• Home
• About
• Writers
• Landscape
• Wizards Index
• Fraud
• Wanna Be Like Larry?

Rise of Fake News Should Have All of Us Questioning Our Realities

The article on NBC titled Five Tips on How to Spot Fake News Online reinforces the catastrophic effects of “fake news,” or news that flat-out delivers false and misleading information. It is important to separate “fake news” from ideologically-slanted news sources and the mess of other issues dragging any semblance of journalistic integrity through the mud, but the article focuses on a key point. The absolute best practice is to take in a variety of news sources. Of course, when it comes to honest-to-goodness “fake news,” we would all be better off never reading it in the first place. The article states,

A growing number of websites are espousing misinformation or flat-out lies, raising concerns that falsehoods are going viral over social media without any mechanism to separate fact from fiction. And there is a legitimate fear that some readers can’t tell the difference. A study released by Stanford University found that 82 percent of middle schoolers couldn’t spot authentic news sources from ads labeled as “sponsored content.” The disconnect between true and false has been a boon for companies trying to turn a quick profit.

So how do we separate fact from fiction? Checking the web address and avoiding .lo and .co.com addresses, researching the author, differentiating between blogging and journalism, and again, relying on a variety of sources such as print, TV, and digital. In a time when even the President-to-be, a man with the best intelligence in the world at his fingerprints, chooses to spread fake news (aka nonsense) via Twitter that he won the popular vote (he did not) we all need to step up and examine the information we consume and allow to shape our worldview.

Chelsea Kerwin, January 31, 2017

Counter Measures to Money Laundering

Apparently, money laundering has become a very complicated endeavor, with tools like Bitcoin “washers” available via the Dark Web. Other methods include trading money for gaming or other virtual currencies and “carding.”  ZDNet discusses law enforcement’s efforts to keep up in, “How Machine Learning Can Stop Terrorists from Money Laundering.”

It will not surprise our readers to learn authorities are turning to machine learning to cope with new money laundering methods. Reporter Charlie Osborne cites the CEO of cybersecurity firm ThetaRay, Mark Gazit, when she writes:

By taking advantage of Big Data, machine learning systems can process and analyze vast streams of information in a fraction of the time it would take human operators. When you have millions of financial transactions taking place every day, ML provides a means for automated pattern detection and potentially a higher chance of discovering suspicious activity and blocking it quickly. Gazit believes that through 2017 and beyond, we will begin to rely more on information and analytics technologies which utilize machine learning to monitor transactions and report crime in real time, which is increasingly important if criminals are going to earn less from fraud, and terrorism groups may also feel the pinch as ML cracks down on money laundering.

Of course, criminals will not stop improving their money-laundering game, and authorities will continue to develop tools to thwart them. Just one facet of the cybersecurity arms race.

Cynthia Murrell, January 30, 2017

Some Web Hosting Firms Overwhelmed by Scam Domains

An article at Softpedia should be a wakeup call to anyone who takes the issue of online security lightly—“One Crook Running Over 120 Tech Support Scam Domains on GoDaddy.” Writer Catalin Cimpanu explains:

A crook running several tech support scam operations has managed to register 135 domains, most of which are used in his criminal activities, without anybody preventing him from doing so, which shows the sad state of Web domain registrations today. His name and email address are tied to 135 domains, as MalwareHunterTeam told Softpedia. Over 120 of these domains are registered and hosted via GoDaddy and have been gradually registered across time.

The full list is available at the end of this article (text version here), but most of the domains look shady just based on their names. Really, how safe do you feel navigating to ‘security-update-needed-sys-filescorrupted-trojan-detected[.]info’? How about ‘personal-identity-theft-system-info-compromised[.]info’?

Those are ridiculously obvious, but it seems to be that GoDaddy’s abuse department is too swamped to flag and block even these flagrant examples. At least that hosting firm does have an abuse department; many, it seems, can only be reached through national CERT teams. Other hosting companies, though, respond with the proper urgency when abuse is reported—Cimpanu holds up Bluehost and PlanetHoster as examples. That is something to consider for anyone who thinks the choice of hosting firm is unimportant.

We are reminded that educating ourselves is the best protection. The article links to a valuable tech support scam guide provided by veteran Internet security firm Malwarebytes, and suggests studying the wikis or support pages of other security vendors.

Cynthia Murrell, January 27, 2017

Elasticsearch: Security Assertions

I read “MongoDB Hackers Set Sights on ElasticSearch Servers with Widespread Ransomware Attacks.” According to the write up, more than 2,400 ElasticSearch services were “affected by ransomware in three days.”

“Attackers are finding open servers where there is no authentication at all. This can be done via a number of services and tools. Unfortunately, system admins and developers have been leaving these unauthenticated systems online for a while and attackers are just picking off the low hanging fruit right now.”

The write up explained:

ElasticSearch is a Java-based search engine, commonly used by enterprises for information cataloguing and data analysis.

What’s the remediation? One can pay the ransom. We suggest that Elastic cloud users read the documentation and implement the features appropriate for their use case.

Stephen E Arnold, January 20, 2017

The Internet Is Once Again Anonymous

Let us reminiscence for a moment (and if you like you can visit the Internet archive) about the Internet’s early days, circa late 1990s.  It was a magic time, because there were chatrooms, instant messaging, and forums.  The Internet has not changed these forms of communication much, although chatrooms are pretty dead, but one great thing about the early days is that the Internet was mostly anonymous.  With the increase in tracking software, IP awareness, and social media, Internet anonymity is reserved for the few who are vigilant and never post anything online.    Sometimes, however, you want to interact online without repercussions and TechCrunch shares that “Secret Founder Returns To Anonymous Publishing With Launch Of IO.”

David Byttow, Secret co-founder, started the anonymous publishing app IO that is similar to Postcard Confessions.  IO’s purpose is to:

IO is a pseudo-resurrection of Secret that Byttow told us in November came into being partly because “the downsides of current social media products MUST be addressed,” an imperative he felt was especially urgent following the results of the last U.S. election. IO’s stated mission is to achieve “authentic publishing,” by which Byttow means that he’s hoping users having an option to publishing either anonymously, using a pseudonym or as their actual selves will allow for easier sharing of true thoughts and feelings.

IO really does not do much.  You can type something up, hit publish, but it is only shared with other people if you attach social media links.  You can remain anonymous and IO does include writing assistance tools.  I really do not get why IO is useful, but it does allow a person to create a shareable link without joining a forum, owning a Web site, etc.  Reddit seems more practical, though.

Whitney Grace, January 19, 2016

Another Untraceable Dark Web Actor Put Behind Bars

A prison librarian in England who purchased drugs and weapons over the Dark Web for supplying them to prisoners was sentenced to 7-years in prison.

The Register in a news report Prison Librarian Swaps Books for Bars After Dark-Web Gun Buy Caper says:

Dwain Osborne, of Avenue Road, Penge, in London, was nabbed in October of 2015 after he sought to procure a Glock 19 – a staple of police and security forces worldwide – and 100 rounds of ammunition on the dark web. A search of Osborne’s house revealed the existence of a storage device, two stolen passports, and a police uniform.

Osborne was under the impression that like other Dark Web actors, he too is untraceable. What made the sleuths suspicious is not known, however, the swift action and prosecution are commendable. Law enforcement agencies are challenged by this new facet of crime wherein most perpetrators manage to remain anonymous.

Most arrests related to the purchase of arms and drugs over Dark Web were result of undercover operations. However, going beyond this type of modus operandi is the need of the hour.

Systems like Apacke Teka seem to be promising, but it is premature to say how such kind of systems will evolve and most importantly, will be implemented.

Vishal Ingole, January 19, 2017

The Software Behind the Web Sites

Have you ever visited an awesome Web site or been curious how an organization manages their Web presence?  While we know the answer is some type of software, we usually are not given a specific name.  Venture Beat reports that it is possible to figure out the software in the article, “SimilarTech’s Profiler Tells You All Of The Technologies That Web Companies Are Using.”

SimilarTech is a tool designed to crawl the Internet to analyze what technologies, including software, Web site operators use.  SimiliarTech is also used to detect which online payment tools are the most popular.  It does not come as a surprise that PayPal is the most widely used, with PayPal Subscribe and Alipay in second and third places.

Tracking what technology and software companies utilize for the Web is a boon for salespeople, recruiters, and business development professionals who want a competitive edge as well as:

Overall, SimilarTech provides big data insights about technology adoption and usage analytics for the entire internet, providing access to data that simply wasn’t available before. The insights are used by marketing and sales professionals for website profiling, lead generation, competitive analysis, and business intelligence.

SimiliarTech can also locate contact information for personnel responsible for Web operations, in other words new potential clients.

This tool is kind of like the mailing houses of the past. Mailing houses have data about people, places, organizations, etc. and can generate contact information lists of specific clientele for companies.  SimiliarTech offers the contact information, but it does one better by finding the technologies people use for Web site operation.

Whitney Grace, January 17, 2016

Royal Mail, Delivering Narcotics Efficiently

Unsuspecting Royal Mail postmen are delivering narcotics and drugs ordered over Dark Web to punters and buyers with much efficiency. Taking cognizance of the fact, The Home Office is planning an investment of GBP 1.9 billion over next five years to fight this new face of crime.

The Sun in an article titled Royal Mail Postmen Unknowingly Deliver Drugs Parcels Bought From the Dark Web says:

Royal Mail postmen are unknowingly delivering drug parcels bought from the dark web, it has been revealed. Millions of pounds of drugs are bought online every day via the dark web and shipped to punters anonymously.

The postmen, however, cannot be blamed as they are ill-equipped to find out what’s hidden inside a sealed parcel. Though drug sniffing dogs exist on paper for the Royal Mail, many postmen say they never saw one in their service life. Technology is yet to catch-up with dogs that can sniff out the drugs.

As the postmen are being put at risk delivering these packages, the Home Office in a statement said:

We have committed to spending £1.9bn on cybersecurity over the next five years, including boosting the capabilities of the National Crime Agency’s National Cyber Crime Unit, increasing their ability to investigate the most serious cybercrime.

Law enforcement agencies, including the ones in the US will have to invest in detecting and preventing such crimes. So far the success ratio has been barely encouraging. Till then, unsuspecting people will be used as pawns by cybercriminals, royally!

Vishal Ingole, January 17, 2017

Exploring Dark Web Motivations

The Dark Web continues to be under the microscope. Sophos’ blog, Naked Security, published an article, The Dark Web: Just How Dark Is It? questioning the supposed “dark” motivations of its actors. This piece also attempts to bust myths about the complete anonymity of Tor. There is an entry guard, which knows who the user is, and an exit node, which knows the user’s history and neither of these are easy to avoid. Despite pointing out holes in the much-believed argument full anonymity always exists on Tor, the author makes an effort to showcase “real-world” scenarios for why their average readers may benefit from using Tor: 

If you think a web site is legitimate, but you’re not completely sure and would like to “try before you buy,” why not take an incognito look first, shielding your name, your IP number, even your country? If you’re investigating a website that you think has ripped off your intellectual property, why advertise who you are? If you want to know more about unexceptionable topics that it would nevertheless be best to keep private, such as medical issues, lifestyle choices or a new job, why shouldn’t you keep your identity to yourself? Similarly, if you want to offer online services to help people with those very issues, you’d like them to feel confident that you’ll do your best to uphold their privacy and anonymity.

We’re not convinced — but perhaps that is because the article put its foot in its mouth. First, they tell us Tor does not provide full anonymity and then the author attempts to advocate readers use Tor for anonymity. Which is it? More investigation under a different lens may be needed.

Kenny Toth, January 13, 2017

HSDirs Could Be the Key to Dark Web Intelligence

An article on Security Affairs called Boffins spotted over 100 snooping Tor HSDir nodes spying on Dark Web sites points to a new tactic that could be useful to companies offering Dark Web intelligence services. Within the inner workings of the Dark Web live at least 100, according to researchers, malicious hidden service directories (HSDirs). These are the relays of the network that allow people to visit hidden services. The author quotes researchers Filippo Valsorda and George Tankersley who presented at the Hack in the Box Security Conference,

When a person wants to host a hidden service, they have to advertise their service on a Tor Onion database, which is a DHT made up of a group of stable relay machines called HSDirs . The person who wants to visit the hidden service has to request information about that service from the database. Therefore, those relays or HSDirs can see who is making the request for a connection and when you want to connect. Therefore, to deanonymize a user’s traffic, an attacker could choose to become the HSDir nodes for the hidden service.

Additionally, researchers from Karlstad University in Sweden found 25 nodes within the The Onion Router (Tor) which showed entities snooping on the supposedly anonymous network. It appears gaps exist. The research shows an unspecified actor from Russia was eavesdropping. Are these snoopers Dark Web intelligence or cybercriminals? We shall stay tuned.

Megan Feil, January 12, 2017

« Previous Page — Next Page »

• 

• Search the site

•  

  Subscribe to Beyond Search

  • 
  • 
   
  • 
   
  
  Feature archive
  News archive
   
  
  
  Stephen E. Arnold monitors search, content processing, text mining and related topics from his high-tech nerve center in rural Kentucky. He tries to winnow the goose feathers from the giblets. He works with colleagues worldwide to make this Web log useful to those who want to go "beyond search". Contact him at sa [at] arnoldit.com. His Web site with additional information about search is arnoldit.com.

• Categories

  • 3D-Printing
  • Acquisition
  • Advertising
  • Aggregation
  • AI
  • Alexa
  • algorithms
  • Amazon
  • Amazonia
  • Analytics
  • Appliance
  • Applications
  • Audio
  • Augmented Reality
  • Big data
  • Bing
  • Bitcoin
  • Bitext
  • Book review
  • Business intelligence
  • Business process
  • Business strategy
  • Censorship
  • Cloud computing
  • Company Profile
  • Conferences
  • Connectors
  • Consulting
  • Consumer
  • Content processing
  • Copyright
  • Corporate Concerns
  • Cost
  • Crawl
  • Crowdfunding
  • cryptocurrency
  • Customer support
  • Cyber OSINT
  • cybercrime
  • cybersecurity
  • Dark Web
  • DarkCyber
  • Data
  • Data mining
  • Database
  • Deepfakes
  • Digital Assistant
  • Digital Library
  • E2EE
  • ECommerce
  • EDiscovery
  • Editorial opinion
  • Education
  • Emoticons
  • Enterprise
  • Enterprise search
  • Entity extraction
  • Ethics
  • Facebook
  • Faceted search
  • Factualities
  • Feature
  • Federated search
  • Financial
  • Google
  • Governance
  • Government
  • Hackers
  • healthcare
  • IBM Watson
  • Image search
  • Indexing
  • Infrastructure
  • Innovation
  • Integration
  • intelware
  • Interface
  • Internet
  • Interview
  • Investment
  • law enforcement
  • Legal matters
  • Library automation
  • Management
  • Marketing
  • Mathematics
  • Metadata
  • Microsoft
  • Mobile
  • Natural language processing
  • News
  • NGIA
  • Online (general)
  • Open Access
  • Open source
  • OSINT
  • Osint Radar
  • Overflight
  • Palantir
  • Patents
  • Personnel
  • Podcast
  • Policeware
  • Portals
  • Predictive coding
  • Privacy
  • Profile
  • Publishing
  • Quotation
  • Real time search
  • Reference tool
  • Rich media
  • Robot Writer
  • Search
  • Search enabled applications
  • search engine
  • Search quality
  • Security
  • Semantic
  • Sentiment analysis
  • SEO
  • SharePoint
  • Short Honks
  • Smart Technology
  • Social
  • Social Media
  • software
  • Statistics
  • Taxonomy
  • Technology
  • Text analytics
  • Text processing
  • Tools
  • Tor
  • Training
  • Translation
  • Twitter
  • Uncategorized
  • Unstructured Data
  • User experience
  • User Interface
  • Vertical search
  • Video
  • visualization
  • Voice search
  • Voice technology
  • Web 3
  • Web Services
  • Webinar
  • Windows
  • Work flow
  • XML
  • Yahoo

• Archives

  Archives Select Month July 2024 June 2024 May 2024 April 2024 March 2024 February 2024 January 2024 December 2023 November 2023 October 2023 September 2023 August 2023 July 2023 June 2023 May 2023 April 2023 March 2023 February 2023 January 2023 December 2022 November 2022 October 2022 September 2022 August 2022 July 2022 June 2022 May 2022 April 2022 March 2022 February 2022 January 2022 December 2021 November 2021 October 2021 September 2021 August 2021 July 2021 June 2021 May 2021 April 2021 March 2021 February 2021 January 2021 December 2020 November 2020 October 2020 September 2020 August 2020 July 2020 June 2020 May 2020 April 2020 March 2020 February 2020 January 2020 December 2019 November 2019 October 2019 September 2019 August 2019 July 2019 June 2019 May 2019 April 2019 March 2019 February 2019 January 2019 December 2018 November 2018 October 2018 September 2018 August 2018 July 2018 June 2018 May 2018 April 2018 March 2018 February 2018 January 2018 December 2017 November 2017 October 2017 September 2017 August 2017 July 2017 June 2017 May 2017 April 2017 March 2017 February 2017 January 2017 December 2016 November 2016 October 2016 September 2016 August 2016 July 2016 June 2016 May 2016 April 2016 March 2016 February 2016 January 2016 December 2015 November 2015 October 2015 September 2015 August 2015 July 2015 June 2015 May 2015 April 2015 March 2015 February 2015 January 2015 December 2014 November 2014 October 2014 September 2014 August 2014 July 2014 June 2014 May 2014 April 2014 March 2014 February 2014 January 2014 December 2013 November 2013 October 2013 September 2013 August 2013 July 2013 June 2013 May 2013 April 2013 March 2013 February 2013 January 2013 December 2012 November 2012 October 2012 September 2012 August 2012 July 2012 June 2012 May 2012 April 2012 March 2012 February 2012 January 2012 December 2011 November 2011 October 2011 September 2011 August 2011 July 2011 June 2011 May 2011 April 2011 March 2011 February 2011 January 2011 December 2010 November 2010 October 2010 September 2010 August 2010 July 2010 June 2010 May 2010 April 2010 March 2010 February 2010 January 2010 December 2009 November 2009 October 2009 September 2009 August 2009 July 2009 June 2009 May 2009 April 2009 March 2009 February 2009 January 2009 December 2008 November 2008 October 2008 September 2008 August 2008 July 2008 June 2008 May 2008 April 2008 March 2008 February 2008 January 2008 November 5

• Recent Posts

  • AI Reduces Productivity: Quick Another Study Needed Now
  • Prompt Tips and Query Refinements
  • Silicon Valley Streetbeefs
  • If Math Is Running Out of Problems, Will AI Help Out the Humans?
  • How Can Creatives Survive AI Disruptions?

• Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org