Debunking Myths About the Dark Web
February 22, 2017
What is known as the Dark Web has a fair amount of myth surrounding it, thanks to a sensationalized name and a few high-profile media stories. Tech Republic shared an article called, Four misleading myths about the Dark Web, attempting to shine light on some of the common fallacies. In summary, the Dark Web is not necessarily anonymous, it’s not very difficult to access, it’s not all nefarious activity, and there is support for businesses and organizations seeking protection from and prevention of cybertheft and security breaches. The article explains,
The biggest mistake businesses large and small can make regarding the Dark Web is to pretend it doesn’t exist. After the FBI took down the Silk Road, dozens of other niche markets took its place. With a slick interface and well organized ecommerce-like storefront, AlphaBay, one of the largest black markets on the Dark Web, makes shopping for stolen credit card data a breeze. Fortunately for companies, there’s no need to track the Dark Web alone. One technology in particular, Matchlight by Terbium Labs, helps business monitor and locate stolen Dark Web data like stolen source code, employee social security numbers, and other proprietary trade documents.
The Dark Web has become almost synonymous with Tor, the seemingly most popular way to access it. Tor has actually been used since the 1990’s by members of the intelligence community; it was developed by the US Naval Research Laboratory. While over the last decade or so, Tor has been surrounded by media coverage about drugs and crime, it will be interesting to see if the coverage shifts — or increases — because of emerging technologies such as Matchlight.
Megan Feil, February 22, 2017
Search Engine Swaps User Faces into Results
February 22, 2017
Oh, the wonders of modern technology. Now, TechCrunch informs us, “This Amazing Search Engine Automatically Face Swaps You Into Your Image Results.” Searching may never be the same. Writer Devin Coldewey introduces us to Dreambit, a search engine that automatically swaps your face into select image-search results. The write-up includes some screenshots, and the results can be a bit surreal.
The system analyzes the picture of your face and determines how to intelligently crop it to leave nothing but your face. It then searches for images matching your search term — curly hair, for example — and looks for ‘doppelganger sets, images where the subject’s face is in a similar position to your own.
A similar process is done on the target images to mask out the faces and intelligently put your own in their place — and voila! You with curly hair, again and again and again. […]
It’s not limited to hairstyles, either: put yourself in a movie, a location, a painting — as long as there’s a similarly positioned face to swap yours with, the software can do it. A few facial features, like beards, make the edges of the face difficult to find, however, so you may not be able to swap with Rasputin or Gandalf.
Behind the nifty technology is the University of Washington’s Ira Kemelmacher-Shlizerman, a researcher in computer vision, facial recognition, and augmented reality. Her work could have more sober applications, too, like automated age-progressions to help with missing-person cases. Though the software is still in beta, it is easy to foresee a wide array of uses ahead. Now, more than ever, don’t believe everything you see.
Cynthia Murrell, February 22, 2017
Enterprise Heads in the Sand on Data Loss Prevention
February 16, 2017
Enterprises could be doing so much more to protect themselves from cyber attacks, asserts Auriga Technical Manager James Parry in his piece, “The Dark Side: Mining the Dark Web for Cyber Intelligence” at Information Security Buzz. Parry informs us that most businesses fail to do even the bare minimum they should to protect against hackers. This minimum, as he sees it, includes monitoring social media and underground chat forums for chatter about their company. After all, hackers are not known for their modesty, and many do boast about their exploits in the relative open. Most companies just aren’t bothering to look that direction. Such an effort can also reveal those impersonating a business by co-opting its slogans and trademarks.
Companies who wish to go beyond the bare minimum will need to expand their monitoring to the dark web (and expand their data-processing capacity). From “shady” social media to black markets to hacker libraries, the dark web can reveal much about compromised data to those who know how to look. Parry writes:
Yet extrapolating this information into a meaningful form that can be used for threat intelligence is no mean feat. The complexity of accessing the dark web combined with the sheer amount of data involved, correlation of events, and interpretation of patterns is an enormous undertaking, particularly when you then consider that time is the determining factor here. Processing needs to be done fast and in real-time. Algorithms also need to be used which are able to identify and flag threats and vulnerabilities. Therefore, automated event collection and interrogation is required and for that you need the services of a Security Operations Centre (SOC).
The next generation SOC is able to perform this type of processing and detect patterns, from disparate data sources, real-time, historical data etc. These events can then be threat assessed and interpreted by security analysts to determine the level of risk posed to the enterprise. Forewarned, the enterprise can then align resources to reduce the impact of the attack. For instance, in the event of an emerging DoS attack, protection mechanisms can be switched from monitoring to mitigation mode and network capacity adjusted to weather the attack.
Note that Parry’s company, Auriga, supplies a variety of software and R&D services, including a Security Operations Center platform, so he might be a tad biased. Still, he has some good points. The article notes SOC insights can also be used to predict future attacks and to prioritize security spending. Typically, SOC users have been big businesses, but, Parry advocates, scalable and entry-level packages are making such tools available to smaller companies.
From monitoring mainstream social media to setting up an SOC to comb through dark web data, tools exist to combat hackers. The question, Parry observes, is whether companies will face the growing need to embrace those methods.
Cynthia Murrell, February 16, 2017
Online Gun Sales Strengthens the Technology and Law Enforcement Connection
February 14, 2017
A feature article on CNN recently provided some background on Dark Web marketplaces. Entitled Inside the illegal online weapons trade, this piece shares the story of Michael Andrew Ryan. Ryan adopted the moniker gunrunner and opened up a gun sales business on the Dark Web while based in a small town in Kansas. Dark Web trading statistics are tough to pinpoint. However, in comparison with other illegal online trading, gun sales on the Dark Web are less than 3% according to a Carnegie Mellon professor and researcher. The author writes,
By the way, it’s entirely legal to buy guns online in the U.S. — although the process is more complicated, depending on various factors. Nonetheless, the ATF said it’s taking enforcement to a new level by creating an Internet Investigations Center aimed at combating illegal online gunrunners. The center includes federal agents, legal counsel and investigators. Their job: track illegal online firearms trafficking and feed intelligence to agents in the field. It’s a gigantic task, which aims to hit a constantly moving target.
While we will not comment on the sensationalizing and dramatizing of the Dark Web through Ryan’s story, we can say found the concluding remarks above to be helpful. This presents a good picture of the interconnectivity between multiple layers of law enforcement. It also hints at a need for technology upgrades in this cybersecurity arena.
Megan Feil, February 14, 2017
Dark Pools Demystified
February 13, 2017
Have you ever heard of dark pools? You may be hearing more about them as Bitcoin pioneer Jered Kenna and TradeZero offer digital currency dark pool trading. According to this International Business Times article, these two have created the world’s first dark pool exchange for Bitcoin. Their plan is to eventually scale to include other digital currencies. What is a dark pool? It is a private exchange to trade securities in a way where large transactions can occur without impacting the marketing. This means it can be used to avoid adverse price movements. We learned,
The Bitcoin market is less liquid than traditional FX and hence more volatile. Dark pool trading in Bitcoin would be useful to mainstream investors who may want to make large trades in Bitcoin, or use it as a currency hedge without alerting the market to their positions. Kenna, who launched the first US Bitcoin exchange in 2011, brings a wealth of experience to the table. He told IBTimes UK: “Dark pool trading certainly mitigates volatility where individuals making large trades are concerned.
Apparently, the size of the trade one would need to impact the Bitcoin market in is much smaller than what traditional traders experience. Jared Kenna appears to be projecting the future of Bitcoin, and non-traditional currencies in general, to explode. Why else would there be such a need for this kind of service? This is something we will be keeping an eye on, especially as it may come to be more interconnected with Dark Web matters.
Megan Feil, February 13, 2017
Presenting Watson as a Service
February 9, 2017
Every now and then, interest in Watson re-emerges. Forbes published a long-read recently entitled How IBM Is Building A Business Around Watson. After gaining press during Watson’s victorious Jeopardy face-off with Ken Jennings, Watson’s first commercial applications took off. IBM sold it to Memorial Sloan Kettering Cancer Center and Wellpoint to design an advisory system for its medical staff. Other medical institutions have purchased it since then. The author asserts,
Still, the potentially is undeniable. Think about how much more effective an ordinary doctor can be with Watson as an assistant. First, even before the patient enters the room, it can analyze their personal medical history, which often runs to hundreds of pages. Then, it can compare the case history with the 700,000 academic papers published every year as well as potentially millions of other patient records. All of this is, of course, beyond the capabilities of human doctors, who typically only get a few minutes to prepare for each examination. So being able to consult with Watson will be enormously helpful.
The real value is offering Watson as a service by providing its API, so that developers in organizations can develop their own applications using its technology. Over 550 partners are utilizing this currently for everything from retail to geolocation to travel agencies. Certainly, with all the hype Watson receives, we can only expect usage to grow.
Megan Feil, February 9, 2017
Gradescope Cuts Grading Time in Half, Makes Teachers Lives 50% More Bearable
February 8, 2017
The article titled Professors of the World, Rejoice: Gradescope Brings AI to Grading on Nvidia might more correctly be titled: TAs of the World, Rejoice! In my experience, those hapless, hardworking, underpaid individuals are the ones doing most of the grunt work on college campuses. Any grad student who has faced a stack of essays or tests when their “real work” is calling knows the pain and redundancy of grading. Gradescope is an exciting innovation that cuts the time spent grading in half. The article explains,
The AI isn’t used to directly grade the papers; rather, it turns grading into an automated, highly repeatable exercise by learning to identify and group answers, and thus treat them as batches. Using an interface similar to a photo manager, instructors ensure that the automatically suggested answer groups are correct, and then score each answer with a rubric. In this way, input from users lets the AI continually improve its future predictions.
The trickiest part of this technology was handwriting recognition, and the Berkeley team used a “recurrent neural network trained using the Tesla K40 and GEForce GTX 980 Ti GPUs.” Interestingly, the app was initially created at least partly to prevent cheating. Students have been known to alter their answers after the fact and argue a failure of grading, so a digital record of the paper is extremely useful. This might sound like the end of teachers, but in reality it is the beginning of a giant, global teacher party!
Chelsea Kerwin, February 8, 2017
Visualizing a Web of Sites
February 6, 2017
While the World Wide Web is clearly a web, it has not traditionally been presented visually as such. Digital Trends published an article centered around a new visualization of Wikipedia, Race through the Wikiverse for your next internet search. This web-based interactive 3D visualization of the open source encyclopedia is at Wikiverse.io. It was created by Owen Cornec, a Harvard data visualization engineer. It pulls about 250,000 articles from Wikipedia and makes connections between articles based on overlapping content. The write-up tells us,
Of course it would be unreasonable to expect all of Wikipedia’s articles to be on Wikiverse, but Cornec made sure to include top categories, super-domains, and the top 25 articles of the week.
Upon a visit to the site, users are greeted with three options, each of course having different CPU and load-time implications for your computer: “Light,” with 50,000 articles, 1 percent of Wikipedia, “Medium,” 100,000 articles, 2 percent of Wikipedia, and “Complete,” 250,000 articles, 5 percent of Wikipedia.
Will this pave the way for web-visualized search? Or, as the article suggests, become an even more exciting playing field for The Wikipedia Game? Regardless, this advance makes it clear the importance of semantic search. Oh, right — perhaps this would be a better link to locate semantic search (it made the 1 percent “Light” cut).
Megan Feil, February 6, 2017
Little New Hampshire Public Library Takes on Homeland Security over Right to Tor
February 3, 2017
The article on AP titled Browse Free or Die? New Hampshire Library Is at Privacy Fore relates the ongoing battle between The Kilton Public Library of Lebanon, New Hampshire and Homeland Security. This fierce little library was the first in the nation to use Tor, the location and identity scrambling software with a seriously bad rap. It is true, Tor can be used by criminals, and has been used by terrorists. As this battle unfolds in the USA, France is also scrutinizing Tor. But for librarians, the case is simple,
Tor can protect shoppers, victims of domestic violence, whistleblowers, dissidents, undercover agents — and criminals — alike. A recent routine internet search using Tor on one of Kilton’s computers was routed through Ukraine, Germany and the Netherlands. “Libraries are bastions of freedom,” said Shari Steele, executive director of the Tor Project, a nonprofit started in 2004 to promote the use of Tor worldwide. “They are a great natural ally.”… “Kilton’s really committed as a library to the values of intellectual privacy.
To illustrate a history of action by libraries on behalf of patron privacy, the article briefly lists events surrounding the Cold War, the Patriot Act, and the Edward Snowden leak. It is difficult to argue with librarians. For many of us, they were amongst the first authority figures, they are extremely well read, and they are clearly arguing passionately about an issue that few people fully understand. One of the library patrons spoke about how he is comforted by the ability to use Tor for innocent research that might get him flagged by the NSA all the same. Libraries might become the haven of democracy in what has increasingly become a state of constant surveillance. One argument might go along these lines: if we let Homeland Security take over the Internet and give up intellectual freedom, don’t the terrorists win anyway?
Chelsea Kerwin, February 3, 2017
Penn State Research Team Uses Big Data to Explore Crime Rates
February 2, 2017
The article on E&T titled Social Media and Taxi Data Improve Crime Pattern Picture delves into a fascinating study that uses big data involving taxi routes and social media location labels from sites like Foursquare to discover a correlation between taxis, locations of interest, and crime. The study was executed by Penn State researchers who are looking for a more useful way to estimate crime rates rather than the traditional approach targeting demographics and geographic data only. The article explains,
The researchers say that the analysis of crime statistics that encompass population, poverty, disadvantage index and ethnic diversity can provide more accurate estimates of crime rates … the team’s approach likens taxi routes to internet hyperlinks, connecting different communities with each other… One surprising discovery is that the data suggests areas with nightclubs tend to experience lower crime rates – at least in Chicago. The explanation may be that it reflects people’s choices to be there.
This research will be especially useful to city planners interested in how certain spaces are being used, and whether people want to go to those spaces. But the researcher Jessie Li, an assistant professor of information sciences, explained that while the correlation is clear, the underlying cause is not yet known.
Chelsea Kerwin, February 2, 2017
-
- Subscribe to Beyond Search
Feature archive
News archive
-
