The Reach of Cyber Threat Intelligence Companies

August 10, 2016

The social media monitoring complex appears to be gaining a follower. LittleSis News shared an article highlighting their investigative findings, You are being followed: The business of social media surveillance. This post not only reveals the technology companies engaged in surveillance and developing tools for surveillance, those at LittleSis News also filed freedom of information requests to twenty police departments about their social media monitoring. The article concludes with,

“Because social media incites within us a compulsion to share our thoughts, even potentially illegal ones, law enforcement sees it as a tool to preempt behavior that appears threatening to the status quo. We caught a glimpse of where this road could take us in Michigan, where the local news recently reported that a man calling for civil unrest on Facebook because of the Flint water crisis was nearly the target of a criminal investigation. At its worst, social media monitoring could create classes of “pre-criminals” apprehended before they commit crimes if police and prosecutors are able to argue that social media postings forecast intent. This is the predictive business model to which Geofeedia CEO Phil Harris aspires.”

In addition to Geofeedia, the other cyber threat intelligence companies listed are: BrightPlanet, ZeroFOX, Intrado, LifeRaft, Magnet Forensics, Media Sonar Technologies, Signal Corporation Limited. These companies specialize in everything from analyzing deep web content to digital forensics software. Ultimately data is their specialty, not people. These technologies and their applications will undoubtedly stir up questions about the relationship between people, the data they produce on social media, and state actors.


Megan Feil, August 10, 2016

Sponsored by, publisher of the CyberOSINT monograph

There is a Louisville, Kentucky Hidden/Dark Web meet up on August 23, 2016.
Information is at this link:


Technology: The New Dr. Evil in the Digital Dark Age

August 9, 2016

When I ride my mule down the streets of Harrod’s Creek, I marvel at the young folks who walk while playing with their mobile phones. Heading home after buying oats for Melissa, I look forward to my kerosene lamps.

Technology does not frighten me. I find technology and the whiz kids amusing. I read “Technology Is Now Pop Culture’s Favorite Enemy.” Goodness. I find gizmos and bits fun. The write up suggests that fun loving, top one percenters in education and wealth are finding themselves at the wrong end of a varmint trap.

I find it interesting that technology, which some folks in big cities believe is the way out of a gloomy tunnel, is maybe not flowers, butterflies, and rainbows. (The unicorns have taken to the woods it seems. No unicorns at the moment.)

I learned:

The ubiquitous nature of futuristic technology has lead to an exponential increase in our distrust of each other and the products we use, but most interesting, has taken away some of the blame from government bodies and corporations. We no longer fear agency bodies as much as we fear the physical technology they use.

That seems harsh. I like the phrase, “We’re from the government and here to help you.” Don’t you?

The write up adds a philosophical note:

Despite us being more savvy of how to use social media or despite us having a better understanding of how computers work in general, most of us still aren’t fluent in how it all fits together. We give so much of ourselves over to our devices, and we don’t ask for much in return. When we give something that inanimate that much control over us, it’s terrifying to think that we’re willingly giving up our freedom.

Let’s think about technology in terms of public Web search. One plugs a query into a system. The system returns a list of results; that is, suggestions where information related to the query may be found.

But what is happening is that the person reviewing the outputs does not have to ask, “Are these results accurate? Are they advertising? Are they comprehensive?” There is another question as well, “Is the information objective?” And what about, “Is the information accurate; that is, verifiable?”

The search systems perform another magic trick. The user becomes a content input. This means that the person with access to the queries as a group or the query subset related to a particular individual has new information. In my experience, knowledge is power, and the folks using the search system do not generally have access to this information.

Asymmetry results. The technology outfits offering service have more information than the users. Search does more to illuminate the dark corners of those using the search system than the results of a search illuminate the user’s mind.

Without the inclination to figure out what’s valid and what’s not or lacking the expertise to perform this type of search results vetting, the users become the used.

That sounds philosophical but there is a practical value to the observation. Without access and capability, the information presented becomes a strong influence on how one thinks, views facts, and has behavior influenced.

My thought is, “Welcome to the medieval world.” It is good to be a king or a queen. To be an information peasant is the opposite.

Giddy up, Melissa. Time to be heading back to the digital hollow to think about the new digital Dr. Evil.

Stephen E Arnold, August 9, 2016

Jurors for Google v. Oracle Case Exposed to Major Privacy Violation Potential

August 1, 2016

The article titled Judge Doesn’t Want Google to Google the Favorite Books and Songs of Potential Jurors on Billboard provides some context into the difficulties of putting Google on trial. Oracle is currently suing Google for copyright violations involving a Java API code. The federal judge presiding over the case, William Alsup, is trying to figure out how to protect the privacy of the jurors from both parties—but mostly Google. The article quotes from Alsup,

“For example, if a search found that a juror’s favorite book is To Kill A Mockingbird, it wouldn’t be hard for counsel to construct a copyright jury argument (or a line of expert questions) based on an analogy to that work and to play upon the recent death of Harper Lee, all in an effort to ingratiate himself or herself into the heartstrings of that juror,” he writes. ” The same could be done… with any number of other juror attitudes…”

Alsup considered a straightforward ban on researching jurors, but this would put both sides’ attorneys at a disadvantage. Instead, Google and Oracle have until the end of the month to either consent to a voluntary ban, or agree to clearly inform the jurors of their intentions regarding social media research.


Chelsea Kerwin, August 1, 2016

Sponsored by, publisher of the CyberOSINT monograph


Environmental Big Data Applied to Sustainable Health Purchasing

July 29, 2016

The US healthcare system has some of the best medical procedures and practices in the world, but the governing system is a violent mess.  One aspect tangled in the nightmare is purchasing.  Wharton University explains how big data can improve sustainability in everything in purchasing in everything from drugs to cleaning supplies: “The Four A’s: Turning Big Data Into Useful Information.”

The health care system is one of the biggest participants in group purchasing organizations (GPOs).  One significant downplayed feature that all GPOs share is its green product usage.  GPOs rely on using green products to cut back on waste and cost (in some cases), however, they could do more if they had access to environmental big data.  It helps the immediate bottom line, but it does more for the future:

“Longer term, it makes good business sense for hospitals and clinics, which spend so much battling environmentally caused illnesses, to reduce, and where possible eliminate, the chemicals and other pollutants that are damaging their patients’ health. That is precisely why Premier’s GreenHealthy program is eager to move beyond price alone and take EPP into consideration. ‘Price doesn’t give us the whole story,’ said [Kevin Lewis, national program coordinator for the GreenHealthy division of Premier Inc]. ‘Our prime concern is making our patients safer.’”

Individual health service providers, however, do not have access to certain healthcare metrics and data, unless they ask for it from manufacturers/supplies.  Even worse is that the health metrics data is often outdated.

The GPOs and the health providers could work together to exchange information to keep all data along the supply chain updated.  It would create a sustainability chain that would benefit the environment and the bottom line.


Whitney Grace, July 29, 2016
Sponsored by, publisher of the CyberOSINT monograph

Rare Sighting in Silicon Valley: A Unicorn

July 8, 2016

Unicorns are mythical creatures with a whole slew of folklore surrounding them, but in modern language the horned beast has been used as a metaphor for a rare occurrence.  North Korea once said that Kim Jong Un spotted a unicorn from their despotic controlled media service, but Fortune tells us that a unicorn was spotted in California’s Silicon Valley: “The SEC Wants Unicorns To Stop Bragging About Their Valuations”.

Unicorns in the tech world are Silicon Valley companies valued at more than one billion.  In some folklore, unicorns are vain creatures and love to be admired, the same can be said about Silicon Valley companies and startups as they brag about their honesty with their investors.  Mary Jo White of the SEC said she wanted them to stop blowing the hot air.

“ ‘The concern is whether the prestige associated with reaching a sky-high valuation fast drives companies to try to appear more valuable than they actually are,’ she said.”

Unlike publicly traded companies, the SEC cannot regulate private unicorns, but they still value protecting investors and facilitating capital formation.  Silicon Valley unicorns have secondary markets forming around their pre-IPO status.  The status they retain before they are traded on the public market.  The secondary market uses derivative contracts, which can contribute to misconceptions about their value.  White wants the unicorns to realize they need to protect their investors once they go public with better structures and controls for their daily operations.

Another fact from unicorn folklore is that unicorns are recognized as symbols of truth.  So while the braggart metaphor is accurate, the truthful aspect is not.


Whitney Grace,  July 8 2016
Sponsored by, publisher of the CyberOSINT monograph

Publicly Available Information Is Considered Leaked When on Dark Web

July 7, 2016

What happens when publicly available informed is leaked to the Dark Web? This happened recently with staff contact information from the University of Liverpool according to an article, Five secrets about the Dark Web you didn’t know from CloudPro. This piece speaks to perception that the Dark Web is a risky place for even already publicly available information. The author reports on how the information was compromised,

“A spokeswoman said: “We detected an automated cyber-attack on one of our departmental online booking systems, which resulted in publically available data – surname, email, and business telephone numbers – being released on the internet. We take the security of all university-related data very seriously and routinely test our systems to ensure that all data is protected effectively. We supported the Regional Organised Crime Unit (TITAN) in their investigations into this issue and reported the case to the Information Commissioner’s Office.”

Data security only continues to grow in importance and as a concern for large enterprises and organizations. This incident is an interesting case to be reported, and it was the only story we had not seen published again and again, as it illustrates the public perception of the Dark Web being a playing ground for illicit activity. It brings up the question about what online landscapes are considered public versus private.


Megan Feil, July 7, 2016

Sponsored by, publisher of the CyberOSINT monograph

Hacking Team Cannot Sell Spyware

June 27, 2016

I do not like spyware.  Once it is downloaded onto your computer, it is a pain to delete and it even steals personal information.  I think it should be illegal to make, but some good comes from spyware if it is in the right hands (ideally).  Some companies make and sell spyware to government agencies.  One of them is the Hacking Team and they recently had some bad news said Naked Security, “Hacking Team Loses Global License To Sell Spyware.”

You might remember Hacking Team from 2015, when its systems were hacked and 500 gigs of internal, files, emails, and product source code were posted online.  The security company has spent the past year trying to repair its reputation, but the Italian Ministry of Economic Development dealt them another blow.  The ministry revoked Hacking Team’s “global authorization” to sell its Remote Control System spyware suite to forty-six countries.  Hacking Team can still sell within the European Union and expects to receive approval to sell outside the EU.

“MISE told Motherboard that it was aware that in 2015 Hacking Team had exported its products to Malaysia, Egypt, Thailand, Kazakhstan, Vietnam, Lebanon and Brazil.

The ministry explained that “in light of changed political situations” in “one of” those countries, MISE and the Italian Foreign Affairs, Interior and Defense ministries decided Hacking Team would require “specific individual authorization.”  Hacking Team maintains that it does not sell its spyware to governments or government agencies where there is “objective evidence or credible concerns” of human rights violations.”

Hacking Team said if they suspect that any of their products were used to caused harm, they immediately suspend support if customers violate the contract terms.   Privacy International does not believe that Hacking Team’s self-regulation is enough.

It points to the old argument that software is a tool and humans cause the problems.


Whitney Grace, June 27, 2016
Sponsored by, publisher of the CyberOSINT monograph

Banks as New Dark Web Educators

June 15, 2016

The Dark Web and deep web can often get misidentified and confused by readers. To take a step back, Trans Union’s blog offers a brief read called, The Dark Web & Your Data: Facts to Know, that helpfully addresses some basic information on these topics. First, a definition of the Dark Web: sites accessible only when a physical computer’s unique IP address is hidden on multiple levels. Specific software is needed to access the Dark Web because that software is needed to encrypt the machine’s IP address. The article continues,

“Certain software programs allow the IP address to be hidden, which provides anonymity as to where, or by whom, the site is hosted. The anonymous nature of the dark web makes it a haven for online criminals selling illegal products and services, as well as a marketplace for stolen data. The dark web is often confused with the “deep web,” the latter of which makes up about 90 percent of the Internet. The deep web consists of sites not reachable by standard search engines, including encrypted networks or password-protected sites like email accounts. The dark web also exists within this space and accounts for approximately less than 1 percent of web content.”

For those not reading news about the Dark Web every day, this seems like a fine piece to help brush up on cybersecurity concerns relevant at the individual user level. Trans Union is on the pulse in educating their clients as banks are an evergreen target for cybercrime and security breaches. It seems the message from this posting to clients can be interpreted as one of the “good luck” variety.


Megan Feil, June 15, 2016

Sponsored by, publisher of the CyberOSINT monograph

Websites Found to Be Blocking Tor Traffic

June 8, 2016

Discrimination or wise precaution? Perhaps both? MakeUseOf tells us, “This Is Why Tor Users Are Being Blocked by Major Websites.” A recent study (PDF) by the University of Cambridge; University of California, Berkeley; University College London; and International Computer Science Institute, Berkeley confirms that many sites are actively blocking users who approach through a known Tor exit node. Writer Philip Bates explains:

“Users are finding that they’re faced with a substandard service from some websites, CAPTCHAs and other such nuisances from others, and in further cases, are denied access completely. The researchers argue that this: ‘Degraded service [results in Tor users] effectively being relegated to the role of second-class citizens on the Internet.’ Two good examples of prejudice hosting and content delivery firms are CloudFlare and Akamai — the latter of which either blocks Tor users or, in the case of, infinitely redirects. CloudFlare, meanwhile, presents CAPTCHA to prove the user isn’t a malicious bot. It identifies large amounts of traffic from an exit node, then assigns a score to an IP address that determines whether the server has a good or bad reputation. This means that innocent users are treated the same way as those with negative intentions, just because they happen to use the same exit node.”

The article goes on to discuss legitimate reasons users might want the privacy Tor provides, as well as reasons companies feel they must protect their Websites from anonymous users. Bates notes that there  is not much one can do about such measures. He does point to Tor’s own Don’t Block Me project, which is working to convince sites to stop blocking people just for using Tor. It is also developing a list of best practices that concerned sites can follow, instead. One site, GameFAQs, has reportedly lifted its block, and CloudFlare may be considering a similar move. Will the momentum build, or must those who protect their online privacy resign themselves to being treated with suspicion?


Cynthia Murrell, June 8, 2016

Sponsored by, publisher of the CyberOSINT monograph

DuckDuckGo Tor Search

June 3, 2016

DuckDuckGo, like a number of other online outfits, has a presence on Tor, the gateway to the part of the Internet which is actually pretty small. I read “Tor Switches to DuckDuckGo Search Results by Default.” I learned:

[F]or a while now Disconnect has no access to Google search results anymore which we used in Tor Browser. Disconnect being more a meta search engine which allows users to choose between different search providers fell back to delivering Bing search results which were basically unacceptable quality-wise. While Disconnect is still trying to fix the situation we asked them to change the fallback to DuckDuckGo as their search results are strictly better than the ones Bing delivers.

The privacy issue looms large. The write up points out:

…DuckDuckGo made a $25,000 donation to Tor which in recent times has been trying to diversify its funding away from reliance on the US government — including launching a crowdfunding campaign which pulled in just over $200,000 at the start of this year.

How private is Tor? No information about this topic appears in the write up.

Stephen E Arnold, June 3, 2016

« Previous PageNext Page »