• Home
• About
• Writers
• Landscape
• Wizards Index
• Fraud
• Wanna Be Like Larry?

What Can a System Administrator Do? The Zoom Example

I don’t want to make a big deal of what is common knowledge among those who are system administrators. My French bulldog does not worry about a person with root access. He chews his bone and barks at UPS trucks.

I, on the other hand, do know what system administrators can do and do do. After more than 50 years of professional work, I have learned first hand what unmanaged, poorly supervised, and careless watching of watchers can yield. Let me tell you: There’s quite a bit of excitement out in the real world.

But why listen to an old timer who should be ensconced in a Covid ridden old-age home?

Navigate to “Ex Zoom China Employee Faces US Dissident Censoring Charge.” To make the story short, a person with root access or access to functions of a system administrators censored customers’ information.

Is this important?

Yes, but not because Zoom is more or less like other successful high technology companies.

The action illustrates the inherent weakness of existing controls over systems access. The alleged perpetrator may have been acting due to personal beliefs. The individual could have been paid to block the content. The person with access could have been following orders.

The point is that a system administrator can do many things: Monitor a colleague, gather data in order to blackmail a person, alter information, block content, and define what is real and verifiable.

Let’s take another step. Read “Study Finds That Robots Can Pressure People to Do Risky Things.” Let’s assume that some people are more likely to respond to robot pressure. A robot can be either a Boston Dynamics type of mechanical reindeer or a software script. An engineer with root can instruct a software robot to deliver information of a specific type to people. Some of those people will respond and maybe do risky things. Other people will believe the outputs and make decisions within that information frame.  Like goldfish in a bowl of water, the environment becomes that which is accepted. That’s what a system administrator can do if so inclined and operating without oversight.

Is the online information reality real, accurate, or shaped?

Stephen E Arnold, December 21, 2020

A New Year Is Coming: Let Us Confront the New Reality

Nope, not Covid. Nope, not the financial crisis. Nope, not the social discontinuities. Nope, not the big technology monopoly clown show.

What then?

How about security insecurity. Do you like the phrase? I do because it communicates that users of online systems may never know if the system or systems are secure.

One can pretend, what I call security theater, of course.

The new reality is that an actor or actors has slipped in the stage door after driving a delivery van near the security theater and double parked for what may have been months. The individuals do not work according to New York City labor rules. Nope, these actors moved around, ordered takeout, and lounged on the sidewalks. People passing did not notice. You know the New York attitude: We are definitely with it. This is Broadway.

I read “A Hack Foretold.” I was not impressed. The reason is that the original Internet was technology Play-Doh. Who could imagine the parti-colored constructs blobs of red, blue, and yellow could become.

The write up states with the assured naiveté of a thumb typer:

The point is the authorities have known about hacking for a long time. Whole bureaucracies have been established, and presidential directives have been promulgated, to enhance cybersecurity—and some of their actions have been effective. Still, the contest between cyber offense and -defense is a never-ending race, where the offense has the advantage and, so, the defense must never let up its guard. While security is a lot better than it used to be, vast networks have been left exposed in one way or another, and dedicated hackers who very much want to get inside those networks—and who have the resources of a nation-state—figure out a way.

I want to point out that the cyber security industry has flowered into billions of dollars a year because home economics majors, working with MBAs, constructed a fantasy story about computer security.

Security insecurity is little more than another symptom of efficiency thinking. What can be done to reduce costs and maximize revenue. Oh, so some people lose their jobs in Canton, Illinois, when the John Deere factory goes away. “Tough cookies,” say the efficiency wizards.

We have created a situation in which security insecurity is going to become a digital Covid. I am delighted I am old, retired, and living in a hollow in rural Kentucky. Can you imagine the meetings, the memoranda, the reports, and the self-serving explanations of:

• Cyber security vendors
• Smart software which acts like an antibody to protect a system
• Individual security experts who did the “good enough” work to spoof the clueless lawyers, accountants, bureaucrats, and MBAs who manage technology operations
• Consultants like those who populate LinkedIn and BrightTALK with lectures about security
• Experts who assert that monitoring the Dark Web, Facebook, and chat provide an early warning of actions to come.

I could go on and toss in security appliance vendors, university professors who convert a clever workaround into a peer reviewed paper for IEEE or ACM, and former bad actors who see the light and become trusted advisors after serving jail time.

The New Reality is that I am not sure how one goes about determining the priorities for figuring out what was compromised, determining what other vulnerabilities have been installed, and bring up systems which do not have the charming characteristics of specialized software firms which have code that hides itself so that it can happily reinstall itself.

I spoke with a former CIA professional twice in the last 48 hours. He asked me, “What do I recommend to remediate the problem?” My answer was, “Investigate.”

The actors lounging in front of the security theater are not chatterboxes, and I have seen zero verifiable evidence that defines the timing, scope, and actions of these actors. Why guess then? Why look back and say “woulda, coulda, shoulda.” The time to embrace the New Reality is here.

The security theater has to go dark, and we need a new construct. Expensive, time consuming, and difficult for sure. Failure, however, means changes that those wrought by Covid are trivial. Thumb typers, are you confident your online activities are secure? In deference to the holiday season, here’s a modified carol: Deck the halls with boughs of folly, Tra la la, la la la la.

Stephen E Arnold, December 21, 2020

Zipper the SIPR: The SolarWinds Blow

I found this article interesting: “Pentagon Forces Emergency Shutdown of Computer Network Handling Classified Material.” Since I work in rural Kentucky, I have zero clue if the information in the write is accurate; nevertheless, let me highlight one of the statements in the write up:

An emergency shutdown of a classified internal communications network was ordered at the Pentagon Tuesday. The system, called the Secret Internet Protocol Router Network, handles not only classified information but “up to the secret level”…

My hunch is that this is an “abundance of caution” move. Why caution? Why now?

Possibly the SolarWinds misstep is a reason?

At lunch today, a member of my team and I discussed the marketing of smart, 24×7 cyber security systems. Many companies engaged in this type of activity. But how secure are such security systems. Many are more alike than different; for example:

• Use of open source software
• Reliance upon standard and often manipulable statistical procedures
• Licensing tools and content from companies also in the cyber security business.

The result? Fodder for sales professionals and former art history majors now engaged in public relations, webinar production, and Madison Avenue style pitch writing.

Oh, one other result. The possible security thing at a number of US government entities, large corporations, and probably a handful of non governmental organizations.

Big deal? For some, yep, big deal. For others, what’s the hoo-hah about? Just close that deal, book the business, and collect the fees. What’s more important than cyber security? Revenue perhaps?

Stephen E Arnold, December 18, 2020

Explaining the 2020 End of Year Cyber Hack of Big, Fat Targets of Opportunity

I know you have heard about the end of year cyber attack. The end of 2020 is a zinger. But what caused the problem? Who is responsible? Which cyber security expert is the one to believe? Beyond Search has located an explanation, courtesy of Lorem Ipsum Anything. We posed these questions to the smart software at this next generation thumb typing site and learned:

Security harm resilience change others Beneficiaries food security persons groups objects. Institutions ecosystems entity referent security freedom change forces resilience example. Absence good want presence phenomenon range protection senses foundations secrecy. damage term purpose systems acts guarding security systems security guard security forces security companies. Security cameras e.g. state of mind telephone line containment room cell.

Makes the uptown explanations from assorted experts wishing they could have explained the cyber kick in the ribs as well. Yep, 2020 is year to remember. “Absence good want presence.”

Well said.

Stephen E Arnold, December 18, 2020

Security Vendors: Despite Marketing Claims for Smart Software Knee Jerk Response Is the Name of the Game

Update 3, December 16, 2020 at 1005 am US Eastern, the White House has activate its cyber emergency response protocol. Source: “White House Quietly Activates Cyber Emergency Response” at Cyberscoop.com. The directive is located at this link and verified at 1009 am US Eastern as online.

Update 2, December 16, 2020 at 1002 am US Eastern. The Department of Treasury has been identified as a entity compromised by the SolarWinds’ misstep. Source: US “Treasury, Commerce Depts. Hacked through SolarWinds Compromise” at KrebsonSecurity.com

Update 1, December 16, 2020, at 950 am US Eastern. The SolarWinds’ security misstep may have taken place in 2018. Source: “SolarWinds Leaked FTP Credentials through a Public GitHub Repo “mib-importer” Since 2018” at SaveBreach.com

I talked about security theater in a short interview/conversation with a former CIA professional. The original video of that conversation is here. My use of the term security theater is intended to convey the showmanship that vendors of cyber security software have embraced for the last five years, maybe more. The claims of Dark Web threat intelligence, the efficacy of investigative software with automated data feeds, and Bayesian methods which inoculate a client from bad actors— maybe this is just Madison Avenue gone mad. On the other hand, maybe these products and services don’t work particularly well. Maybe these products and services are anchored in what bad actors did yesterday and are blind to the here and now of dudes and dudettes with clever names?

Evidence of this approach to a spectacular security failure is documented in the estimable Wall Street Journal (hello, Mr. Murdoch) and the former Ziff entity ZDNet. Numerous online publications have reported, commented, and opined about the issue. One outfit with a bit of first hand experience with security challenges (yes, I am thinking about Microsoft) reported “SolarWinds Says Hack Affected 18,000 Customers, Including Two Major Government Agencies.”

One point seems to be sidestepped in the coverage of this “concern.” The corrective measures kicked in after the bad actors had compromised and accessed what may be sensitive data. Just a mere 18,000 customers were affected. Who were these “customers”? The list seems to have been disappeared from the SolarWinds’ Web site and from the Google cache. But Newsweek, an online information service, posted this which may, of course, be horse feathers (sort of like security vendors’ security systems?):

Read more

Work from Home: Manage This, Please

I read “Over Half of Remote Workers Admit to Using Rogue Tools Their IT teams Don’t Know About.” If the information in the write up is on the money, cyber security for the WFH crowd may be next to impossible. The write up reports:

According to a new report from mobile security firm NetMotion, the vast majority of remote workers (62 percent) are guilty of using Shadow IT, with some of them (25 percent) using a “significant number” of unapproved tools.

The article includes this statement:

“Sadly, our research showed that nearly a quarter of remote workers would rather suffer in silence than engage tech teams,” said Christopher Kenessey, CEO of NetMotion.

Net net: Bad actors relish the WFH revolution. The inducement of WFHers using software not vetted by their employer creates numerous opportunities for mischief. How does a firm addicted to Slack and Microsoft Teams deal with this situation:

Hey, team. I am using this nifty new app. It can speed up our production of content. You can download this software from a link I got on social media. Give it a whirl.

Manage this, please.

Stephen E Arnold, November 19, 2020

Virtual Private Networks: Not What They Seem

Virtual private networks are supposed to provide a user with additional security. There are reports about Apple surfing on this assumption in its Big Sur operating system. For more information, check out “Apple Apps on Big Sur Bypass Firewalls and VPNs — This Is Terrible.” Apple appears to making privacy a key facet of its marketing and may be experiencing one of those slips betwixt cup and lip with regard to this tasty sales Twinkie?

Almost as interesting is the information in “40% of Free VPN Apps Found to Leak Data.” Note that the assertion involves no-charge virtual private networks. The write up reports:

ProPrivacy has researched the top 250 free VPN apps available on Google Play Store and found that 40% failed to adequately protect users privacy.

Okay, security conscious Google and its curated apps on its bulletproof Play store are under the Microscope. The write up points out:

… A study by CSIRO discovered that more than 75% of free VPNs have at least one third-party tracker rooted in their software. These trackers collect information on customers online presence and forward that data to advertising agencies to optimize their ads.

Who is involved in the study? Possible the provider of for fee VPN services like NordVPN.

Marketing and privacy. Like peanut butter and honey.

Stephen E Arnold, November 17, 2020

Security Is a Game

This article’s headline caught my attention: “Stop Thinking of Cybersecurity As a Problem: Think of It As a Game.” I think I understand. The write up asserts:

The thing is, cybersecurity isn’t a battle that’s ultimately won, but an ongoing game to play every day against attackers who want to take your systems down. We won’t find a one-size-fits-all solution for the vulnerabilities that were exposed by the pandemic. Instead, each company needs to charge the field and fend off their opponent based on the rules of play. Today, those rules are that anything connected to the internet is fair game for cybercriminals, and it’s on organizations to protect these digital assets.

Interesting idea. Numerous cyber security solutions are available. Some organizations have multiple solutions in place. Nevertheless, bad actors continue to have success. If the information in  Risk Based Security 2020 Q3 Report Data Breach QuickView is anywhere close to accurate. The “game” is being won by bad actors: Lots of data was sucked down by cyber criminals in the last nine months.

Fun, right?

Stephen E Arnold, November 12, 2020

AWS Security Maturity

Struggling with leaky S3 buckets? Discovering phishing campaigns launched from your AWS instance? Wrestling with multiple, often confusing, security options? Answer any of these questions with a “yes”, and you may want to check out this paper, “AWS Security Maturity Roadmap.” After reading the essay, you will probably consider seeking an expert to lend a hand. Hey, why not call the author of the paper? The white paper does a good job of providing a useful checklist so the reader can determine what’s been overlooked.

Stephen E Arnold, November 10, 2020

Microsoft Security: Time for a Rethink

Not long ago, the Wall Street Journal ran this full page ad for a cyber security company named Intrusion:

The ad is interesting because it highlights the failure of cyber security. Evidence of this ineffective defense is revealed in reports from the FBI, Interpol, and independent researchers: Cyber crime, particularly phishing and ransomware, are increasing. There are hundreds of threat neutralizers, smart cyber shields, and a mind boggling array of AI, machine learning, and predictive methods which are not particularly effective.

“Microsoft 365 Administrators Fail to Implement Basic Security Like MFA” provides some interesting information about the state of security for a widely used software system developed by Microsoft.

The article reveals that researchers have found that 99 percent of breaches can be “prevented using MFA.” MFA is cyber lingo for multi-factor authentication. A common way to prove that a log on is valid is to use a password. But before the password lets the user into the system, a one time code is sent to a mobile phone. The user enters the code from the phone and the system lets the person access the system. Sounds foolproof.

The write up states:

The survey research shows that approximately 78% of Microsoft 365 administrators do not have multi-factor authentication (MFA) activated.

Another finding is that:

Microsoft 365 administrators are given excessive control, leading to increased access to sensitive information. 57% of global organizations have Microsoft 365 administrators with excess permissions to access, modify, or share critical data. In addition, 36% of Microsoft 365 administrators are global admins, meaning these administrators can essentially do whatever they want in Microsoft 365. CIS O365 security guidelines suggests limiting the number of global admins to two-four operators maximum per business.

Let’s step back. If the information in the write up is correct, a major security issue is associated with Microsoft’s software. With an increase in breaches, is it time to ask:

Should Microsoft engage in a rethink of its security methods?

We know that third party vendors are not able to stem the tide of cyber crime. A security company would not buy a full page ad in the Wall Street Journal to call attention to failure if it were just marketing fluff. We know that Microsoft admins and Microsoft apps are vulnerable.

Perhaps shifting the burden from the software and cloud vendor to the user is not the optimal approach when one seeks to make security more effective and efficient. The shift is probably more economical for Microsoft; that is, let the customer carry the burden.

Some Microsoft customers may push back and say, “Wrong.” Perhaps regulators will show more interest in security if their newfound energy for taking action against monopolies does not wane? Over to the JEDI knights.

Stephen E Arnold, November 1, 2020

« Previous Page — Next Page »

• 

• Search the site

•  

  Subscribe to Beyond Search

  • 
  • 
   
  • 
   
  
  Feature archive
  News archive
   
  
  
  Stephen E. Arnold monitors search, content processing, text mining and related topics from his high-tech nerve center in rural Kentucky. He tries to winnow the goose feathers from the giblets. He works with colleagues worldwide to make this Web log useful to those who want to go "beyond search". Contact him at sa [at] arnoldit.com. His Web site with additional information about search is arnoldit.com.

• Categories

  • 3D-Printing
  • Acquisition
  • Advertising
  • Aggregation
  • AI
  • Alexa
  • algorithms
  • Amazon
  • Amazonia
  • Analytics
  • Appliance
  • Applications
  • Audio
  • Augmented Reality
  • Big data
  • Bing
  • Bitcoin
  • Bitext
  • Book review
  • Business intelligence
  • Business process
  • Business strategy
  • Censorship
  • Cloud computing
  • Company Profile
  • Conferences
  • Connectors
  • Consulting
  • Consumer
  • Content processing
  • Copyright
  • Corporate Concerns
  • Cost
  • Crawl
  • Crowdfunding
  • cryptocurrency
  • Customer support
  • Cyber OSINT
  • cybercrime
  • cybersecurity
  • Dark Web
  • DarkCyber
  • Data
  • Data mining
  • Database
  • Deepfakes
  • Digital Assistant
  • Digital Library
  • E2EE
  • ECommerce
  • EDiscovery
  • Editorial opinion
  • Education
  • Emoticons
  • Enterprise
  • Enterprise search
  • Entity extraction
  • Ethics
  • Facebook
  • Faceted search
  • Factualities
  • Feature
  • Federated search
  • Financial
  • Google
  • Governance
  • Government
  • Hackers
  • healthcare
  • IBM Watson
  • Image search
  • Indexing
  • Infrastructure
  • Innovation
  • Integration
  • intelware
  • Interface
  • Internet
  • Interview
  • Investment
  • law enforcement
  • Legal matters
  • Library automation
  • Management
  • Marketing
  • Mathematics
  • Metadata
  • Microsoft
  • Mobile
  • Natural language processing
  • News
  • NGIA
  • Online (general)
  • Open Access
  • Open source
  • OSINT
  • Osint Radar
  • Overflight
  • Palantir
  • Patents
  • Personnel
  • Podcast
  • Policeware
  • Portals
  • Predictive coding
  • Privacy
  • Profile
  • Publishing
  • Quotation
  • Real time search
  • Reference tool
  • Rich media
  • Robot Writer
  • Search
  • Search enabled applications
  • search engine
  • Search quality
  • Security
  • Semantic
  • Sentiment analysis
  • SEO
  • SharePoint
  • Short Honks
  • Smart Technology
  • Social
  • Social Media
  • software
  • Statistics
  • Taxonomy
  • Technology
  • Text analytics
  • Text processing
  • Tools
  • Tor
  • Training
  • Translation
  • Twitter
  • Uncategorized
  • Unstructured Data
  • User experience
  • User Interface
  • Vertical search
  • Video
  • visualization
  • Voice search
  • Voice technology
  • Web 3
  • Web Services
  • Webinar
  • Windows
  • Work flow
  • XML
  • Yahoo

• Archives

  Archives Select Month July 2024 June 2024 May 2024 April 2024 March 2024 February 2024 January 2024 December 2023 November 2023 October 2023 September 2023 August 2023 July 2023 June 2023 May 2023 April 2023 March 2023 February 2023 January 2023 December 2022 November 2022 October 2022 September 2022 August 2022 July 2022 June 2022 May 2022 April 2022 March 2022 February 2022 January 2022 December 2021 November 2021 October 2021 September 2021 August 2021 July 2021 June 2021 May 2021 April 2021 March 2021 February 2021 January 2021 December 2020 November 2020 October 2020 September 2020 August 2020 July 2020 June 2020 May 2020 April 2020 March 2020 February 2020 January 2020 December 2019 November 2019 October 2019 September 2019 August 2019 July 2019 June 2019 May 2019 April 2019 March 2019 February 2019 January 2019 December 2018 November 2018 October 2018 September 2018 August 2018 July 2018 June 2018 May 2018 April 2018 March 2018 February 2018 January 2018 December 2017 November 2017 October 2017 September 2017 August 2017 July 2017 June 2017 May 2017 April 2017 March 2017 February 2017 January 2017 December 2016 November 2016 October 2016 September 2016 August 2016 July 2016 June 2016 May 2016 April 2016 March 2016 February 2016 January 2016 December 2015 November 2015 October 2015 September 2015 August 2015 July 2015 June 2015 May 2015 April 2015 March 2015 February 2015 January 2015 December 2014 November 2014 October 2014 September 2014 August 2014 July 2014 June 2014 May 2014 April 2014 March 2014 February 2014 January 2014 December 2013 November 2013 October 2013 September 2013 August 2013 July 2013 June 2013 May 2013 April 2013 March 2013 February 2013 January 2013 December 2012 November 2012 October 2012 September 2012 August 2012 July 2012 June 2012 May 2012 April 2012 March 2012 February 2012 January 2012 December 2011 November 2011 October 2011 September 2011 August 2011 July 2011 June 2011 May 2011 April 2011 March 2011 February 2011 January 2011 December 2010 November 2010 October 2010 September 2010 August 2010 July 2010 June 2010 May 2010 April 2010 March 2010 February 2010 January 2010 December 2009 November 2009 October 2009 September 2009 August 2009 July 2009 June 2009 May 2009 April 2009 March 2009 February 2009 January 2009 December 2008 November 2008 October 2008 September 2008 August 2008 July 2008 June 2008 May 2008 April 2008 March 2008 February 2008 January 2008 November 5

• Recent Posts

  • Silicon Valley Streetbeefs
  • If Math Is Running Out of Problems, Will AI Help Out the Humans?
  • How Can Creatives Survive AI Disruptions?
  • Google and Third-Party Cookies: The Writing Is on the Financial Projection Worksheet
  • The Simple Fix: Door Dash Some Diversity in AI

• Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org