• Home
• About
• Writers
• Landscape
• Wizards Index
• Fraud
• Wanna Be Like Larry?

Sherlock: An Interesting Open Source Intelligence Contribution

Secrets have a way of becoming non-secrets. How is often mysterious. Navigate to “Find Usernames across Social Networks.” Fire up the system and behold what for some was a function worthy of hushed tones in meetings held in drab rooms with plastic furniture.

Plug in a user name. The software chugs through publicly accessible services looking for matches.

Why is this useful? If the value of locating user names is not clear, DarkCyber is not going to flip on your light bulb.

As I write this, I can think of companies in England, Germany, Israel, and Italy which are likely to be doing a bit of critical thinking.

Sherlock could have an impact on those firms’ sales pitches and possibly their revenue. As our fictional hero allegedly said, “You know my methods, Watson.”

Stephen E Arnold, December 2, 2019

NSO Group and Facebook: An Escalation

“Workers at Israeli Surveillance Firm NSO Sue Facebook for Blocking Private Accounts” adds some zest to the dust up between the digital country of Facebook and a company which develops policeware. Facebook’s WhatsApp accused NSO of fiddling with content of the encrypted messaging service.

Reuters reports:

NSO employees said Facebook had imposed a “collective punishment” by choosing to block their private accounts due to the legal process Facebook is conducting against NSO. They also said their lawsuit came only after they made repeated requests to Facebook that went unanswered. “Blocking our private accounts is a hurtful and unjust move by Facebook,” the statement said. “The idea that personal data was searched for and used is very disturbing to us”.

In this legal battle of a digital nation and a software and services company, whose lawyers will prevail?

Worth monitoring because policeware (software and services for law enforcement) and intelware (software and services for intelligence agencies) is rarely in the news.

Will the story have legs or will the legal eagles nibble at these entities patellas? Maybe crippling one or both?

Stephen E Arnold, November 27, 2019

Facebook Takes on NSO Group

Now this is an interesting and possibly inadvisable move. Facebook is big and it has become the one company able to create more negative vibes than an outfit like Boeing (737 Max which allegedly was called “flying coffins”or Johnson & Johnson (the outfit famous for baby powder with a possible secret ingredient).

“Why WhatsApp Is Pushing Back on NSO Group Hacking” provides a Facebook professional’s explanation of the decision to go after the NSO Group, a specialized software and services firm with some government clients:

As we gathered the information that we lay out in our complaint, we learned that the attackers used servers and Internet-hosting services that were previously associated with NSO. In addition, as our complaint notes, we have tied certain WhatsApp accounts used during the attacks back to NSO. While their attack was highly sophisticated, their attempts to cover their tracks were not entirely successful.

I particularly relished this statement by the Facebook professional:

At WhatsApp, we believe people have a fundamental right to privacy and that no one else should have access to your private conversations, not even us. Mobile phones provide us with great utility, but turned against us they can reveal our locations and our private messages, and record sensitive conversations we have with others.

Yeah, yeah, the DarkCyber team hears your voice. Is that voice one that resonates with truth, honor, and “ethical behavior” cranked up on the baloney amplifier?

Several observations:

• It is generally a good idea to understand one’s opponent before getting into a bit of a tussle. Some opponents have special capabilities which are not often understood in the go go, move fast and break things world of Facebook
• Facebook lacks what DarkCyber thinks of as “credibility stature.” In fact, the shadow the firm casts is a long one, but the path the company has followed in its crepuscular journey of those who may be afraid of the light. (Apologies to Plato)
• NSO Group states: “NSO products are used exclusively by government intelligence and law enforcement agencies to fight crime and terror.”

Based on information I glean from my lectures at law enforcement and intelligence conferences, WhatsApp is an encrypted messaging service popular among some bad actors.

Oh, one final question, “Where did some of NSO’s team garner their operational experience?”

Give up. Gentle reader, knowing the answer is probably important. Does Facebook know the answer? Another good question.

Stephen E Arnold, October 30, 2019

Blockchains: A Role in Human Trafficking Investigations?

Human trafficking is one of the greatest evils in history as well as modern day. The Internet facilitates easy communication human traffickers, but they do not conduct their business in plain sight. They use the dark web to cover their sadistic business tracks. The Next Web explains that human traffickers might be easier to find than before in, “How A Blockchain-Based Digital ID System Could Help Tackle Human Trafficking.”

It is estimated that 20-40 million people are human trafficked, bringing in profits of $150 billion a year. Those are outrageous numbers! Emerging technologies such as data sharing and blockchain are becoming the favorable way to traffic people, but these technologies could also save the victims.

Digital IDs would be the key to blockchain technology. Human trafficking victims are denied resources that could help them escape, such as phones, computers, and other mobile technology. The victims are also stripped of any physical identification like passports or driver’s licenses. What if victims had a digital ID, made unique due to a fingerprint or eye scan, that cannot be stolen and would be easy to track?

“Once this is saved on a blockchain, the information is immutable and as such can not be forged, meaning traffickers wouldn’t be able to tamper it or change a victim’s identity. A strategy often used by traffickers to get their victims across border controls.

Importantly, blockchain technology is also decentralized, meaning that the embedded data is far more secure than it would be on a centralized server.

As a borderless technology, blockchain ID documentation and tracking can take place anywhere — so long as the parties involved are able to cooperate and collaborate while pledging to input the correct data.”

In other words, it is still the work of science fiction, but the possibility to make it a reality is not that far off.

Whitney Grace, October 25, 2019

Australian Police Crowdsource Missing Person Investigations

DarkCyber noted the report “Police Turn to Hackers in Australia’s First Crowdsourced Attempt to Find Missing People.” The idea is interesting and illustrates the lateral thinking law enforcement is increasingly directing at certain investigative challenges.

The write up states:

More than 350 internet sleuths and “ethical hackers” — hobbyists and professionals — gathered at 10 locations around the country on Friday in a national missing-persons “hackathon”. The aim was to generate leads for 12 of Australia’s most frustrating cold cases, using sophisticated but legal methods of trawling the Internet.

There have been OSINT efforts to address criminal issues. Open source information is an important component of the approach.

WorldStack, according to the article, “has built a search index of content on the ‘dark web’ — a network of hidden, encrypted websites, sometimes used to organize illegal activity, and hoped to use image-matching software to help find some of the 12 missing people.”

Australian engineers have developed or contributed a number of useful tools. Examples include Sintelix, TeraText, ISYS Search Software, Funnelback, and LMNTrix, among others.

Stephen E Arnold, October 14, 2019

Cloudera Bids to Be the Next Gen Anti Financial Crime Platform

DarkCyber read “Moving Towards the Next Gen Financial Crimes Platform.” The essay, which is two parts information and three parts marketing collateral, presents a diagram of the Cloudera anti financial crime platform. The phrase “financial crime platform” could be interpreted as the airfield for dispatching a range of malware attacks, a position in which some cloud vendors find themselves either wittingly or unwittingly. In this DarkCyber article, I will refer to the Cloudera vision as an anti financial crimes platform, hopefully to make clear that the cloud vendor is not a bad actor.

In DarkCyber’s view, there are three main points about Cloudera’s enterprise focused solution. Silos of information are a problem, and Cloudera will sweep across organizational data silos, at least that’s the idea. Here are points DarkCyber noted:

1. The focus is on the enterprise, not on a wider scope; for example, a bank, not a number of FBI field offices, each of which operates more or less autonomously
2. Smart software (artificial intelligence, machine learning, et al) are used at the edge to provide necessary signals about activity warranting further analysis by more numerical recipes
3. The solution can accommodate innovations either from Cloudera or from partners.

Cloudera includes a diagram of what the solution’s broad outlines are. Here’s the illustration from the Cloudera article:

Working from right to left, data are ingested by Cloudera. The content goes into an enterprise data store. A suite of financial crime “applications” operate on the data in the Enterprise Data Store and its modules. At the right hand of the diagram analytical tools (maybe like Tibco SpotFire?), business intelligence systems, and Cloudera’s Data Science Workbench allow authorized users to interact with the system.

Cloudera’s article includes this statement:

With CDP as the foundation, intelligence gaps are mitigated by a holistic enterprise view of all customer and financial crime-related data (holistic KYC), systems, models and processes.  You will also be able to tighten the loop between detecting and responding to new fraud patterns. CDP also supports open-source advances to ensure that your teams are able to experiment with and adopt the latest technologies and methods, which helps to mitigate technology and vendor lock-in.  The diagram below illustrates the Cloudera Data Platform and its various components for enterprise management. [Emphasis in the original source]

Several observations are warranted:

1. Vendor lock is an organic consequence of putting one’s egg in one cloud-centric basket. Although it is possible to envision a system which accepts enhancements, the write and the diagram do not include a provision for this type of extension. DarkCyber posits that restrictions will apply.
2. The diagram has “financial crime applications” without providing much “color” or detail about these policeware components. One key question is, “Will these policeware applications run “on Cloudera” or on some other system; for example, IBM cloud which delivers Analyst Notebook functions?”
3. The write up does not provide information about restrictions on data; for example, streaming data from telephone intercept systems.
4. Information about functional components, application programming interfaces, and programmatic methods for the platform are not provided. DarkCyber understands the need for economy in writing, but a table or a list of suggested links would be helpful.

Why is Cloudera making this play?

DarkCyber hypothesizes that Cloudera realizes Amazon’s “as is” capabilities pose a substantial threat. Cloudera wants to stake out some territory before the Bezos bulldozer rolls through the policeware market.

Stephen E Arnold, October 9, 2019

Amazon Policeware: Getting Visible in Spite of Amazon

An enterprising reporter included some information from my Amazon research. You can find these open source factoids in “Meet America’s Newest Military Giant: Amazon.” Like good recipients of Jeffrey Epstein love, the publication will enjoin you to pay to read the recycled version of my research. Hey, that’s capitalism in action.

The write up does veer from “military giant” into policeware, a term I coined to make clear that there are platforms, applications, and tools purpose-built to support law enforcement, analysts, and investigators.

© Stephen E Arnold, 2016

You may want to read the article and take a look at the information I have published in this blog and on YouTube and Vimeo. The search systems struggle to highlight this content, but that’s the way life is in the world of ad-supported search. (Tip: To locate the information, use the search box on this Web site or you can explore these short videos at these links:

October 30, 2018 https://vimeo.com/297839909

November 6, 2018 https://vimeo.com/298831585

November 13, 2018 https://vimeo.com/300178710

November 20, 2018 https://vimeo.com/301440474.)

Another peek at Amazon’s activities is provided in a side mirror attached to a speeding Chevrolet Volt. “Ring’s Police Partnerships Must End, Say More Than 30 Civil Rights Groups” is an “open letter.” That document, according to CNet, “urges local lawmakers to cancel all existing police deals with Amazon’s video doorbell company.”

Good luck with that.

The CNet write up adds:

Ring has more than 500 police partnerships across the US, and a coalition of civil rights groups are calling for local governments to cancel them all. On Tuesday, tech-focused nonprofit Fight For the Future published an open letter to elected officials raising concerns about Ring’s police partnerships and its impacts on privacy and surveillance.  The letter is signed by more than 30 civil rights groups, including the Center for Human Rights and Privacy, Color of Change and the Constitutional Alliance. Along with asking mayors and city councils to cancel existing Ring partnerships, the letter also asks for surveillance oversight ordinances to prevent police departments from making these deals in the future, and also requested members of Congress to investigate Ring’s practices.

Read more

Smart Dubai: An Amazon AWS Connection

Amazon AWS provides the plumbing for the Amazon owned Souq.com. Amazon has a “region” and “edge location” in the United Arab Emirates. Amazon is supporting an educational push to infuse those with an interest in computer science in the ways and lingo of AWS. There was an Amazon summit in the UAE as well.

I thought about these Amazon actions when I read “Smart Dubai to Have a Marketplace for Sharing and Exchanging Data by 2021.” I learned:

Smart Dubai is building a data marketplace in a bid to monetise data through centralised and decentralised platforms, a top official said.

This initiative may be a glimpse of the smart data system disclosed in US 9947043. The Dubai activity may be the testing ground for a service which may be rolled out in the US as Amazon edges toward broader investigative services for the US government’s enforcement agencies, the IRS, and the SEC, among others.

Worth monitoring or you can express your interest in DarkCyber’s AWS policeware webinar by writing benkent2020 at yahoo dot com.

Stephen E Arnold, October 2, 2019

Amazon: Airport Purchases

DarkCyber spotted a report on the CNBC Web site. Its title was “Amazon Is in Talks to Bring Its Cashierless Go Technology to Airports and Movie Theaters.” Data about movie attendee purchases is interesting, but date about what an airport passenger is quite interesting. Location, method of payment, items purchases, date, and time are likely to be of considerable interest to investigators and intelligence professionals. With cross correlation a number of interesting questions could be answered. Will Amazon dominate airport sales? DarkCyber is not a prediction business. We will go as far as saying, “Worth watching.”

Stephen E Arnold, October 1, 2019

Amazon Policeware: One Possible Output

Investigations focus on entities and timelines. The context includes the legal wrapper, procedures, impressions, and similar information usually resident in investigators and their colleagues.

Why gather data unless there is a payoff. The payoff from data in terms of Amazon’s policeware includes these upsides:

• Data which informs new products and services, especially those signals for latent demand
• Raw material for analytical processes such as those performed by superordinate Amazon Web Services
• Outputs which have market magnetism; that is, the product is desirable and LE and intel customers want to buy it.

This illustration which I have taken from my October 2, 2019, TechnoSecurity lecture and from my Amazon policeware webinar illustrates three points:

First, raw data are acquired by Amazon. The sources are diverse and some are unique to Amazon; for example, individual and enterprise purchasing data.

Second, the AWS policeware platform which performs normalization, indexing, and analysis from historic and real time data flows; for example, what books did an individual purchase and when.

Third, an output in the form of a profile or report about a person of interest.

© Stephen E Arnold 2019

I know the image is difficult to read. There are two ways to address this issue. You can attend my lectures at the San Antonio conference or you can sign up for my Amazon policeware webinar.

No Epstein supporters, fans, and acquaintances should express interest in my research. Sorry. I am old fashioned.

Stephen E Arnold, October 1, 2019

« Previous Page — Next Page »

• 

• Search the site

•  

  Subscribe to Beyond Search

  • 
  • 
   
  • 
   
  
  Feature archive
  News archive
   
  
  
  Stephen E. Arnold monitors search, content processing, text mining and related topics from his high-tech nerve center in rural Kentucky. He tries to winnow the goose feathers from the giblets. He works with colleagues worldwide to make this Web log useful to those who want to go "beyond search". Contact him at sa [at] arnoldit.com. His Web site with additional information about search is arnoldit.com.

• Categories

  • 3D-Printing
  • Acquisition
  • Advertising
  • Aggregation
  • AI
  • Alexa
  • algorithms
  • Amazon
  • Amazonia
  • Analytics
  • Appliance
  • Applications
  • Audio
  • Augmented Reality
  • Big data
  • Bing
  • Bitcoin
  • Bitext
  • Book review
  • Business intelligence
  • Business process
  • Business strategy
  • Censorship
  • Cloud computing
  • Company Profile
  • Conferences
  • Connectors
  • Consulting
  • Consumer
  • Content processing
  • Copyright
  • Corporate Concerns
  • Cost
  • Crawl
  • Crowdfunding
  • cryptocurrency
  • Customer support
  • Cyber OSINT
  • cybercrime
  • cybersecurity
  • Dark Web
  • DarkCyber
  • Data
  • Data mining
  • Database
  • Deepfakes
  • Digital Assistant
  • Digital Library
  • E2EE
  • ECommerce
  • EDiscovery
  • Editorial opinion
  • Education
  • Emoticons
  • Enterprise
  • Enterprise search
  • Entity extraction
  • Ethics
  • Facebook
  • Faceted search
  • Factualities
  • Feature
  • Federated search
  • Financial
  • Google
  • Governance
  • Government
  • Hackers
  • healthcare
  • IBM Watson
  • Image search
  • Indexing
  • Infrastructure
  • Innovation
  • Integration
  • intelware
  • Interface
  • Internet
  • Interview
  • Investment
  • law enforcement
  • Legal matters
  • Library automation
  • Management
  • Marketing
  • Mathematics
  • Metadata
  • Microsoft
  • Mobile
  • Natural language processing
  • News
  • NGIA
  • Online (general)
  • Open Access
  • Open source
  • OSINT
  • Osint Radar
  • Overflight
  • Palantir
  • Patents
  • Personnel
  • Podcast
  • Policeware
  • Portals
  • Predictive coding
  • Privacy
  • Profile
  • Publishing
  • Quotation
  • Real time search
  • Reference tool
  • Rich media
  • Robot Writer
  • Search
  • Search enabled applications
  • search engine
  • Search quality
  • Security
  • Semantic
  • Sentiment analysis
  • SEO
  • SharePoint
  • Short Honks
  • Smart Technology
  • Social
  • Social Media
  • software
  • Statistics
  • Taxonomy
  • Technology
  • Text analytics
  • Text processing
  • Tools
  • Tor
  • Training
  • Translation
  • Twitter
  • Uncategorized
  • Unstructured Data
  • User experience
  • User Interface
  • Vertical search
  • Video
  • visualization
  • Voice search
  • Voice technology
  • Web 3
  • Web Services
  • Webinar
  • Windows
  • Work flow
  • XML
  • Yahoo

• Archives

  Archives Select Month August 2024 July 2024 June 2024 May 2024 April 2024 March 2024 February 2024 January 2024 December 2023 November 2023 October 2023 September 2023 August 2023 July 2023 June 2023 May 2023 April 2023 March 2023 February 2023 January 2023 December 2022 November 2022 October 2022 September 2022 August 2022 July 2022 June 2022 May 2022 April 2022 March 2022 February 2022 January 2022 December 2021 November 2021 October 2021 September 2021 August 2021 July 2021 June 2021 May 2021 April 2021 March 2021 February 2021 January 2021 December 2020 November 2020 October 2020 September 2020 August 2020 July 2020 June 2020 May 2020 April 2020 March 2020 February 2020 January 2020 December 2019 November 2019 October 2019 September 2019 August 2019 July 2019 June 2019 May 2019 April 2019 March 2019 February 2019 January 2019 December 2018 November 2018 October 2018 September 2018 August 2018 July 2018 June 2018 May 2018 April 2018 March 2018 February 2018 January 2018 December 2017 November 2017 October 2017 September 2017 August 2017 July 2017 June 2017 May 2017 April 2017 March 2017 February 2017 January 2017 December 2016 November 2016 October 2016 September 2016 August 2016 July 2016 June 2016 May 2016 April 2016 March 2016 February 2016 January 2016 December 2015 November 2015 October 2015 September 2015 August 2015 July 2015 June 2015 May 2015 April 2015 March 2015 February 2015 January 2015 December 2014 November 2014 October 2014 September 2014 August 2014 July 2014 June 2014 May 2014 April 2014 March 2014 February 2014 January 2014 December 2013 November 2013 October 2013 September 2013 August 2013 July 2013 June 2013 May 2013 April 2013 March 2013 February 2013 January 2013 December 2012 November 2012 October 2012 September 2012 August 2012 July 2012 June 2012 May 2012 April 2012 March 2012 February 2012 January 2012 December 2011 November 2011 October 2011 September 2011 August 2011 July 2011 June 2011 May 2011 April 2011 March 2011 February 2011 January 2011 December 2010 November 2010 October 2010 September 2010 August 2010 July 2010 June 2010 May 2010 April 2010 March 2010 February 2010 January 2010 December 2009 November 2009 October 2009 September 2009 August 2009 July 2009 June 2009 May 2009 April 2009 March 2009 February 2009 January 2009 December 2008 November 2008 October 2008 September 2008 August 2008 July 2008 June 2008 May 2008 April 2008 March 2008 February 2008 January 2008 November 5

• Recent Posts

  • The Seattle Syndrome: Definitely Debilitating
  • Pavel Durov: Durable Appeal Despite Crypto, French Allegations, and a Travel Restriction
  • What Is a Good Example of AI Enhancing Work Processes? Klarna
  • New Research about Telegram and Its Technology
  • Yelp Google Legal Matter: A Glimpse of What Is to Come

• Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org