• Home
• About
• Writers
• Landscape
• Wizards Index
• Fraud
• Wanna Be Like Larry?

Capital One, Amazon, Cats, and the Common Infrastructure Play

I read “Hacking Suspect Acted Oddly Online.” (Note: the online story is paywalled by Rupert Murdoch. You may  be able to get a peek at the dead tree version of this story in the Wall Street Journal for July 31, 2019.) Yep, Internet cat angle, self incrimination, and public content dissemination. That’s a plot hook which may make a great Lifetime or Netflix program. Amazon is likely to pass on funding the film version of this now familiar story.

Here’s the plot:

There’s the distraught financial institution, in this case, the lovable Capital One. This is the outfit known for “what’s in your pocket”? Good question. The financial outfit teamed up with Amazon in 2015, and according to the “real news” outfit:

In 2015, Capital One Chief Information Officer Rob Alexander said, “The financial services industry attracts some of the worst cyber criminals. So we worked closely with the Amazon team to develop a security model, which we believe enables us to operate more securely in the public cloud than we can even in our own data centers.”

That sounds darned good, but data affecting about 100 million people was breached. That number has not been verified to my satisfaction, and DarkCyber awaits additional data. But 100 million is a good enough number for the story.

Next we have a protagonist with some employment history at Amazon. Remember that this is the cloud service which was in the chain of data compromise. But — and this is important — Amazon was not at fault. The security problem was a is configured bit of “infrastructure.” Plus, the infrastructure which was the point of weakness is “common to both cloud and on premises data center environments.”

The story ends with a suspect. If the program becomes a mini series, we will follow the protagonist with empathy for cats through a trial, and perhaps a variation on the story weaving of “Orange Is the New Black.”

What’s missing from the analysis in the “real news” outlets? Here in Harrod’s Creek, Kentucky, we think of Amazon as an outfit with nifty white Mercedes Benz vans and fast moving van drivers.

But a couple of the pundits lounging in the convenience story / tavern floated some ideas:

1. Why is Amazon not providing a system to address misconfiguration? It seems that 100 million people are now aware of this dropped ball.
2. Why is an Amazon person, presumably with Amazon expertise, behaving in a manner that appears problematic? If the person was hired, what’s the flaw in the Amazon hiring process? If the person was terminated for a germane reason, why was the person not given appropriate “support” to make the transition from Amazonian to a person with unusual online activities? How does Amazon prevent information from being used by a former employee? What can be improved? Are there other former Amazon employees who are able to behave in an allegedly problematic way?
3. Why is the problem “common” to use Capital One’s alleged word quoted in the WSJ story? There are dozens upon dozens of firms which are marketing themselves as cyber safeguard providers. Are these services used by Amazon, or is Amazon relying on home grown solutions. There are indeed Amazon’s own security tools. But are these findable, usable, reliable, and efficacious? Security may be lost in the thicket of proliferating Amazon products, services, and features. In effect, is it possible that Amazon is not doing enough to prevent such security lapses associated closely with its cloud solutions.

Stepping back, let’s think about this incident in a cinematic way:

1. A giant company offering services which are so complex that problems are likely to result from component interactions, blundering customers, and former employees with a behavior quirk.
2. A financial services firm confident of its technical competence. (Note that this financial firm with a previous compliance allegation which seemed to pivot on money laundering and ended with a $100 million fine. See “Compliance Weaknesses Cost Capital One $100M”, October 23, 2018. You will have to pay to view this allegedly accurate write up.
3. A protagonist who seemed to send up distress flags via online communication channels.

What’s the big story?

Maybe there’s a “heart of darkness” with regard to security within the Amazon jungle.

To which jungle was Joseph Conrad, author of the “Heart of Darkness” referring?

“Nowhere did we stop long enough to get a particularized impression, but the general sense of vague and oppressive wonder grew upon me. It was like a weary pilgrimage amongst hints for nightmares.”

Psychological, digital, or financial? With the JEDI contract award fast approaching, will the procurement officials interpret the Capital One breach as a glimpse of the future. Maybe Oracle is correct in its view of Amazon?

Stephen E Arnold, July 31, 2019

Cyber Threats from Semi Insiders

I was thrilled to learn that the New York Times (which quoted me on Sunday, July 21, 2019) concluded that I had no work for the last 40 years. Well, I least I don’t rely on a SNAP card, sleep under the overpass, and hold a sign which says, “Will analyze data for food.”

What did I do in those four decades which the NYT fact checkers couldn’t find? I worked as a rental. Yep, a contractor. A semi insider.

I did what I was paid to do, delivered by now routine “This is what I think, not what you want me to think” reports, and muddled forward.

For some outfits for which I worked, I was a regular. I did projects for years, decades even. For some government agencies, it may seem as if I never left because my son is working on the projects now.

I suppose the phrase “semi insider” explains this relationship. One is “around” long enough that people assume you are part of the furniture or the break room.

I thought of this “semi insider” phrase when I read “Siemens Contractor Pleads Guilty to Planting Logic Bomb in Company Spreadsheets.” The guts of the write up strikes me as:

But while Tinley’s files worked for years, they started malfunctioning around 2014. According to court documents, Tinley planted so-called “logic bombs” that would trigger after a certain date, and crash the files. Every time the scripts would crash, Siemens would call Tinley, who’d fix the files for a fee.

So the idea was sell more work.

My view is that this practice is more widespread than may be recognized.

How does one deal with a situation in which a company’s management and regular “professionals” are so disconnected from the semi insiders’ work that no one knows there’s a scheme afoot?

How does a zip zip zip modern outfit hire individuals who can be trusted, often over a span of years?

How does an organization verify that its semi insiders have not planted a bug, malware, or some other malicious “thing” in a system?

The answer is that today’s cyber security tools will not be much help. Most organizations lack the expertise and resources to verify that what semi insiders do is a-okay.

There’s a lot of chatter about identifying and tracking insider threats. The story makes clear that semi insiders are a risk as well. Considering that Snowden and others who have acted improperly and outside the bounds of their secrecy and other agreements makes crystal clear:

Semi insider threats are a significant risk.

And as the “expertise” of many technical professionals decreases, the risks just go up.

In short, today’s cyber security solutions, cyber governance methods, and day to day management techniques are ineffective, not addressed by cyber security solutions which are essentially reactive, and not well understood.

Siemens may have gotten the memo. It only took two years to arrive.

Stephen E Arnold, July 23, 2019

NSO: More PR Excitement, Facts, or Bloomberg Style Reporting?

I read the Financial Times’ write up about NSO Group. The title is a show stopper: “Israeli Group’s Spyware Offers Keys to Big Tech’s Cloud.” (Note: You may have to pay money to view the orange newspaper’s online “real” news write up.

There’s a diagram:

There’s a reminder that NSO is owned by an outfit called “Q Cyber.” There’s information contained in a “pitch document.” There’s a quote from Citizen Lab, a watchdog outfit on cyber intelligence firms and other interesting topics.

What’s missing?

1. Information from a Q Cyber or NSO professional. A quote or two would be good.
2. Statements from an entity which has used the method and obtained the desired results; for example, high value intel, a person of interest neutralized, the interruption of an industrialized crime operation, or something similar
3. Scanned images of documents similar to the Palantir Gotham how to recently exposed by Vice, a zippy new news outfit.

Think about the PR problem the revelations create: NSO gets another whack on the nose.

Think about the upside: Visibility and in the Financial Times no less. (Does NSO need more visibility and semantic connections to Amazon, Apple, or any other “in the barrel” high tech outfit?)

Outfits engaged in cyber intelligence follow some unwritten rules of the road:

First, these outfits are not chatty people. Even at a classified conference where almost everyone knows everyone else, there’s not much in the way of sales tactics associated with used car dealers.

Second, documentation, particularly PowerPoints or PDFs of presentations, are not handed out like chocolate drops for booth attendees who looked semi alert during a run through of a feature or service. Why not whip out a mobile device with a camera and snap some of the slides from the presentation materials or marketing collateral? The graphic is redrawn and quite unlike the diagrams used by NSO type cyber intel outfits. Most trained intelligence professionals are not into “nifty graphics.”

Third, cyber intel companies are not into the media. There are conference organizers who snap at people who once worked as a journalist and made the mistake of telling someone that “before I joined company X, I worked at the ABC newspaper.” Hot stuff New York Times’ stringers are stopped by security guards or police before getting near the actual conference venue. Don’t believe me. Well, try to gate crash the upcoming geo spatial conference in Washington, DC, and let me know how this works out for you.

Fourth, why is NSO acting in a manner so different from the other Israel-influenced cyber intelligence firms? Is Voyager Labs leaking details of its analytic and workflow technology? What about Sixgill’s system for Dark Web content analysis? What’s Webhose.io doing with its content and expanding software suite? What’s Verint, a public company, rolling out next quarter? NSO is behaving differently, and that is an item of interest, worthy of some research, investigation, and analysis.

For the established cyber intel firms like NSO, assertions are not exactly what sells licenses or make BAE Systems, IBM, or Raytheon fear that their licensees will terminate their contracts. How many “customers” for NSO type systems are there? (If you said a couple of hundred, you are getting close to the bull’s eye.) Does publicity sell law enforcement, security, and intelligence systems? Search engine optimization specialists are loco if they think cyber intel firms want to be on the first page of a Google results page.

Consider this series of bound phrases:

Cat’s paw. Bloomberg methods. Buzzfeed and Vice envy. A desire to sell papers. Loss of experienced editors. Journalists who confuse marketing with functioning software?

These are the ideas the DarkCyber team suggested as topics an investigator could explore. Will anyone do this? Unlikely. Too arcane. Too different from what problems multiple systems operating on a global scale present for one method to work. Five Eyes’ partners struggle with WhatsApp and Telegram messages. “Everything” in Amazon or Apple? Really?

Net net: Great assertion. How about something more?

Stephen E Arnold, July 20, 2019

A Partial Look: Data Discovery Service for Anyone

F-Secure has made available a Data Discovery Portal. The idea is that a curious person (not anyone on the DarkCyber team but one of our contractors will be beavering away today) can “find out what information you have given to the tech giants over the years.” Pick a social media service — for example, Apple — and this is what you see:

A curious person plugs in the Apple ID information and F-Secure obtains and displays the “data.” If one works through the services for which F-Secure offers this data discovery service, the curious user will have provided some interesting data to F-Secure.

Sound like a good idea? You can try it yourself at this F-Secure link.

F-Secure operates from Finland and was founded in 1988.

Do you trust the Finnish anti virus wizards with your user names and passwords to your social media accounts?

Are the data displayed by F-Secure comprehensive? Filtered? Accurate?

Stephen E Arnold, July 18, 2019

Crashing Teslas: No Dark Web Inputs Needed

Do you want to interfere with a Tesla’s electronics? You don’t need to prowl the Regular Web for hacking forums. You don’t need to fire up Tor and visit Dark Web sites. A quick search of Bing and Google delivers a link to “Tesla Model 3 Spoofed Off the Highway.” The information in the write up is a summary of an experiment. DarkCyber understands that.

The products and methods disclosed in the write up will make it easier for some vendors of intelligent driver assistant systems to improve their products. The publicity generated by the listing of the off-the-shelf products used in this experiment will benefit the manufacturers. DarkCyber anticipates a spate of high school science fair projects which present the results of potential engineers’ experiments.

We learned in the write up:

Yonatan Zur, Regulus Cyber CEO and Co-Founder, emphasized this goes way beyond Regulus Cyber and Tesla: “We designed a product to protect vehicles from GNSS spoofing because we believe it is a real threat. We have ongoing research regarding this threat as we believe it’s an issue that needs solving. These new semi-autonomous features offered on new cars place drivers at risk and provides us with a dangerous glimpse of our future as passengers in driverless cars. By reporting and sharing incidents such as this we can ensure the autonomous technology will be safe and trustworthy. “

The purpose of the research is to inform people about vulnerabilities and to boost sales of Regulus anti-spoofing technology. The company will provide a curious person with a free research summary — in exchange for an email address.

DarkCyber is not sure whether to thank Regulus for making the vulnerabilities of autonomous technology to hacks and spoofs or whether to suggest the firm a less sensational way to publicize the results of their experiments.

If you own a Tesla or other vehicle with certain types of assist mechanisms, those systems may be vulnerable. Bad actors and frisky high school science club students are likely to do some experimenting.

Will Regulus’ research results have the sales impact the company wants? Will other impacts be observable? Have US government oversight agencies pursued similar research into security and safety issues for smart vehicles?

Tough questions to answer.

Stephen E Arnold, June 21, 2019

Restaurant AI Has A Lot of Security Baggage

It might sound harmless, when we hear news of the food industry getting involved in AI to dial in dishes and accommodate our palettes. But if you are a bad guy, that looks a lot different. It looks like a buffet. We learned more about the odd risks that could crop up from such AI use from a recent Venture Beat story, “Ex-Googler Alon Chen’s Tastewise Uses AI to Identify and Predict Food Trends.”

According to the story:

“Using AI to predict food trends and stir up new recipes is nothing new, of course. IBM recently announced that it’s teaming up with McCormick & Company to create new flavors and foods with machine learning. IBM’s Chef Watson, a research project that sought to create new recipes by analyzing the chemical composition of hundreds of different ingredients, produced more than 10,000 novel recipes.”

Believe it or not, security agencies are using the same logic that the above organizations are using to predict eating patterns to predict criminal patterns. However, if you fear this is veering us closer to “Minority Report” status, you are not alone. Many experts are thinking about how to use this technology to fight crime, but still maintain human rights. A tricky proposition.

Patrick Roland, June 13, 2019

LookingGlass Threat Map

You may want to check out an interesting approach to marketing as practiced by a cyber intelligence firm. And if you are curious about threats posed by exploits, malware, and other cyber weapons, you will want to examine the LookingGlass Threat Map. The display shows attacks (attempted and successful). If you put your mouse on the map, you can display threats by region. The map is zoomable, so you can obtain information about target of the attack; for example, attacks in Italy. Click on a dot and information about the attack is displayed in a pop up window.

The map also displays a moving real time graph of attacks per second. DarkCyber found the scrolling list of attack types particularly interesting. One can see that the Sality variants are one of the more popular attacks at this time (Tuesday, June 11, 2019, 0603 US Eastern time).

The threat map provides graphs as well; for instance:

I discuss some of LookingGlass’ capabilities in my Dark Web 2 lectures. For more information about LookingGlass, navigate to the company’s Web site. The Sality exploit exists in variants. The software has been available for many years. It exploits the bad actors’ best friend: Microsoft Windows. After 16 years and numerous variants, one could ask the question, “What’s up with this, Microsoft?”

I won’t ask that question because I address Microsoft’s ball fumbling in the DarkCyber video for June 11, 2019.

Stephen E Arnold, June 11, 2019

About That Internet Traffic to China

The Cisco Talos researchers pointed out that a foundation server was under stress. I discussed this on June 4, 2019, in my lecture at the TechnoSecurity & Digital Forensics Conference. The idea of usurping control of lower level Internet services and devices is a wake up call. I noted the rerouting of Internet traffic to China in a number of reports such as this one: “For Two Hours, a Large Chunk of European Mobile Traffic Was Rerouted through China. It Was China Telecom, Again. The Same ISP Accused Last Year of “Hijacking the Vital Internet Backbone of Western Countries.”

According to the story:

The incident occurred because of a BGP route leak at Swiss data center colocation company Safe Host, which accidentally leaked over 70,000 routes from its internal routing table to the Chinese ISP.

My hunch is that the word “leak” which is used in the write up is short hand for hip hopping over more analytic explanations.

First, the BGP or border gateway protocol is one of those plumbing components which have become juicy targets of opportunity. The Internet Servicer Providers get these up and running and then worry only when something goes wrong.

China Telecom, the third largest ISP in China, noted the issue and, according to ZDNet,

re-announced Safe Host’s routes as its own, and by doing so, interposed itself as one of the shortest ways to reach Safe Host’s network and other nearby European telcos and ISPs.

When such issues like this magical “leak” occur, the fixes are applied quickly, often within minutes either by automated scripts or semi automated humans who are monitoring alerts or logs.

This problem took a couple of hours to remedy, and my thought is that one can learn a great deal in that two hour span; for example:

• Length of time between “leak” and someone noticing
• Facts about traffic volume, data types, handoff points in the flow, etc.
• After event consequences; that is, fixes put in place to prevent such “leaks” in the future.

In short, one might gain some operational intelligence. That’s hypothetical, of course. Of course.

Like the attacks on Netnod servers, the goal is to gain access. With that access savvy operators will remain invisible. There’s no reason to let anyone know that a vital component of the increasingly burdened Information Highway is in the hands of bandits riding Mongolian ponies.

Was this a “leak”? Good question.

Stephen E Arnold, June 10, 2019

When Know How Gets Loose: Excitement Ensues

Bad actor hackers are pains in the rear, especially when they steal personal information. They are even worse when they steal from the government and use the stolen information for nefarious purposes. From The Trenches World Report explains the how and why about the hackers in that “China Used NSA Cyber weapon To Hack Targets, Symantec Says.”

The NSA developed a hacking tool dubbed “Double Pulsar” that can secretly download malware onto Windows-based PCs. Chinese hackers stole it, put their stamp on it, and used it on unsuspecting victims back in 2016. There was evidence that the altered Black Pulsar paired with another Chinese hacking tool were used in attacks in Belgium and Hong Kong. What is even worse is that the Chinese hacking tool could only hack 32-bit systems, but was revamped to attack 64-bit systems with newer Windows versions.

It is unknown how the alleged Chinese hackers obtained Double Pulsar. The possible theories are that an NSA server with bad security or a NSA employee went rogue. Another idea is that the hackers collected some NSA traffic that contained Double Pulsar..

“Whatever the case may be, the findings underscore the risks of NSA cyber weapons falling into the wrong hands. Double Pulsar, itself, is no longer a secret. In April 2017, a mysterious party called the Shadow Brokers went online and dumped a cache of NSA hacking tools, which included details on Double Pulsar. A month later, the same NSA hacking tools were used to launch Wannacry, a ransomware attack that hit Windows machines across the world.

Who the Shadows Brokers are remains a mystery. But according to Symantec, the Chinese hacking group that gained access to Double Pulsar no longer appears to be active. In Nov. 2017, the US publicly charged three members of the group with hacking crimes and intellectual property theft.”

One more hacking tool is now an open source piece. DarkCyber is not keen on certain types of technology becoming widely available.

Whitney Grace, May 23, 2018

Amazon: A Wild West Approach to Security

A story ostensibly about an “unprotected Elasticsearch cluster” and an administrator poses an interesting question which I will raise in a moment. You will want to read or scan “Sensitive Information of Millions of Panama Citizens Leaked.” The main idea is that information about citizens of Panama was leaked. The information appears to be germane to people with medical issues. That’s bad for several reasons:

1. People and their medical “histories” are sensitive and like a sizzling hamburger to bad actors interested in blackmail or some other negative action
2. Some citizens of Panama are often low profile. These individuals use Panama as a convenient base for one’s identity or one of many identities. There are also quick hops to nearby locations with a someone flexible approach to financial activities.
3. The “unsecured” Elasticsearch databases are findable using Shodan. This is a search system of considerable utility to certain organizations and individuals.

The system on which the data resided, if the write up is accurate, was Amazon AWS. Now the big question:

With the automation Amazon AWS offers customers, why aren’t basic security health checks routinely performed by Amazon’s smart software?

Snuffing out unprotected AWS servers / services is going to add to friction for customers and impose additional computational burdens on AWS.

One can point the finger at Elasticsearch administrators, but these people are driving Amazon’s digital vehicle. When a smart car mows down a pedestrian, whom do we scrutinize? The person walking or the goi go outfit which built the smart vehicle?

Does Amazon’s speeding AWS may need some driver safety functions? Air bags save lives, and the driver does not have to pay extra or be aware of these devices. Just a thought: Air bags and seat belts for Amazon AWS customers. Amazon, it seems, wants to help former employees become delivery people. What about the administrators of Elasticsearch? What’s their future?

Stephen E Arnold, May 14, 2019

« Previous Page — Next Page »

• 

• Search the site

•  

  Subscribe to Beyond Search

  • 
  • 
   
  • 
   
  
  Feature archive
  News archive
   
  
  
  Stephen E. Arnold monitors search, content processing, text mining and related topics from his high-tech nerve center in rural Kentucky. He tries to winnow the goose feathers from the giblets. He works with colleagues worldwide to make this Web log useful to those who want to go "beyond search". Contact him at sa [at] arnoldit.com. His Web site with additional information about search is arnoldit.com.

• Categories

  • 3D-Printing
  • Acquisition
  • Advertising
  • Aggregation
  • AI
  • Alexa
  • algorithms
  • Amazon
  • Amazonia
  • Analytics
  • Appliance
  • Applications
  • Audio
  • Augmented Reality
  • Big data
  • Bing
  • Bitcoin
  • Bitext
  • Book review
  • Business intelligence
  • Business process
  • Business strategy
  • Censorship
  • Cloud computing
  • Company Profile
  • Conferences
  • Connectors
  • Consulting
  • Consumer
  • Content processing
  • Copyright
  • Corporate Concerns
  • Cost
  • Crawl
  • Crowdfunding
  • cryptocurrency
  • Customer support
  • Cyber OSINT
  • cybercrime
  • cybersecurity
  • Dark Web
  • DarkCyber
  • Data
  • Data mining
  • Database
  • Deepfakes
  • Digital Assistant
  • Digital Library
  • E2EE
  • ECommerce
  • EDiscovery
  • Editorial opinion
  • Education
  • Emoticons
  • Enterprise
  • Enterprise search
  • Entity extraction
  • Ethics
  • Facebook
  • Faceted search
  • Factualities
  • Feature
  • Federated search
  • Financial
  • Google
  • Governance
  • Government
  • Hackers
  • healthcare
  • IBM Watson
  • Image search
  • Indexing
  • Infrastructure
  • Innovation
  • Integration
  • intelware
  • Interface
  • Internet
  • Interview
  • Investment
  • law enforcement
  • Legal matters
  • Library automation
  • Management
  • Marketing
  • Mathematics
  • Metadata
  • Microsoft
  • Mobile
  • Natural language processing
  • News
  • NGIA
  • Online (general)
  • Open Access
  • Open source
  • OSINT
  • Osint Radar
  • Overflight
  • Palantir
  • Patents
  • Personnel
  • Podcast
  • Policeware
  • Portals
  • Predictive coding
  • Privacy
  • Profile
  • Publishing
  • Quotation
  • Real time search
  • Reference tool
  • Rich media
  • Robot Writer
  • Search
  • Search enabled applications
  • search engine
  • Search quality
  • Security
  • Semantic
  • Sentiment analysis
  • SEO
  • SharePoint
  • Short Honks
  • Smart Technology
  • Social
  • Social Media
  • software
  • Statistics
  • Taxonomy
  • Technology
  • Text analytics
  • Text processing
  • Tools
  • Tor
  • Training
  • Translation
  • Twitter
  • Uncategorized
  • Unstructured Data
  • User experience
  • User Interface
  • Vertical search
  • Video
  • visualization
  • Voice search
  • Voice technology
  • Web 3
  • Web Services
  • Webinar
  • Windows
  • Work flow
  • XML
  • Yahoo

• Archives

  Archives Select Month July 2024 June 2024 May 2024 April 2024 March 2024 February 2024 January 2024 December 2023 November 2023 October 2023 September 2023 August 2023 July 2023 June 2023 May 2023 April 2023 March 2023 February 2023 January 2023 December 2022 November 2022 October 2022 September 2022 August 2022 July 2022 June 2022 May 2022 April 2022 March 2022 February 2022 January 2022 December 2021 November 2021 October 2021 September 2021 August 2021 July 2021 June 2021 May 2021 April 2021 March 2021 February 2021 January 2021 December 2020 November 2020 October 2020 September 2020 August 2020 July 2020 June 2020 May 2020 April 2020 March 2020 February 2020 January 2020 December 2019 November 2019 October 2019 September 2019 August 2019 July 2019 June 2019 May 2019 April 2019 March 2019 February 2019 January 2019 December 2018 November 2018 October 2018 September 2018 August 2018 July 2018 June 2018 May 2018 April 2018 March 2018 February 2018 January 2018 December 2017 November 2017 October 2017 September 2017 August 2017 July 2017 June 2017 May 2017 April 2017 March 2017 February 2017 January 2017 December 2016 November 2016 October 2016 September 2016 August 2016 July 2016 June 2016 May 2016 April 2016 March 2016 February 2016 January 2016 December 2015 November 2015 October 2015 September 2015 August 2015 July 2015 June 2015 May 2015 April 2015 March 2015 February 2015 January 2015 December 2014 November 2014 October 2014 September 2014 August 2014 July 2014 June 2014 May 2014 April 2014 March 2014 February 2014 January 2014 December 2013 November 2013 October 2013 September 2013 August 2013 July 2013 June 2013 May 2013 April 2013 March 2013 February 2013 January 2013 December 2012 November 2012 October 2012 September 2012 August 2012 July 2012 June 2012 May 2012 April 2012 March 2012 February 2012 January 2012 December 2011 November 2011 October 2011 September 2011 August 2011 July 2011 June 2011 May 2011 April 2011 March 2011 February 2011 January 2011 December 2010 November 2010 October 2010 September 2010 August 2010 July 2010 June 2010 May 2010 April 2010 March 2010 February 2010 January 2010 December 2009 November 2009 October 2009 September 2009 August 2009 July 2009 June 2009 May 2009 April 2009 March 2009 February 2009 January 2009 December 2008 November 2008 October 2008 September 2008 August 2008 July 2008 June 2008 May 2008 April 2008 March 2008 February 2008 January 2008 November 5

• Recent Posts

  • Silicon Valley Streetbeefs
  • If Math Is Running Out of Problems, Will AI Help Out the Humans?
  • How Can Creatives Survive AI Disruptions?
  • Google and Third-Party Cookies: The Writing Is on the Financial Projection Worksheet
  • The Simple Fix: Door Dash Some Diversity in AI

• Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org