system’s online users. The implicit idea is that “dead tree” methods are of little use. Inspiration comes from each system’s response to what the other system does.

Cold War methods applied to online “news”? That’s what the write signals me.

Let’s step back.

Online users have different reasons for wanting news. Some folks chase sports, which as I recall was the most read section of the “dead tree” newspaper company at which I once worked. Other people have quite different reasons for scanning the news; for example, there are some who read the obituaries, others seek cartoons, and others want the latest on the real housewives.

Bing and Google have to figure out how to meet these diverse needs because the “dead tree” crowd has fallen in the forest.

The write up tells me one thing: Neither Google nor Microsoft has any idea about reinventing what “dead tree” newspapers used to do.

Now what? Shape the news to fit what each company’s filters “decide” is “real news”?

Stephen E Arnold, September 15, 2017

Next Page »

  • Archives

  • Recent Posts

  • Meta