DuckDuckGo: Challenging Google Is Not a Bad Idea
February 25, 2016
I read “The Founder of DuckDuckGo Explains Why Challenging Google Isn’t Insane.” I noted several statements in the write up; namely:
- DuckDuckGo delivers three billion searches a year, compared to Google’s trillion-plus search per year. The zeros can be confusing to an addled goose like me. Let me say that Google is delivering more search results that DuckDuckGo.com
- DuckDuckGo’s revenues are in 2015 were more than $1 million. Google’s revenues were about $75 billion. Yep, more zeros.
- It used to take Google six months to index pages on the Internet. (I thought that Google indexed from its early days based on a priority algorithm. Some sites were indexed in a snappy manner; others, like the National Railway Retirement Board, less snappily. I am probably dead wrong here, but it is a nifty point to underscore Google’s slow indexing. I just don’t think it was or is true.)
- DuckDuckGo was launched in 2008. The company is almost eight years old.
- Google’s incognito mode is a myth. What about those Google cookies? (I think the incognito mode nukes those long lived goodies.)
Here’s the passage I highlighted:
Adams (the interviewer): I thought the government could track me whether I use DuckDuckGo or not.
Weinberg (the founder of DuckDuckGo): No they can’t. They can get to your Google searches, but if you use DuckDuckGo it’s completely encrypted between you and us. We don’t store anything. So there’s no data to get. The government can’t subpoena us for records because we don’t have records.
DuckDuckGo beats the privacy drum. That’s okay, but the privacy of Tor and I2P can be called into question. Is it possible that there are systems and methods to track user queries with or without the assistance of the search engine system? My hunch is that there are some interesting avenues to explore from companies providing tools to various government agencies. What about RACs, malware, metadata analyses, etc.? Probably I am wrong again. RATs. I have no immunity from my flawed information. I may have to grab my swim fins and go fin-fishing. I could also join a hacking team and vupen it up.
Stephen E Arnold, February 25, 2016
More Hacked US Voter Data Appears on the Dark Web
February 25, 2016
From HackRead comes a piece called More US Voters Data Circulating on the Dark Net, which points to the lack of protection surrounding data on US voters. This data was leaked on the site The Hell on Dark Web. No reports yet suggest how this data was hacked. While no social security numbers or highly sensitive information was released, records include name, date of birth, voter registration dates, voting records, political affiliation and address. Continuing the explanation of implications, the article’s author writes,
“However, it provides any professional hacker substantial information to initiate and plan a phishing attack in the next election which takes place in the US. Recent discoveries, news and speculations have exposed the role of nation-state actors and cyber criminals in planning, instigating and initiating hacking attacks aimed at maligning the upcoming US elections. While social media has emerged as one of the leading platforms adopted by politicians when they wish to spread a certain message or image, cyber criminals and non-state actors are also utilizing the online platform to plan and initiate their hacking attacks on the US election.”
As the article reminds us, this is the not first instance of voter records leaking. Such leaks call into question how this keeps happening and makes us wonder about any preventative measures. The last thing needed surrounding public perception of voting is that it puts one at risk for cyber attacks. Aren’t there already enough barriers in place to keep individuals from voting?
Megan Feil, February 25, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
monograph
CyberSpark Billed as New Cybersecurity Capital for Israel
February 24, 2016
Beersheba, a city in Israel with a population of about 200,000 has become the site of several connected academic and technological influences, led by government and industry, which may position it to be the cyber capital of the country. The article Israel’s Cyber Sector Blooms in the Desert article from Security Week covers Beersheba’s industrial park, CyberSpark. A project leader for the Israeli National Cyber Bureau is quoted explaining how this area is primed to become a leader in cyber security. The report describes CyberSpark’s projected growth,
“Two more complexes comprising 27 buildings are to be added, and the municipality expects the population to grow by 100,000 in the next 10 years. About 30,000 soldiers, including 7,000 career officers, will move in the coming years to bases and a technology campus to be built on 100 hectares (250 acres) near CyberSpark and around Beersheba. As a lure from the bustle of cosmopolitan Tel Aviv, the government plans a bonus of $18,000 for single officers and $50,000 for families who spend at least five years in Beersheba.”
More often than not, we hear about cybercriminals taking the initiative while law enforcement, intelligence and others attempt to catch up. While the article frames CyberSpark as a case of proactive collaboration with necessary partners for the sake of forwarding the cyber security industry and protecting citizens, we are not sure it can be called proactive. Let’s not forget, as the article mentions, Israel may be the most heavily targeted country in the world with reports suggesting as many as a thousand web attacks per minute.
Megan Feil, February 24, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
No Evidence That Terrorists Are Using Bitcoin
February 23, 2016
If you were concerned virtual currencies like Bitcoin are making things easier for Islamic State (aka IS, ISIS, ISIL, or Daesh), you can rest easy, at least for now. The International Business Times reports, “Isis: Bitcoin Not Used by Daesh.” That is the conclusion reached by a Europol investigation performed after last November’s attacks in Paris. Though some had suggested the terrorists were being funded with cyber money, investigators found no evidence of it.
On the other hand, the organization’s communication networks are thriving online through the Dark Web and a variety of apps. Writer Alistair Charlton tells us:
Better known by European law enforcement is how terrorists like IS use social media to communicate. The report says: “The internet and social media are used for communication and the acquisition of goods (weapons, fake IDs) and services, made relatively safe for terrorists with the availability of secure and inherently encrypted appliances, such as WhatsApp, Skype and Viber. In Facebook, VKA and Twitter they join closed and hidden groups that can be accessed by invitation only, and use coded language.”
se of Tor, the anonymising browser used to access the dark web where sites are hidden from search engines like Google, is also acknowledged by Europol. “The use of encryption and anonymising tools prevent conventional observation by security authorities. There is evidence of a level of technical knowledge available to religiously inspired terrorist groups, allowing them to make their use of the internet and social media invisible to intelligence and law enforcement agencies.”
Of course, like any valuable technology, anonymizing apps can be used for weal or woe; they benefit marginalized peoples trying to make their voices heard as much as they do terrorists. Besides, there is no going back to a disconnected world now. My question is whether terrorists have taken the suggestion, and are now working on a Bitcoin initiative. I suppose we will see, eventually.
Cynthia Murrell, February 23, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Recommind Enables Easier Oversight into E-Discovery for Legal Industry
February 19, 2016
A recent article, entitled Recommind Adds Muscle to Cloud e-Discovery from CMS Wire, highlights an upgrade to Recommind’s Axcelerate e-discovery platform. This information intelligence and governance provider for the legal industry has upped their offering by adding a new efficiency scoring feature to enable “extensive visibility into the overall e-discovery review process.” Recommind make the updated based on polling their clients and finding 80 percent do not have oversight in regards to the technological competency of their outside counsel:
“Citing the same survey, he added that 72 percent of respondents pointed to insufficient visibility into the discovery practices of their outside counsel — legal professionals working with them but outside the firm — as a major concern. Axcelerate Cloud also eliminates the cost unpredictability that arises with traditional hosting charges with cloud-based e-discovery tools providers and the infrastructure maintenance required for on-premises solutions.”
When insights from big data is what a company is after, stronger cloud-based functionality is often the first step. Reminds us of enterprise search firm Autonomy which was eventually sold to HP. What will be next for Recommind?
Megan Feil, February 19, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
I Left My NoSQL Heart at the MarkLogic Conference
February 18, 2016
MarkLogic is a headlining company in the field of NoSQL enterprise databases, allowing companies to process, search, scale through massive data stores as well as build Web applications to handle the onslaught. As a respected enterprise leader, MarkLogic occasionally holds a conference to teach IT professionals as well as potential customers about its software benefits. This year MarkLogic will host the MarkLogic World 2016 US in San Francisco, California from May 9-12 at the Park Central Hotel.
The conference is described as:
“We kick the week off on Monday with three different hands-on workshops to choose from and end our week Thursday afternoon with our traditional closing keynote with our Founder and Chief Architect, Christopher Lindblad. New this year, we are including a special Partner Track, exclusive to MarkLogic partners and those interested in becoming one. If you are developing with MarkLogic, transitioning from RDBMS to MarkLogic, building apps on MarkLogic, or if you are just starting out on MarkLogic, this is the event for you. Sessions span from MarkLogic basics to technical deep dives covering data modeling, semantics, much & more.”
A Partner Track? That is a new feature at the MarkLogic convention, but what is its purpose? Will it be a daylong event where MarkLogic partners advertise their services or wares otherwise known as a commercial seminar without a free lunch? Will it be an informative explanation about how MarkLogic partners are shaping the NoSQL enterprise industry and combining their talents to advance the field? Maybe it is just a mix and mingle for networking?
The only way to know is to sign up for the conference and if you use the promo code “MLEMJAN” you can get in for free. It is also an excuse to visit San Francisco and ride the cable cars.
Whitney Grace, February 18, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Anonymous Hacks Turkish Cops
February 17, 2016
No Dark Web needed.
Anonymous has struck again, this time hacking the Turkish General Directorate of Security (EGM) in its crusade against corruption. The International Business Times reports, “Anonymous: Hacker Unleashes 17.8 GB Trove of Data from a Turkish National Police Server.” It is believed that the hacker responsible is ROR[RG], who was also deemed responsible for last year’s Adult Friend Finder breach. The MySQL-friendly files are now available for download at TheCthulhu website, which seems to be making a habit of posting hacked police data.
Why has Anonymous targeted Turkey? Reporter Jason Murdock writes:
“Anonymous has an established history with carrying out cyberattacks against Turkey. In 2015 the group, which is made up of a loose collection of hackers and hacktivists from across the globe, officially ‘declared war’ on the country. In a video statement, the collective accused Turkish President Recep Tayyip Erdo?an’s government of supporting the Islamic State (Isis), also known as Daesh. Turkey is supporting Daesh by buying oil from them, and hospitalising their fighters,’ said a masked spokesperson at the time. ‘We won’t accept that Erdogan, the leader of Turkey, will help Isis any longer. If you don’t stop supporting Isis, we will continue attacking your internet […] stop this insanity now Turkey. Your fate is in your own hands.’”
We wonder how Turkey will respond to this breach, and what nuggets of troublesome information will be revealed. We are also curious to see what Anonymous does next; stay tuned.
Cynthia Murrell, February 16, 2016
A Guide to Google-Ize Your Business
February 16, 2016
To Google is a verb, meaning to search specifically for information on the Google search engine. If a user is unable to find information on Google, they either change their key words or look for a different option. In other words, if you are not pulling up on Google than you might as well not exist. Perhaps it is a little drastic to make the claim, but without a Web presence users, who double as consumers, are less likely to visit your business. Consumers take an active approach to shopping these days by doing research before they visit or purchase any goods or services. A good Web presence alerts them to a company’s capabilities and how it can meet the consumers’ needs.
If you are unsure of how to establish a Web presence, much less a Google Web presence then there is a free eBook to help you get started. The Reach Local blog posted information about “Master Google My Business With Our New Ebook.” Google My Business is a free tool from Google about how to publish your business information in Google+, Google Maps, and local search results.
“Without accurate and up to date information on Google, you could be missing out on leads and potential customers either by having the wrong phone number and address listed or by not appearing at all in local search results for products and services relevant to your business. We want to help you take control of your information on the web, so we put together a helpful eBook that explains what Google My Business is, how to set up and verify your business, and tips for managing your information and tracking your progress.”
The free eBook “Your Guide To Google My Business” written by the Reach Local folks is an instruction manual on how to take advantage of the Google tool without going through the headache of trying to understand how it works. Now if only Windows 10 would follow a similar business pattern to help users understand how it works.
Whitney Grace, February 16, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
d
The UK Government Invests in Secure Startups
February 15, 2016
The UK has been criticized as being one of the most invasive countries when it comes to monitoring individuals and having security cameras everywhere, even on garbage cans. While the question, “how much is too much?” runs around people’s heads, there is also a concern about the lax of security developments. The UK is much like its former colony the United States in that is interested in beefing up security technology InfoSecurity says in the article, “Government Start-up Support Creates A ‘Very Exciting Time.’”
Government support for UK security tech start-ups is one of the main driving forces in the industry. It demonstrates that the UK government is invested in advancing new ideas and help new companies get the leg up they need to develop the best possibly product before it is delivered to a bigger market. It also proves that the government is taking cybersecurity as a very serious risk that needs bolstering to counteract actions taken by terrorists and rogue nations.
“This week, the UK government announced a £250,000 Early Stage Accelerator Programme to help start-ups in the space get advice, support and funding to develop their products and services and bring them to market. It will be run by Cyber London—described as “Europe’s first cybersecurity accelerator and incubator space”—and the Centre for Secure Information Technologies (CSIT) at Queen’s University Belfast.”
While venture corporations are usually the first place start-ups turn to for investments, the government plays a crucial role in regulating the technology and helping companies grow beyond their initial roots. It also allows the new security start-ups to make important connections with the right government officials to build strategic relationships.
It is wonderful that western governments are taking cyber threats more seriously and take preemptive action against dangerous threats. It would be even better if smaller law enforcement agencies at the city and state level in the US were more capable of handling cyber attacks.
Whitney Grace, February 15, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Dark Web Crime Has Its Limits
February 12, 2016
The Dark Web is an intriguing and mysterious phenomenon, but rumors about what can be found there are exaggerated. Infomania examines what is and what is not readily available in that murky realm in, “Murder-for-Hire on the Dark Web? It Can’t Be True!”
Anonymity is the key factor in whether certain types of criminals hang out their shingles on the TOR network. Crimes that can be more easily committed without risking identification include drug trafficking, fraud, and information leaks. On the other hand, contract assassins, torture-as-entertainment, and human trafficking are not actually to be found, despite reports to the contrary. See the article for details on each of these, and more. The article cites independent researcher Chris Monteiro as it summarizes:
The dark web is rife with cyber crime. But it’s more rampant with sensationalized myths about assassination and torture schemes — which, as Chris can attest, simply aren’t true. “What’s interesting is so much of the coverage of these scam sites is taken at face value. Like, ‘There is a website. Therefore its contents must be true.’ Even when mainstream media picks it up, very few pick it up skeptically,” he says.
Take the Assassination Market, for example. When news outlets got wind of its alleged existence in 2013, they ran with the idea of “Murder-for-hire!!” on the Internet underground. Although Chris has finally demonstrated that these sites are not real, their legend lives on in Internet folklore. “Talking about the facts — this is how cybercrime works, this is how Tor and Bitcoin work — is a lot less sexy than saying, ‘If you click on the wrong link, you’ll be kidnapped, and you’ll end up in a room where you’ll be livestreamed, murdered, and you’re all over the internet!’” Chris says. “All I can do is point out what’s proven and what isn’t.”
So, next time someone spins a scary tale about killers-for-hire who are easily found online, you can point them to this article. Yes, drug trafficking, stolen data, and other infractions are big problems associated with the Dark Web, but let us not jump at shadows.
Cynthia Murrell, February 12, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
-
- Subscribe to Beyond Search
Feature archive
News archive
-
