U.S. Government Keeping Fewer New Secrets

February 24, 2017

We have good news and bad news for fans of government transparency. In their Secrecy News blog, the Federation of American Scientists’ reports, “Number of New Secrets in 2015 Near Historic Low.” Writer Steven Aftergood explains:

The production of new national security secrets dropped precipitously in the last five years and remained at historically low levels last year, according to a new annual report released today by the Information Security Oversight Office.

There were 53,425 new secrets (‘original classification decisions’) created by executive branch agencies in FY 2015. Though this represents a 14% increase from the all-time low achieved in FY 2014, it is still the second lowest number of original classification actions ever reported. Ten years earlier (2005), by contrast, there were more than 258,000 new secrets.

The new data appear to confirm that the national security classification system is undergoing a slow-motion process of transformation, involving continuing incremental reductions in classification activity and gradually increased disclosure. …

Meanwhile, ‘derivative classification activity,’ or the incorporation of existing secrets into new forms or products, dropped by 32%. The number of pages declassified increased by 30% over the year before.

A marked decrease in government secrecy—that’s the good news. On the other hand, the report reveals some troubling findings. For one thing, costs are not going down alongside classifications; in fact, they rose by eight percent last year. Also, response times to mandatory declassification requests (MDRs) are growing, leaving over 14,000 such requests to languish for over a year each. Finally, fewer newly classified documents carry the “declassify in ten years or less” specification, which means fewer items will become declassified automatically down the line.

Such red-tape tangles notwithstanding, the reduction in secret classifications does look like a sign that the government is moving toward more transparency. Can we trust the trajectory?

Cynthia Murrell, February 24, 2017

Anonymous Transparency Project Boldly Attacks Google for Secrecy Then Dives Back Under Rug

February 23, 2017

The article on Mercury News titled Secretive Foe Attacks Google Over Government Influence reports on the Transparency Project, an ironically super-secret group devoted to exposing Google’s insane level of influence. Of course, most of us are already perfectly aware of how much power Google holds over our politicians, our privacy, and our daily functions. Across Chrome, Google search, YouTube etc., not a day goes by that we don’t engage with the Silicon Valley Monster. The group claims,

Over the past decade, Google has transformed itself from the dominant internet search engine into a global business empire that touches on almost every facet of people’s lives — often without their knowledge or consent,” the group’s first report said. Another report, based on White House guest logs, cites 427 visits by employees of Google and “associated entities” to the White House since January 2009, with 21 “small, intimate” meetings between senior Google executives and Obama.

While such information may be disturbing, it is hardly revelatory.  So just who is behind the Transparency Project? The article provides a list of companies that Google has pissed off and stomped over on its path to glory. The only company that has stepped up to claim some funding is Oracle. But following the money in this case winds a strange twisted path that actually leads the author back to Google— or at least former Google CEO Eric Schmidt. This begs the question: is there anything Google isn’t influencing?

Chelsea Kerwin, February 23, 2017

Debunking Myths About the Dark Web

February 22, 2017

What is known as the Dark Web has a fair amount of myth surrounding it, thanks to a sensationalized name and a few high-profile media stories. Tech Republic shared an article called, Four misleading myths about the Dark Web, attempting to shine light on some of the common fallacies. In summary, the Dark Web is not necessarily anonymous, it’s not very difficult to access, it’s not all nefarious activity, and there is support for businesses and organizations seeking protection from and prevention of cybertheft and security breaches. The article explains,

The biggest mistake businesses large and small can make regarding the Dark Web is to pretend it doesn’t exist. After the FBI took down the Silk Road, dozens of other niche markets took its place. With a slick interface and well organized ecommerce-like storefront, AlphaBay, one of the largest black markets on the Dark Web, makes shopping for stolen credit card data a breeze. Fortunately for companies, there’s no need to track the Dark Web alone. One technology in particular, Matchlight by Terbium Labs, helps business monitor and locate stolen Dark Web data like stolen source code, employee social security numbers, and other proprietary trade documents.

The Dark Web has become almost synonymous with Tor, the seemingly most popular way to access it. Tor has actually been used since the 1990’s by members of the intelligence community; it was developed by the US Naval Research Laboratory. While over the last decade or so, Tor has been surrounded by media coverage about drugs and crime, it will be interesting to see if the coverage shifts — or increases — because of emerging technologies such as Matchlight.

Megan Feil, February 22, 2017

Search Engine Swaps User Faces into Results

February 22, 2017

Oh, the wonders of modern technology. Now, TechCrunch informs us, “This Amazing Search Engine Automatically Face Swaps You Into Your Image Results.” Searching may never be the same. Writer Devin Coldewey introduces us to Dreambit, a search engine that automatically swaps your face into select image-search results. The write-up includes some screenshots, and the results can be a bit surreal.

The system analyzes the picture of your face and determines how to intelligently crop it to leave nothing but your face. It then searches for images matching your search term — curly hair, for example — and looks for ‘doppelganger sets, images where the subject’s face is in a similar position to your own.

A similar process is done on the target images to mask out the faces and intelligently put your own in their place — and voila! You with curly hair, again and again and again. […]

It’s not limited to hairstyles, either: put yourself in a movie, a location, a painting — as long as there’s a similarly positioned face to swap yours with, the software can do it. A few facial features, like beards, make the edges of the face difficult to find, however, so you may not be able to swap with Rasputin or Gandalf.

Behind the nifty technology is the University of Washington’s Ira Kemelmacher-Shlizerman, a researcher in computer vision, facial recognition, and augmented reality. Her work could have more sober applications, too, like automated age-progressions to help with missing-person cases.  Though the software is still in beta, it is easy to foresee a wide array of uses ahead. Now, more than ever, don’t believe everything you see.

Cynthia Murrell, February 22, 2017

Enterprise Heads in the Sand on Data Loss Prevention

February 16, 2017

Enterprises could be doing so much more to protect themselves from cyber attacks, asserts Auriga Technical Manager James Parry in his piece, “The Dark Side: Mining the Dark Web for Cyber Intelligence” at Information Security Buzz. Parry informs us that most businesses fail to do even the bare minimum they should to protect against hackers. This minimum, as he sees it, includes monitoring social media and underground chat forums for chatter about their company. After all, hackers are not known for their modesty, and many do boast about their exploits in the relative open. Most companies just aren’t bothering to look that direction. Such an effort can also reveal those impersonating a business by co-opting its slogans and trademarks.

Companies who wish to go beyond the bare minimum will need to expand their monitoring to the dark web (and expand their data-processing capacity). From “shady” social media to black markets to hacker libraries, the dark web can reveal much about compromised data to those who know how to look. Parry writes:

Yet extrapolating this information into a meaningful form that can be used for threat intelligence is no mean feat. The complexity of accessing the dark web combined with the sheer amount of data involved, correlation of events, and interpretation of patterns is an enormous undertaking, particularly when you then consider that time is the determining factor here. Processing needs to be done fast and in real-time. Algorithms also need to be used which are able to identify and flag threats and vulnerabilities. Therefore, automated event collection and interrogation is required and for that you need the services of a Security Operations Centre (SOC).

The next generation SOC is able to perform this type of processing and detect patterns, from disparate data sources, real-time, historical data etc. These events can then be threat assessed and interpreted by security analysts to determine the level of risk posed to the enterprise. Forewarned, the enterprise can then align resources to reduce the impact of the attack. For instance, in the event of an emerging DoS attack, protection mechanisms can be switched from monitoring to mitigation mode and network capacity adjusted to weather the attack.

Note that Parry’s company, Auriga, supplies a variety of software and R&D services, including a Security Operations Center platform, so he might be a tad biased. Still, he has some good points. The article notes SOC insights can also be used to predict future attacks and to prioritize security spending. Typically, SOC users have been big businesses, but, Parry advocates, scalable and entry-level packages are making such tools available to smaller companies.

From monitoring mainstream social media to setting up an SOC to comb through dark web data, tools exist to combat hackers. The question, Parry observes, is whether companies will face the growing need to embrace those methods.

Cynthia Murrell, February 16, 2017

Online Gun Sales Strengthens the Technology and Law Enforcement Connection

February 14, 2017

A feature article on CNN recently provided some background on Dark Web marketplaces. Entitled Inside the illegal online weapons trade, this piece shares the story of Michael Andrew Ryan. Ryan adopted the moniker gunrunner and opened up a gun sales business on the Dark Web while based in a small town in Kansas. Dark Web trading statistics are tough to pinpoint. However, in comparison with other illegal online trading, gun sales on the Dark Web are less than 3% according to a Carnegie Mellon professor and researcher. The author writes,

By the way, it’s entirely legal to buy guns online in the U.S. — although the process is more complicated, depending on various factors. Nonetheless, the ATF said it’s taking enforcement to a new level by creating an Internet Investigations Center aimed at combating illegal online gunrunners. The center includes federal agents, legal counsel and investigators. Their job: track illegal online firearms trafficking and feed intelligence to agents in the field. It’s a gigantic task, which aims to hit a constantly moving target.

While we will not comment on the sensationalizing and dramatizing of the Dark Web through Ryan’s story, we can say found the concluding remarks above to be helpful. This presents a good picture of the interconnectivity between multiple layers of law enforcement. It also hints at a need for technology upgrades in this cybersecurity arena.

Megan Feil, February 14, 2017

Dark Pools Demystified

February 13, 2017

Have you ever heard of dark pools? You may be hearing more about them as Bitcoin pioneer Jered Kenna and TradeZero offer digital currency dark pool trading. According to this International Business Times article, these two have created the world’s first dark pool exchange for Bitcoin. Their plan is to eventually scale to include other digital currencies. What is a dark pool? It is a private exchange to trade securities in a way where large transactions can occur without impacting the marketing. This means it can be used to avoid adverse price movements. We learned,

The Bitcoin market is less liquid than traditional FX and hence more volatile. Dark pool trading in Bitcoin would be useful to mainstream investors who may want to make large trades in Bitcoin, or use it as a currency hedge without alerting the market to their positions. Kenna, who launched the first US Bitcoin exchange in 2011, brings a wealth of experience to the table. He told IBTimes UK: “Dark pool trading certainly mitigates volatility where individuals making large trades are concerned.

Apparently, the size of the trade one would need to impact the Bitcoin market in is much smaller than what traditional traders experience. Jared Kenna appears to be projecting the future of Bitcoin, and non-traditional currencies in general, to explode. Why else would there be such a need for this kind of service? This is something we will be keeping an eye on, especially as it may come to be more interconnected with Dark Web matters.

Megan Feil, February 13, 2017

Presenting Watson as a Service

February 9, 2017

Every now and then, interest in Watson re-emerges. Forbes published a long-read recently entitled How IBM Is Building A Business Around Watson. After gaining press during Watson’s victorious Jeopardy face-off with Ken Jennings, Watson’s first commercial applications took off. IBM sold it to Memorial Sloan Kettering Cancer Center and Wellpoint to design an advisory system for its medical staff. Other medical institutions have purchased it since then. The author asserts,

Still, the potentially is undeniable. Think about how much more effective an ordinary doctor can be with Watson as an assistant. First, even before the patient enters the room, it can analyze their personal medical history, which often runs to hundreds of pages. Then, it can compare the case history with the 700,000 academic papers published every year as well as potentially millions of other patient records. All of this is, of course, beyond the capabilities of human doctors, who typically only get a few minutes to prepare for each examination. So being able to consult with Watson will be enormously helpful.

The real value is offering Watson as a service by providing its API, so that developers in organizations can develop their own applications using its technology. Over 550 partners are utilizing this currently for everything from retail to geolocation to travel agencies. Certainly, with all the hype Watson receives, we can only expect usage to grow.

Megan Feil, February 9, 2017

 

Gradescope Cuts Grading Time in Half, Makes Teachers Lives 50% More Bearable

February 8, 2017

The article titled Professors of the World, Rejoice: Gradescope Brings AI to Grading on Nvidia might more correctly be titled: TAs of the World, Rejoice! In my experience, those hapless, hardworking, underpaid individuals are the ones doing most of the grunt work on college campuses. Any grad student who has faced a stack of essays or tests when their “real work” is calling knows the pain and redundancy of grading. Gradescope is an exciting innovation that cuts the time spent grading in half. The article explains,

The AI isn’t used to directly grade the papers; rather, it turns grading into an automated, highly repeatable exercise by learning to identify and group answers, and thus treat them as batches. Using an interface similar to a photo manager, instructors ensure that the automatically suggested answer groups are correct, and then score each answer with a rubric. In this way, input from users lets the AI continually improve its future predictions.

The trickiest part of this technology was handwriting recognition, and the Berkeley team used a “recurrent neural network trained using the Tesla K40 and GEForce GTX 980 Ti GPUs.” Interestingly, the app was initially created at least partly to prevent cheating. Students have been known to alter their answers after the fact and argue a failure of grading, so a digital record of the paper is extremely useful. This might sound like the end of teachers, but in reality it is the beginning of a giant, global teacher party!

Chelsea Kerwin, February 8, 2017

Visualizing a Web of Sites

February 6, 2017

While the World Wide Web is clearly a web, it has not traditionally been presented visually as such. Digital Trends published an article centered around a new visualization of Wikipedia, Race through the Wikiverse for your next internet search. This web-based interactive 3D visualization of the open source encyclopedia is at Wikiverse.io. It was created by Owen Cornec, a Harvard data visualization engineer. It pulls about 250,000 articles from Wikipedia and makes connections between articles based on overlapping content. The write-up tells us,

Of course it would be unreasonable to expect all of Wikipedia’s articles to be on Wikiverse, but Cornec made sure to include top categories, super-domains, and the top 25 articles of the week.

Upon a visit to the site, users are greeted with three options, each of course having different CPU and load-time implications for your computer: “Light,” with 50,000 articles, 1 percent of Wikipedia, “Medium,” 100,000 articles, 2 percent of Wikipedia, and “Complete,” 250,000 articles, 5 percent of Wikipedia.

Will this pave the way for web-visualized search? Or, as the article suggests, become an even more exciting playing field for The Wikipedia Game? Regardless, this advance makes it clear the importance of semantic search. Oh, right — perhaps this would be a better link to locate semantic search (it made the 1 percent “Light” cut).

Megan Feil, February 6, 2017

Next Page »