The One Percent Have Privately Disappeared

December 8, 2016

People like to think that their lives are not always monitored, especially inside their domiciles.  However, if you have installed any type of security camera, especially a baby monitor, the bad news is that they are easily hacked.  Malware can also be downloaded onto a computer to spy on you through the built-in camera.  Mark Zuckerberg  coves his laptop’s camera with a piece of electrical tape.  With all the conveniences to spy on the average individual, it is not surprising that the rich one percent are literally buying their privacy by disappearing.  FT.com takes a look about, “How The Super-Rich Are Making Their Homes ‘Invisible.’”

The article opens with a description about how an entire high-end California neighborhood exists, but it is digitally “invisible” on Google Street View.  Celebrities live in this affluent California neighborhood and the management company does not even give interviews.  Privacy is one of the greatest luxuries one can buy in this age and the demand will grow as mobile Internet usages increases.  The use of cameras is proportional to Internet usage.

People who buy privacy by hiding their homes want to avoid prying eyes, such a paparazzi and protect themselves from burglars.  The same type of people who buy privacy are also being discreet about their wealth.  They do not flaunt it, unlike previous eras.  In the business sector, more and more clients want to remain anonymous so corporations are creating shell businesses to protect their identities.

There is an entire market for home designs that hide the actual building from prying eyes.  The ultimate way to disappear, however, is to live off the grid:

For extra stealth, property owners can take their homes off the grid — generating their own electricity and water supply avoids tell-tale pipes and wires heading on to their land. Self-sufficient communities have become increasingly popular for privacy, as well as ecological, reasons; some estimates suggest that 180,000 households are living off the grid in the US alone.

Those people who live off the grid will also survive during a zombie apocalypse, but I digress.

It is understandable that celebrities and others in the public eye require more privacy than the average citizen, but we all deserve the same privacy rights.  But it brings up another question: information needs to be found in order to be used.  Why should some be able to disappear while others cannot?

Whitney Grace, December 8, 2016

Increasingly Sophisticated Cybercrime

December 8, 2016

What a deal! Pymnts.com tells us that “Hacked Servers Sell for $6 On The Dark Web.” Citing recent research from Kapersky Lab, the write-up explains:

Kaspersky Lab researchers exposed a massive global underground market selling more than 70,000 hacked servers from government entities, corporations and universities for as little as $6 each.

The cybersecurity firm said the newly discovered xDedic marketplace currently has a listing of 70,624 hacked Remote Desktop Protocol (RDP) servers for sale. It’s reported that many of the servers either host or provide access to consumer sites and services, while some have software installed for direct mail, financial accounting and POS processing, Kaspersky Lab confirmed.

Kapersky’s Costin Raiu notes the study is evidence that “cybercrime-as-a-service” is growing, and has been developing its own, well-organized infrastructure. He also observes that the victims of these criminals are not only the targets of attack, but the unwitting server-owners. xDedic, he says, represents a new type of cybercriminal marketplace.

Kapersky Lab recommends organizations take these precautions:

*Implement multi-layered approach to IT infrastructure security that includes a robust security solution

*Use of strong passwords in server authentication processes

*Establish an ongoing patch management process

*Perform regular security audits of IT infrastructures

*Invest in threat intelligence services”

Stay safe, dear readers.

Cynthia Murrell, December 8, 2016

Facebook, Google, Twitter, YouTube: A Spirit of Cooperation

December 6, 2016

I found this write up interesting. No philosophy or subjective comment required. The title of the write up is “Partnering to Help Curb Spread of Online Terrorist Content.” This is what is called “real” news, but that depends upon one’s point of view.

I highlighted this passage:

Facebook, Microsoft, Twitter and YouTube are coming together to help curb the spread of terrorist content online. There is no place for content that promotes terrorism on our hosted consumer services. When alerted, we take swift action against this kind of content in accordance with our respective policies.

The idea is to use “digital fingerprints” in the manner of Terbium Labs and other companies to allow software to match prints and presumably take action in an automated, semi automated, or manual fashion. The  idea is to make it difficult for certain content to be “found” online via these services.

The write up adds:

As we continue to collaborate and share best practices, each company will independently determine what image and video hashes to contribute to the shared database. No personally identifiable information will be shared, and matching content will not be automatically removed. Each company will continue to apply its own policies and definitions of terrorist content when deciding whether to remove content when a match to a shared hash is found. And each company will continue to apply its practice of transparency and review for any government requests, as well as retain its own appeal process for removal decisions and grievances. As part of this collaboration, we will all focus on how to involve additional companies in the future.

I noted the word “collaborate” and its variants.

The filtering addresses privacy in this way:

Throughout this collaboration, we are committed to protecting our users’ privacy and their ability to express themselves freely and safely on our platforms. We also seek to engage with the wider community of interested stakeholders in a transparent, thoughtful and responsible way as we further our shared objective to prevent the spread of terrorist content online while respecting human rights.

Fingerprints in the world of law enforcement are tied to an individual or, in the case of Terbium, to an entity. Walking back from a fingerprint to an entity is a common practice. The business strategy is to filter content that does not match the policies of certain organizations.

Stephen E Arnold, December 6, 2016

Social Media Surveillance Now a Booming Business

December 5, 2016

Many know that law enforcement often turns to social media for clues, but you may not be aware how far such efforts have gotten. LittleSis, a group that maps and publishes relationships between the world’s most powerful entities, shares what it has learned about the field of social-media spying in, “You Are Being Followed: The Business of Social Media Surveillance.”

LittleSis worked with MuckRock, a platform that shares a trove of original government documents online. The team identified eight companies now vending social-media-surveillance software to law enforcement agencies across the nation; see the article for the list, complete with links to more information on each company. Writer Aaron Cantú describes the project:

We not only dug into the corporate profiles of some of the companies police contract to snoop on your Tweets and Facebook rants, we also filed freedom of information requests to twenty police departments across the country to find out how, when, and why they monitor social media. …

One particularly well-connected firm that we believe is worth highlighting here is ZeroFOX, which actively monitored prominent Black Lives Matter protesters in Baltimore and labeled some of them, including former Baltimore mayoral candidate DeRay McKesson, ‘threat actors.’ The company reached out to Baltimore officials first, offering it services pro-bono, which ZeroFOX executives painted as a selfless gesture of civic responsibility. But city officials may have been especially receptive to ZeroFOX’s pitch because of the powerful names standing behind it.

Behind ZeroFOX are weighty names indeed, like Mike McConnell, former director of the NSA, and Robert Rodgiguez, who is tied to Homeland Security, the Secret Service, and a prominent security firm. Another company worth highlighting is Geofeedia, because its name appears in all the police-department records the project received so far. The article details how each of these departments have worked with that company, from purchase orders to contract specifications. According to its CEO, Geofeedia grew sevenfold in just the last two years.

Before closing with a call for readers to join the investigation through MuckRock, Cantú makes this key observation:

Because social media incites within us a compulsion to share our thoughts, even potentially illegal ones, law enforcement sees it as a tool to preempt behavior that appears threatening to the status quo. We caught a glimpse of where this road could take us in Michigan, where the local news recently reported that a man calling for civil unrest on Facebook because of the Flint water crisis was nearly the target of a criminal investigation. At its worst, social media monitoring could create classes of ‘pre-criminals’ apprehended before they commit crimes if police and prosecutors are able to argue that social media postings forecast intent. This is the predictive business model to which Geofeedia CEO Phil Harris aspires. [The link goes to a 23-minute interview with Harris at YouTube.]

Postings forecast intent”— because no one ever says anything online they don’t really mean, right? There is a reason the pre-crime-arrest concept is fodder for tales of dystopian futures. Where do details like civilian oversight and the protection of civil rights come in?

Cynthia Murrell, December 5, 2016

Bug-Free, Efficient Tor Network Inching Towards Completion

November 30, 2016

The development team behind the Tor Project recently announced the release of Tor 0.2.9.5 that is almost bug-free, stable and secure.

Softpedia in a release titled New Tor “The Onion Router” Anonymity Network Stable Branch Getting Closer says:

Tor 0.2.9.5 Alpha comes three weeks after the release of the 0.2.9.4 Alpha build to add a large number of improvements and bug fixes that have been reported by users since then or discovered by the Tor Project’s hard working development team. Also, this release gets us closer to the new major update of The Onion Router anonymity network.

Numerous bugs and loopholes were being reported in Tor Network that facilitated backdoor entry to snooping parties on Tor users. With this release, it seems those security loopholes have been plugged.

The development team is also encouraging users to test the network further to make it completely bug-free:

If you want to help the Tor Project devs polish the final release of the Tor 0.2.9 series, you can download Tor 0.2.9.5 Alpha right now from our website and install it on your GNU/Linux distribution, or just fetch it from the repositories of the respective OS. Please try to keep in mind, though, that this is a pre-release version, not to be used in production environments.

Though it will always be a cat and mouse game between privacy advocates and those who want to know what goes on behind the veiled network, it would be interesting to see who will stay ahead of the race.

Vishal Ingole, November 30, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Tor Comes to the Rescue of Turkish Online Activists

November 29, 2016

Authorities in Turkey have effectively banned the use of social media platforms like Facebook, Twitter, and YouTube. Tor, however, has to come to the rescue of users, particularly online activists who want to get the word out about the social unrest in the country.

Motherboard in a report tiled Turks Are Flocking to Tor After Government Orders Block of Anti-Censorship Tools says:

Turkish Internet users are flocking to Tor, the anonymizing and censorship circumvention tool, after Turkey’s government blocked Twitter, Facebook, and YouTube. Usage of Tor inside of Turkey went up from around 18,000 users to 25,000 users on Friday, when the government started blocking the popular social media networks, according to Tor’s official metrics.

Apart from direct connection to the Tor Network through TOR browser, the network also allows users to use bridge relays that circumvent any access restrictions by ISPs. Though it’s not yet clear if ISPs in Turkey have also banned Tor access; however, the bridge relay connections have seen a spike in number since the ban was implemented.

It is speculated that the Government may have notified ISPs to ban Tor access, but failed to tell them to do so effectively, which becomes apparent here (a Tweet by a user):

I believe the government just sent the order and didn’t give any guide about how to do it,” Sabanc? told Motherboard in an online chat via Twitter. “And now ISPs trying to figure it out.

This is not the first time Tor has come to the rescue of online activists. One thing though is sure, more and more people concerned about their privacy or do not want to be repressed turning towards anonymous networks like Tor.

Vishal Ingole, November 29, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Genetics Are Biased

November 4, 2016

DNA does not lie. DNA does not lie if conducted accurately and by an experienced geneticist.  Right now it is popular for people to get their DNA tested to discover where their ancestors came from.  Many testers are surprised when they receive their results, because they learn their ancestors came from unexpected places.  Black Americans are eager to learn about the genetics, due to their slave ancestry and lack of familial records.  For many Black Americans, DNA is the only way they can learn where their roots originated, but Africa is not entirely cataloged.

According to Science Daily’s article “Major Racial Bias Found In Leading Genomics Database,” if you have African ancestry and get a DNA test it will be difficult to pinpoint your results.  The two largest genomics databases that geneticists refer to contain a measurable bias to European genes.  From a logical standpoint, this is understandable as Africa has the largest genetic diversity and remains a developing continent without the best access to scientific advances.  These provide challenges for geneticists as they try to solve the African genetic puzzle.

It also weighs heavily on black Americans, because they are missing a significant component in their genetic make-up they can reveal vital health information.  Most black Americans today contain a percentage of European ancestry.  While the European side of their DNA can be traced, their African heritage is more likely to yield clouded results.  On a financial scale, it is more expensive to test black Americans genetics due to the lack of information and the results are still not going to be as accurate as a European genome.

This groundbreaking research by Dr. O’Connor and his team clearly underscores the need for greater diversity in today’s genomic databases,’ says UM SOM Dean E. Albert Reece, MD, PhD, MBA, who is also Vice President of Medical Affairs at the University of Maryland and the John Z. and Akiko Bowers Distinguished Professor at UM SOM. ‘By applying the genetic ancestry data of all major racial backgrounds, we can perform more precise and cost-effective clinical diagnoses that benefit patients and physicians alike.

While Africa is a large continent, the Human Genome Project and other genetic organizations should apply for grants that would fund a trip to Africa.  Geneticists and biologists would then canvas Africa, collect cheek swabs from willing populations, return with the DNA to sequence, and add to the database.  Would it be expensive?  Yes, but it would advance medical knowledge and reveal more information about human history.  After all, we all originate from Mother Africa.

Whitney Grace, November 4, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

The CIA Claims They Are Psychic

November 2, 2016

Today’s headline sounds like something one would read printed on a grocery store tabloid or a conspiracy Web site.  Before I start making claims about the Illuminati, this is not a claim about magical powers, but rather big data and hard science…I think.  Defense One shares that, “The CIA Says It Can Predict Social Unrest As Early As 3 To 5 Days Out.”  While deep learning and other big data technology is used to drive commerce, science, healthcare, and other industries, law enforcement officials and organizations are using it to predict and prevent crime.

The CIA users big data to analyze data sets, discover trends, and predict events that might have national security ramifications.  CIA Director John Brennan hired Andrew Hallman to be the Deputy Director for Digital Innovations within the agency.  Under Hallman’s guidance, the CIA’s “anticipatory intelligence” has improved.  The CIA is not only using their private data sets, but also augment them with open data sets to help predict social unrest.

The big data science allows the CIA to make more confident decisions and provide their agents with better information to assess a situation.

Hallman said analysts are “becoming more proficient in articulating” observations to policymakers derived in these new ways. What it adds up to, Hallman said, is a clearer picture of events unfolding—or about to unfold—in an increasingly unclear world.

What I wonder is how many civil unrest events have been prevented?  For security reasons, some of them remain classified.  While the news is mongering fear, would it not be helpful if the CIA shared some of its success stats with the news and had them make it a priority to broadcast it?

Whitney Grace, November 2, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

UK Public Annoyed with GHCQ Data Collection

October 30, 2016

I don’t have a dog in this fight, and I don’t want this type of pooch. The annoyance story “Public Wants Illegally Collected Data on Them Deleted.” The write up explains that a survey “proves” that the citizens of the United Kingdom want allegedly illegally collected data about them deleted. Here’s the passage I highlighted:

Comparitech.com and OnePoll have polled 1,000 members of the UK public, and 70 per cent wants that data gone. This is something the IPT failed to stipulate in its ruling.  For almost half (45 per cent), a compensation is in order, as well. The ruling has decreased the trust the UK public had in the government, and two thirds (68 per cent) also said it had lost trust in social media and email. Half (51 per cent) is more concerned about hackers stealing data, 14 per cent were most concerned with the government, and 31 per cent couldn’t decide between the two.

Let’s assume the sample size for a country with a population of about 70 million is just dandy. The two major data points of removing data and compensating citizens for the data are interesting. But what does “deleted” mean? How does one know if the data have been deleted or just converted to values in a metadata repository? And what’s with the compensation? What is the value of a single datum for a single person? Data gain value when normalized and aggregated. Calculating what a single UK citizen should receive might be a challenge for the wonks at Cambridge U. but I am confident someone in the economics unit is up to the task.

The really fascinating item in the write up is this statement:

A third (38 per cent) is willing to pay to increase their online privacy. There’s a good business idea for you.

A lot of people will fork over cash to have privacy. What a quaint notion in the UK and for some folks in the British government.

Stephen E Arnold, October 30, 2016

Posting to the Law Enforcement Database

October 28, 2016

The article titled Police Searches of Social Media Face Privacy Pushback on Underground Network discusses the revelations of an NPR article of the same name. While privacy laws are slow to catch up to the fast-paced changes in social media, law enforcement can use public data to track protesters (including retroactive tracking). The ACLU and social media networks are starting to push back against the notion that this is acceptable. The NPR article refers to the Twitter guidelines,

The guidelines bar search companies from allowing law enforcement agencies to use the data to “investigate, track or surveil Twitter’s users (…) in a manner that would require a subpoena, court order, or other valid legal process or that would otherwise have the potential to be inconsistent with our users’ reasonable expectations of privacy.” But that policy is very much open to interpretation, because police don’t usually need legal orders to search public social media…

Some police departments have acknowledged that fuzziness around privacy laws puts the onus on them to police their own officers. The Dunwoody, Georgia police department requires supervisor approval for social media searches. They explain that this is to prevent targeting “particular groups” of people. According to the article, how this issue unfolds is largely up to police departments and social media giants like Twitter and Facebook to decide. But social media has been around for over a decade. Where are the laws defining and protecting our privacy?

Chelsea Kerwin, October 28, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

« Previous PageNext Page »