DarkCyber for February 23, 2021 Is Now Available

February 23, 2021

DarkCyber, Series 3, Number 4 includes five stories. The first summarizes the value of an electronic game’s software. Think millions. The second explains that Lokinet is now operating under the brand Oxen. The idea is that the secure services’ offerings are “beefier.” The third story provides an example of how smaller cyber security startups can make valuable contributions in the post-SolarWinds’ era. The fourth story highlights a story about the US government’s getting close to an important security implementation, only to lose track of the mission. And the final story provides some drone dope about the use of unmanned aerial systems on Super Bowl Sunday as FBI agents monitored an FAA imposed no fly zone. You could download the video at this url after we uploaded it to YouTube.

But…

YouTube notified Stephen E Arnold that his interview with Robert David Steele, a former CIA professional, was removed from YouTube. The reason was “bullying.” Mr. Arnold is 76 or 77, and he talked with Mr. Steele about the Jeffrey Epstein allegations. Mr. Epstein was on the radar of Mr. Steele because the legal allegations were of interest to an international tribunal about human trafficking and child sex crime. Mr. Steele is a director of that tribunal. Bullying about a deceased person allegedly involved in a decades long criminal activity? What? 

What’s even more interesting is that the DarkCyber videos, which appear every 14 days focus on law enforcement, intelligence, and cyber crime issues. One law enforcement professional told Mr. Arnold after his Dark Web lecture at the National Cyber Crime Conference in 2020, you make it clear that investigators have to embrace new technology and not wait for budgets to accommodate more specialists.

Mr. Arnold told me that he did not click the bright red button wanting Google / YouTube to entertain an appeal. I am not certain about his reasoning, but I assume that Mr. Arnold, who was an advisor to the world’s largest online search system, was indifferent to the censorship. My perception is that Mr. Arnold recognizes that Alphabet, Google, and YouTube are overwhelmed with management challenges, struggling to figure out how to deal with copyright violations, hate content, and sexually related information. Furthermore, Alphabet, Google, and YouTube face persistent legal challenges, employee outcries about discrimination, and ageing systems and methods.

What does this mean? In early March 2021, we will announce other video services which will make the DarkCyber video programs available.

The DarkCyber team is composed of individuals who are not bullies. If anything, the group is more accurately characterized as researchers and analysts who prefer the libraries of days gone by to the zip zip world of thumbtypers, smart software, and censorship of content related to law enforcement and intelligence professionals.

Mr. Arnold was discussing online clickfraud at lunch next week. Would that make an interesting subject for a DarkCyber story? With two firms controlling more than two thirds of the online advertising, click fraud is a hot potato topic. How does it happen? What’s done to prevent it? What’s the cost to the advertisers? What are the legal consequences of the activity?

Kenny Toth, February 23, 2021

Microsoft GitHub Goodie: Social Profile Finder

February 22, 2021

Do you want to locate the social media profile of a person? How about locating that social media profile across several hundred online services? Sounds good, doesn’t it? You can try this open source tool by navigating to Social Analyzer, downloading the code, and reading the documentation. Is this open source software as good as some of the tools available from specialized service providers? The answer is, “In some situations, it’s close enough to horseshoes.” The GitHub information says:

This project is “currently used by some law enforcement agencies in countries where resources are limited”.

Do some commercial specialized services providers charge their customers for access to this tool? Does Vladimir Putin have a daughter who is an expert dancer?

There are some interesting functions in this open source package; for example:

  • Email detection
  • Use of OCR to make sense of content in images
  • String and entity name analysis.

Having a user name and password for each system may come in handy as well. Microsoft is a helpful outfit in some ways.

Stephen E Arnold, February 22, 2021

Amazon: Putting Eyes on Humans

February 17, 2021

Amazon may have a new driver at the controls of the Bezos bulldozer, but the big orange machine keeps pushing monitoring technology. “Amazon’s Driver Monitoring App Is an Invasive Nightmare” does not like the system the online bookstore uses to keep an eye on human delivery drivers. The write up states:

Mentor is made by eDriving, which describes the app on its website as a “smartphone-based solution that collects and analyzes driver behaviors most predictive of crash risk and helps remediate risky behavior by providing engaging, interactive micro-training modules delivered directly to the driver in the smartphone app.”

From my tumble down shack in rural Kentucky, the Bezos bulldozer seems to be using technology from an outfit called eDriving. There are several options available to the online bookstore. Amazon can continue to pay eDriving. Amazon can clone the system. Amazon can acquire the company, people, or technology.

Based on my on-going research into Amazon’s surveillance capabilities, the enhanced cameras, the online hook to the AWS mothership, and the use of third-parties to nudge monitoring forward is still in its early days. Amazon moves slowly and in a low profile way. Most law enforcement and intelligence organizations observe Amazon the way a tourist does a turtle in the Galapagos: Check out where the turtle is after breakfast and then note that the darned thing moved behind a rock a few fee away by noon. No big deal. Turtles move, right? Turtles are not gazelles, right?

Several observations:

  1. Amazon chugs along in a sprightly manner behind the curtain separating public use of a system like Mentor
  2. Amazon time makes it difficult for some observers to note significant change in a system or technology
  3. The trick to figuring out where Amazon is headed in surveillance systems is to step back and observe the suite of systems.

What does one learn?

How about Amazon as the plumbing for many of the widely used policeware and intelware systems? Who knew that Palantir Technologies is a good Amazon customer? Maybe not IBM which inked a deal with the chipper Denver based “ride ‘em cowboy” policeware firm.

How useful would Amazon’s monitoring technology be if connected to a Palantir content intake system? My guess is that it would be quite useful, and it would require the Amazon cloud to work. What’s that mean for cloud competitors like Google, IBM, and Microsoft?

Amazon’s policeware and intelware approach is a lock in dream. Where could a Mentor-type system be useful to investigators?

Sorry. I can’t think of a single use case. Ho ho ho.

Stephen E Arnold, February 17, 2021

A Tattoo Can Monitor Your Brainwaves

February 17, 2021

Most tattoos are works of art, but some people inject ink into their skin for medical reasons. Medical tattoos often list allergies or say “DNR” (do not resuscitate) on a person’s chest. Digital Trends share that a new type of tattoo ink can monitor brainwaves in the article: “This Game-Changing Graphene Tattoo Can Continuously Monitor Your Brainwaves.”

Brain Scientific, Inc. was founded by Baruch “Boris” Goldstein and specializes in special tattoos. These tattoos are inked on your head with a special grapheme ink, so they can monitor brainwaves. Here is a more accurate description:

“To be clear, Brain Scientific’s new Brain E-Tattoo doesn’t resemble any piece of ink you’ve seen before. It’s a small patch, about the size of a postage stamp that looks, for all intents and purposes, like a microchip wafer affixed above the ear of the wearer. While the company uses the word “tattoo” to describe it, it’s more accurately referred to as a minimally invasive, implantable, 4-channel, micro electroencephalography (EEG) with grapheme electrodes for continuous brain monitoring. And there’s a chance this bit of cyborg tech could one day help save your life.”

The idea is that the grapheme-based electrodes will be connected to a micro EEG to analyze brain patterns and alert you to abnormal brain patterns like seizures and Alzheimer’s.

Brain Scientific specializes in AI technology, but they transitioned into hardware when they could not find the right tools. Goldstein wants the grapheme tattoo to eventually replace EEG headsets and continuously monitor brain activity. With the recorded brain activity, medical professionals can observe how any changes differ from past neurological data. The grapheme tattoo can also monitor other body functions.

Grapheme tattoos may one day be programmed to download information directly into your brain. Companies like Apple, Facebook, and Google will have different grapheme tattoo types and sell exclusive content. How long before those get on the market?

Whitney Grace, February 17, 2021

IBM Acknowledges That Palantir Technologies Is Winning the Battle for Policeware and Intelware

February 9, 2021

I read “Palantir Surges on Deal to Offer Software through IBM.” Yep, the new IBM has apparently accepted reality: Its i2 Analysts Notebook products aren’t the powerhouses they were when Mike Hunter’s company was the go-to policeware and intelware product.

According to the “real” news outfit Bloomberg:

Palantir Technologies Inc. and International Business Machines Corp.are uniting in a partnership that will dramatically expand the reachof Palantir’s sales force while making IBM’s ownartificial-intelligence software easier for non-technical customers touse…

Why? The write up reveals:

Without providing a time frame, Thomas [IBM wizard] said he expects the partnershipto help boost IBM’s customers using AI to 80% from its current 20%. Palantir Chief Operating Officer Shyam Sankar said the technical fitwith IBM and its reach are part of his company’s long-term effort tofinally ramp sales. In addition to commercial customers, governmentcontracts have surged both in number and size during the pandemic. “This is the biggest [partnership] we’ve announced — expectmore,” Sankar said. He said he expects to triple Palantir’sdirect-sales team to about 100 this year, a significant hike for acompany whose management once prided itself on not employing a singlesalesperson.

A couple of minor points:

  • Anyone remember the litigation between Palantir and i2 about intellectual property? Of course not.
  • What Palantir executives were named in the i2 litigation? (This is a really good question by the way?)
  • Do the Palantir solutions generate really happy licensees?
  • How do the former i2 professionals perceive this tie up?
  • How will the deal impact Palantir’s present cloud services providers?

These are questions which “real” news entities do not ask or answer.

Stephen E Arnold, February 9, 2021

Mobile and Social Media Users: Check Out the Utility of Metadata

January 15, 2021

Policeware vendors once commanded big, big bucks to match a person of interest to a location. Over the last decade prices have come down. Some useful products cost a fraction of the industrial strength, incredibly clumsy tools. If you are thinking about the hassle of manipulating data in IBM or Palantir products, you are in the murky field of prediction. I have not named the products which I think are the winners of this particular race.

image

Source: https://thepatr10t.github.io/yall-Qaeda/

The focus of this write up is the useful information derived from the deplatformed Parler social media outfit. An enterprising individual named Patri10tic performed the sort of trick which Geofeedia made semi famous. You can check the map placing specific Parler uses in particular locations based on their messages at this link. What’s the time frame? The unusual protest at the US Capitol.

The point of this short post is different. I want to highlight several points:

  1. Metadata can be more useful than the content of a particular message or voice call
  2. Metadata can be mapped through time creating a nifty path of an individual’s movements
  3. Metadata can be cross correlated with other data. (If you attended one of my Amazon policeware lectures, the cross correlation figures prominently.)
  4. Metadata can be analyzed in more than two dimensions.

To sum up, I want to remind journalists that this type of data detritus has enormous value. That is the reason third parties attempt to bundle data together and provide authorized users with access to them.

What’s this have to do with policeware? From my point of view, almost anyone can replicate what systems costing as much as seven figures a year or more from their laptop at an outdoor table near a coffee shop.

Policeware vendors want to charge a lot. The Parler analysis demonstrates that there are many uses for low or zero cost geo manipulations.

Stephen E Arnold, January 15, 2021

The Many Ways Police Can Access User Data

January 14, 2021

We hope that by now, dear reader, you understand digital privacy is an illusion. For those curious about the relationship between big tech, personal data, and law enforcement, we suggest “How Your Digital Trials Wind Up in the Hands of the Police,” shared by Ars Technica. The article, originally published by Wired, begins by describing how police used a Google keyword warrant to track down one high-profile suspect. We’re reminded that data gathered for one ostensible purpose, like building an online profile, can be repurposed as evidence. From the smart speakers and wearable devices that record us to apps that track location and other data, users are increasingly signing away their privacy rights. Writer Sidney Fussell notes:

“The problem isn’t just any individual app, but an over-complicated, under-scrutinized system of data collection. In December, Apple began requiring developers to disclose key details about privacy policies in a ‘nutritional label’ for apps. Users ‘consent’ to most forms of data collection when they click ‘Agree’ after downloading an app, but privacy policies are notoriously incomprehensible, and people often don’t know what they’re agreeing to. An easy-to-read summary like Apple’s nutrition label is useful, but not even developers know where the data their apps collect will eventually end up.”

Amid protests over policing and racial profiling, several tech companies are reevaluating their cooperation with law enforcement. Amazon hit pause on sales of facial recognition tech to police even as it noted an increase in requests for user data by law enforcement. Google vowed to focus on better representation, education, and support for the Black community. Even so, it continues to supply police with data in response to geofence warrants. These requests are being made of Google and other firms more and more often. Fussell writes:

“As with keyword warrants, police get anonymized data on a large group of people for whom no tailored warrant has been filed. Between 2017 and 2018, Google reported a 1,500 percent increase in geofence requests. Apple, Uber, and Snapchat also have received similar requests for the data of a large group of anonymous users. … These warrants allow police to rapidly accelerate their ability to access our private information. In some cases, the way apps collect data on us turns them into surveillance tools that rival what police could collect even if they were bound to traditional warrants.”

Civil rights groups are pushing back on these practices. Meanwhile, users would do well to pause and consider before hitting “Agree.”

Cynthia Murrell, January 14, 2021

Palantir Titan Positioning

January 7, 2021

I spotted the jargon now used by Palantir for its Titan platform. No, the jargon is not platform. Here’s what the policeware powerhouse states at the Titan Web page:

Titan’s platform upgrade makes Gotham more performant, open, and proactive, so that the world’s institutions can continue turning data into intelligence.

I once heard a Fast Search & Transfer whiz kid use the word “performant.” In 2006, I asked, “What does performant mean?” The answer was, “It means fast.” I asked, “Like the name of your company or fast as in speed?” The reply, “Fast.” That’s the type of answer that may have contributed to some of Fast Search’s challenges.

I also like the Palantirish word “proactive,” which seems forward leaning.

The search and business intelligence vendors have been using the phrase “turning data into intelligence” for years.

To sum up, Palantir is becoming performant in marketing its platform which converts all sorts of information into “intelligence.” Now what is “intelligence”? Answer fast or performantly, please.

Stephen E Arnold, January 7, 2021

DarkCyber for December 15, 2020, Now Available

December 15, 2020

The DarkCyber video news program for December 15, 2020, is now available at this link. This week’s program includes:

  • Fact or fiction: Work around iCloud security for an iPad
  • Germany opens backdoor to one encrypted email system
  • The Dark Web and Covid is a thing
  • Smart weapons and surgical strikes: The future of war
  • NSO Group in the spotlight again
  • Current information about beam weapons.

You may also view the program via the embedded player on the Beyond Search Web site at this link. Plus, no begging for dollars and no advertising.

Kenny Toth, December 15, 2020

Verint and Cognyte

December 14, 2020

This is a minor point. Verint has incorporated in Israel an entity named Cognyte. The trademark was filed in August 2020. Cognyte, according to this document, is:

Computer and software consulting services provided to governmental entities and enterprise organizations for use in the fields of cyber security, network intelligence, web and social intelligence, situational intelligence, video security, unifying and analyzing intelligence data, surveillance of computer, telecommunication and digital networks; Computer and software consulting services to help governments, critical infrastructure and enterprise organizations to neutralize and prevent terror, crime and cyber threats; Cybersecurity services in the nature of protecting data and information from unauthorized access, and restricting access to computer systems; Data security consultancy; Design and development of electronic data security systems; Computer security threat analysis for protecting data.

Some may confuse Verint’s Cognyte with this Cognyte:

Cognyte is a marketplace helping researchers connect with academic editors across the globe – especially between Western and non-Western countries. Our aspiration is to broadly elevate scientific communication in the academic community to achieve greater impact in society.

Some lawyers maybe. If an IPO for the Verint Cognyte becomes a reality and a success, the academic Cognyte may want to change its name unless these are the same entities in Melville, NY.

Stephen E Arnold, December 14, 2020

Next Page »

  • Archives

  • Recent Posts

  • Meta