Browse > Home / Archive by category 'Security'

Online Paranoia and Context

December 3, 2009

Years ago, I met the president of a company in Houston, Texas. I recall hearing that person recounting some of his management insights in the construction business. One catchphrase he used to make a point had to do with paranoia and knowing that everyone was out to get you. Years later I read Andy Grove’s Only the Paranoid Survive: How to Exploit the Crisis Points That Challenge Every Company. Similar idea: some awareness of what the competition is doing is essential to focus an organization’s energies. Over the years, I have worked on a couple of jobs in which paranoia was a useful ingredient like basil on a Food Channel’s winning pizza recipe. In certain work situations, a dash of paranoia is what separates those who survive from those who become the concrete in a skyscraper or the dough in a calzone.

I read “8 Million Reasons for Real Surveillance Oversight”, and you may want to scan the article as well. The main point in my opinion is:

My point is this: The vast majority of the government’s access to individuals’ private data is not reported, either due to a failure on DOJ’s part to supply the legally required statistics, or due to the fact that information regarding law enforcement requests for third party stored records (such as email, photos and other data located in the cloud) is not currently required to be collected or reported. As for the millions of government requests for geo-location data, it is simply disgraceful that these are not currently being reported…but they should be.

If you want a catalog of examples of surveillance activities, the article provides a useful starting point.

Let me conclude with several observations:

  1. Depending on one’s job, these activities may have a different context. For example, if one is working on a project when there are other factors in play, then the need to use available resources to address a matter is a responsible and necessary activity. I think of information has an instrument, and the use of that instrument depends on context. Without context, I find it difficult to make an informed judgment about “shoulds,” “woulds” and “coulds”.
  2. Some engaged in law enforcement have experienced significant increases in the amount and type of work that must be done on the “job”. As a result, like any process oriented professional, when software can perform certain work more efficiently, it makes perfect sense to me to use new methods to manage a task. I find it typical of public companies, start ups, and government organizations to try different techniques and determine which work and which don’t. Adaptation takes place. In my experience, those experiences are an essential part of professional behavior.
  3. The budget data for law enforcement and intelligence professionals, when compared to the volume of work that must be performed is not included in the article. One quick example: a major city’s law enforcement group needs twice the number of uniforms presently available to handle existing criminal activity. There is neither budget nor political support to expand the number of officers. Use of new methods is one way to extend the thin membrane of law enforcement over the present work load.
  4. The volume of data available is impossible to capture, manage, and process with traditional methods. Not even the most sophisticated computer systems are able to deliver the type of information that may be needed to address a certain situation. In my experience, more investment and effort are needed to tame and channel the raging floods of data.

In short, paranoia is a useful motivational and creative force. However, paranoia without context can create an impression that certain situations look like a duck but may be a very different animal. Forget trade shows. Forget public announcements about data sets being made available. Remember that context is needed to understand the who, what, why, and how of an action. These nuances are tough to get even when one is working on a project that requires certain types of data. Outside of those projects, context may be impossible to obtain. Without context, I find it difficult to speak with confidence about a specific action or a group of unrelated actions.

I do know what can happen if certain data are ignored. You do too if you do some historical thinking.

Stephen Arnold, December 3, 2009

Oyez, oyex, I wish to report to the Department of Justice that I was not paid by anyone to point out that context is a useful concept when writing about specific actions taken in order to complete a mission.

Written by Stephen E. Arnold · Filed Under Government, News, Online (general), Overflight, Search, Security, Social, Technology, Text processing | Comments Off on Online Paranoia and Context 

Attivio and Traction

November 30, 2009

Attivio is a search and content processing company that has been dancing with some interesting cha cha cha variations. The company’s announcement earlier in November caught me by surprise. Attivio and Traction Software are teaming up. Attivio describes itself in this way:

Powering Business Solutions with Active Intelligence

Traction Software says about itself:

Traction TeamPage adds security, threaded discussion, moderation, document management, and more to award-winning social software and search that works like the Web. Whether you’re one team or want to connect hundreds of customer, supplier, partner, and internal groups, Traction TeamPage is your best choice for Enterprise 2.0.

According to Fierce Content Management:

By tying a search tool to a security model, it means that only those employees who are supposed to see the information will see it. It gives you the power of collaboration and enterprise-class search along with security.

I will need more detail before I can answer the questions swirling through my mind?

  • What exactly will each company do in an enterprise?
  • What is the cost of the combined solution?
  • What types of organizations need the blend of Attivio and Traction innovations?

The goslings and I completed some research that suggests social functions and other enterprise 2.0 “plays” are not hitting home runs. Where deployed, there are some singles. Worth monitoring in my opinion.

Stephen Arnold, November 30, 2009

Dear Oversight Authority at Administration on Developmental Disabilities. I was not paid to write this article expressing my inability to figure out the upside of the tie up for the types of organizations silly enough to hire me.

Written by Stephen E. Arnold · Filed Under Business strategy, News, Search, Security, Social | Comments Off on Attivio and Traction 

Nstein Releases Semantic Site Search

November 23, 2009

Nstein, a company that offers a wide range of software systems, has released its 3S product. Details appear in “Nstein Technologies Releases Semantic Site Search Engine.” The story reported:

The 3S product is built utilizing the registered text-extracting expertise of Nstein for web site search and precise results.

I was initially confused by the 3S moniker. But the write up shed more light on the approach:

3S’s design allows it to source the search content from various stored indexes and published web sources. It works by sensing the attributes of the materials to index them in an orderly fashion. After arranging the materials, Nstein’s patented semantic fortification method is utilized for processing.

According to the article, Nstein’s first client is Gesca Digital, which is part of the Torstar-owned Olive network. Gesca focuses on French language content. I anticipate that the system will become available on www.cyberpresse.ca and www.testesaclaques.tv. I’ve added these sites to my “to review” list.

Stephen Arnold, November 23, 2009

I want to disclose to the Maritime Administration that I was not paid to write about a company near the Great Lakes. No cross border shenanigans for the goose.

Written by Stephen E. Arnold · Filed Under Business strategy, News, Security, Semantic, Text processing | Comments Off on Nstein Releases Semantic Site Search 

The Guardian on Email Surveillance

November 15, 2009

I think this article “Email Surveillance: Ditch It for Good” is an opinion piece. The Guardian is not exactly number one with a bullet in the online world, but it does have a penchant for writing articles that catch my attention. The idea is that the UK government should not “snoop on all our communication and Internet activity.” I disagree. My view is that governments have little choice but to move toward surveillance and increasingly proactive actions with regard to information. There are lots of bad folks out there, and the legal and political consequences of not taking appropriate actions are significant. Islands are pretty good for surveillance too. The UK and Australian enforcement entities are case examples of how electronic nets can be used to catch some interesting fish. The Guardian does not agree with me. So here’s a hypothetical: the UK government does not perform surveillance and a bad event occurs. Many are killed and injured in London. Subsequent investigation reveals that the event was described in emails and other common information channels. What are the legal and political consequences of this turn of events. Surveillance cannot be “ditched for good.” Surveillance is a fact of today’s information world in my opinion. Autonomy and i2.co.uk are two outfits with useful monitoring technology. These companies’ tools were developed to meet a need, even though the Guardian finds the need difficult to accept. An information reality is just like the financial reality many firms face in today’s business climate–Unpleasant to some but a fact nevertheless.

Stephen Arnold, November 16, 2009

I want to report to the Institute of Peace that I was not paid to point out that the Guardian is complaining about an information shift that says, “You can’t go home again.” There’s not enough cash in the goose’s coffers for that journey.

Written by Stephen E. Arnold · Filed Under Government, News, Publishing, Security, Technology, Text processing | Comments Off on The Guardian on Email Surveillance 

UK Embraces Big Data

November 10, 2009

The BBC reported that the UK will move forward with its monitoring system. The idea is to treat communications as a dataspace. You can read the story “UK Surveillance Plan to Go Ahead” to get the details. In my opinion, the UK is getting into big data. The interest aspect of this surveillance plan is not addressed in the write up. My question is, “Who will provide the data processing services for these data?” My thought is that a company like Google might one option. Microsoft, in my opinion, does not have the dataspace technology in as mature a form as does Google.

Stephen Arnold, November 11, 2009

Written by Stephen E. Arnold · Filed Under Business strategy, Government, News, Security, Text processing | 2 Comments 

Cell Phone Early Warning System

November 9, 2009

A happy quack to my colleague in the Near East for pointing me to “Cellphone Alert System Expected in 2 Yrs.” The point of the story is that Israel’s home front command “will be able to calculate the precise location of an impact zone, and alert residents in an affected neighborhood via their cellphones.” I also noted this passage:

Soffer [Israeli official] said that 90 percent of the civilian casualties sustained by Israel during the Second Lebanon War and Operation Cast Lead in Gaza involved people who were struck by projectiles while they were in open areas away from buildings.  Civilians who seek cover in designated safe zones during rocket attacks are not likely to be wounded or killed…

Interesting use of “push, real-time mobile technology in my opinion.

Stephen Arnold, November 9, 2009

I was at the Jewish Community Center last night but I had to pay to get in. I don’t think that counts as payment for this write up. To be safe, I will alert the Jefferson Country Animal Control Office.

Written by Stephen E. Arnold · Filed Under Mobile, News, Real time search, Security, Technology | 3 Comments 

Paranoia Blossoms

October 14, 2009

The article “5 Ways You’re Secretly Being Monitored” is interesting and may represent a growing interest among Internet users. The idea is that when you run a query or ride a bus, you may be monitored. The data feed into repositories where the everyday activities get crunched, transformed, and analyzed. The article is a trifle heavy handed, which disturbs the addled goose. Worth reading, particularly if you live outside the US and plan a trip to popular destinations like the big cities, will use the Internet, and ride mass transit.

Stephen Arnold, October 14, 2009

Written by Stephen E. Arnold · Filed Under News, Security, Technology | Comments Off on Paranoia Blossoms 

Google and User Tracking Again

October 6, 2009

I found “Google View Thru Tracking: Has Big Brother Been Watching” quite interesting. In my Google monographs I describe briefly some of Google’s mechanisms for capturing user behavior data. This article is one of the first that references Google’s method for “knowing” what happens whether the user clicks or not. That statement is a simplification, but the idea is that Google’s systems and methods maintain an awareness in user sessions. Chrome is one step to a richer data collection and management method, but that technology is not referenced in the article. If you are interested in this type of monitoring, read the Search Engine Watch story.

Stephen Arnold, October 6, 2009, No dough

Written by Stephen E. Arnold · Filed Under Business strategy, News, Security, Technology | Comments Off on Google and User Tracking Again 

Oracle SES11 in Beta

October 3, 2009

Oracle has put some wood behind its Secure Enterprise Search product. The current version is SES10.1.8 G. You can download this system at this Oracle link. I learned from one of my two or three readers that Oracle has moved SES11 into beta mode. The product manager of the beta is Stefan Buchta. If you want to test the system, you can obtain his email address and more information at this Oracle link.

As I was getting up to speed, I noticed that Oracle had available a new white paper, dated January 2009. The addled goose was ashamed of himself. He missed this document in his routine scan of the Oracle Overflight reports.

After downloading the white paper “Secure Enterprise Search Version 10.1.8.4”, the addled goose noticed some interesting items; to wit:

The white paper reports “sub second query performance”. My question was, “What’s the index size, refresh and query load, and system infrastructure? Throwing hardware at a performance problem is often a way to resolve performance issues, and my hunch is that SES10g can be a computational glutton.

Second, among the enhancements listed was “security”. Hmm. Security has been a feature since version 9i as I recall. I wonder how security has been improved because the “full security” for search requires the licensing of the Oracle security server which may no longer be required, but somehow I doubt that Oracle has bundled this component with the plain vanilla SES10g product.

Third, SES10g seems to use the word “repository” in concert with the phrase “Oracle 10g database”. My recollection is that the “database” can be prone to certain Oracle bottlenecks related to intensive disc reads. Performance, therefore, is easy to talk about but may be expensive to deliver. But since we have not tested this most recent build, maybe the bottlenecks have been resolved. I have heard that Oracle is a Google partner and that some of the applications folks at Oracle are using the Google Search Appliance, not SES10g. Maybe this is an aberration?

Fourth, the crawler can handled structured and unstructured data. I know that SES10g can deal with structured data. That is a core competency of Oracle. I am not 100 percent that the unstructured data challenge has been fully met. Customers want hybrid content systems and the market is heating up. Autonomy’s SPE is a challenger because the Oracle solution may not be the home run that the white paper suggests. Autonomy is quite savvy when it comes to exploiting opportunities created by large players who don’t deliver fully on the market collaterals’ assertions.

Fifth, connectors get more attention. The list of connectors on page 25 of the white paper seems to lag what’s offered by the Lucid Imagination open source search system and is even farther behind connectors available from Coveo, Exalead, and others in the search and content processing sector. Surprisingly, connectors for MicroStrategy (close to Clarabridge), Business Objects (SAP and Inxight), and Cognos (IBM) have been removed. Well, that’s one way to get Oracle shops to adopt Oracle’s in house and acquired business intelligence components.

The white paper concludes with a snapshot of the AT Kearney knowledge portal. EDS bought AT Kearney and then the partners of AT Kearney bought the firm from EDS in 2005. Since that time, AT Kearney has been chugging along. It ranks among the blue chip consulting firms and is still working to meet the lofty goals set forth by Andrew Thomas Kearney in 1929. I wonder if Oracle is an AT Kearney client. I will have to check.

The knowledge portal interface reminded me of the Clearwell Systems, Coveo, and Exalead interfaces by the way.

In short, the white paper struck me as a modest update to the previous Oracle white papers. I did not see a reference to the vertical vocabularies that were once available for Oracle content processing systems. The architecture did not strike me as significantly different. Performance gains probably come from using Intel’s multi core processors and the larger memory space enabled with 64 bit support.

Take a look. I have no pricing data at this time.

Stephen Arnold, October 3, 2009

Written by Stephen E. Arnold · Filed Under Business strategy, Database, Enterprise, News, Search, Security, Technology, Text processing | Comments Off on Oracle SES11 in Beta 

Security Poker: Google Calls Microsoft

September 26, 2009

Software and security are like one of the combinations in chemistry lab. Get calcium carbine and hydrochloric acid. Mix. Ignite. Interesting. With Google marginalizing Microsoft’s Internet Explorer, Microsoft responded with an assertion about security. Wow. Microsoft’s Internet Explorer, for me at least, has been one of the software applications that gives me headaches. My father gathers malware the way I do news stories in my RSS reader.

Microsoft’s response to Google’s marginalization play is summarized in “Microsoft believes Google Chrome Frame lowers security of IE”. Google’s response is described in “Google Barks Back at Microsoft over Chrome Frame Security.”

I have to tell that I think this is quite exciting. My knowledge about Microsoft’s security in its browsers and related software comes from Steve Gibson’s Security Now podcast. My recollection is that Mr. Gibson is quite conservative when it comes to security. For that reason, I have switched to Firefox. I don’t know if this is the optimal path for me, but I changed my father over to Firefox, and I had fewer nasties to kill when he used Firefox.

My hunch is that the war of words will escalate and quickly. Security is not Microsoft’s strong suit in my opinion. Google may continue to probe this decayed tooth.

Stephen Arnold, September 26, 2009

Written by Stephen E. Arnold · Filed Under Business strategy, Google, Microsoft, News, Security | 1 Comment 

« Previous PageNext Page »

  • Archives

  • Recent Posts

  • Meta