FOGINT: UN Says Telegram Is a Dicey Outfit
October 14, 2024
The only smart software involved in producing this short FOGINT post was Microsoft Copilot’s estimable art generation tool. Why? It is offered at no cost.
One of my colleagues forwarded a dump truck of links to articles about a UN Report. Before commenting on the report, I want to provide a snapshot of the crappy Web search tools and the useless “search” function on the UN Web site.
First, the title of the October 2024 report is:
Transnational Organized Crime and the Convergence of Cyber-Enabled Fraud, Underground Banking and Technological Innovation in Southeast Asia: A Shifting Threat Landscape
I want to point out that providing a full title in an online article is helpful to some dinobabies like me.
Second, including an explicit link to a document is also appreciated by some people, most of whom are over 25 years in age, of above average intelligence, and interested in online crime. With that in mind, here is the explicit link to the document:
https://www.unodc.org/roseap/uploads/documents/Publications/2024/TOC_Convergence_Report_2024.pdf
Now let’s look briefly at what the 142 page report says:
Telegram is a dicey outfit.
Not bad: 142 pages compressed to five words. Let look at two specifics and then I encourage you to read the full report and draw your own conclusions about the quite clever outfit Telegram.
The first passage which caught my attention was this one which is a list of the specialized software and services firms paying attention to Telegram. Here is that list. It is important because most of these outfits make their presence known to enforcement and intelligence entities, not the TikTok-type crowd:
Bitrace
Chainalysis
Chainargos
Chainvestigate
ChongLuaDao (Viet Nam)
Coeus
Crystal Intelligence
CyberArmor
Flare Systems
Flashpoint
Group-IB
Hensoldt Analytics
Intel 471
Kela
Magnet Forensics
Resecurity
Sophos
SlowMist
Trend Micro
TRM Labs
Other firms played ball with the UN, but these companies may have suggested, “Don’t tell anyone we assisted.” That’s my view; yours may differ.
The second interesting passage in the document for me was:
Southeast Asia faces unprecedented challenges posed by transnational organized crime and illicit economies. The region is witnessing a major convergence of different crime types and criminal services fueled by rapid and shifting advancements in physical, technological, and digital infrastructure have have allowed organized crime networks to expand these operations.
Cyber crime is the hot ticket in southeast Asia. I would suggest that the Russian oligarchs are likely to get a run for their money if these well-groomed financial wizards try to muscle in on what is a delightful mix of time Triads, sleek MBAs, and testosterone fueled crypto kiddies with motos, weapons and programming expertise. The mix of languages, laws, rules, and special purpose trade zones add some zest to the run-of-the-mill brushing activities. I will not suggest that many individuals who visit or live in Southeast Asia have a betting gene, but the idea is one worthy of Stuart Kauffman and his colleagues at the Santa Fe Institute. Gambling emerges from chaos and good old greed.
A third passage which I circled addressed Telegram. By the way, “Telegram” appears more than 100 times in the document. Here’s the snippet:
Providing further indication of criminal activity, Kokang casinos and associated companies have developed a robust presence across so-called ‘grey and black business’ Telegram channels facilitating cross-border ‘blockchain’ gambling, underground banking, money laundering, and related recruitment in Myanmar, Cambodia, China, and several other countries in East and Southeast Asia.
The key point to me is that this is a workflow process with a system and method spanning countries. The obvious problem is, “Whom does law enforcement arrest?” Another issue, “Where is the Telegram server?” The answer to the first question is, “In France.” The second question is more tricky and an issue that the report does not address. This is a problematic omission. The answer to the “Where is the Telegram server?” is, “In lots of places.” Telegram is into dApps or distributed applications. The servers outside of Moscow and St Petersburg are virtual. The providers or enablers of Telegram probably don’t know Telegram is a customer and have zero clue what’s going on in virtual machines running Telegram’s beefy infrastructure.
The report is worth reading. If you are curious about Telegram’s plumbing, please, write benkent2020 at yahoo dot com. The FOGINT team has a lecture about the components of the Telegram architecture as well as some related information about the company’s most recent social plays.
Stephen E Arnold, October 14, 2024
Social Media: A Glimpse of What Ignorance Fosters
September 27, 2024
This essay is the work of a dumb dinobaby. No smart software required.
The US Federal Trade Commission has published a free report. “A Look Behind the Screens Examining the Data Practices of Social Media and Video Streaming Services” is about 80 pages comprising the actual report. The document covers:
- A legal framework for social media and streaming services
- Some basic information about the companies mentioned in the report
- The data “practices” of the companies (I would have preferred the phrase “procedures and exploitation”)
- Advertising practices (my suggestion is to name the section “revenue generation and maximization”)
- Algorithms, Data Analytics, or AI
- Children and teens
The document includes comments about competition (er, what?), some conclusions, and FTC staff recommendations.
From the git-go, the document uses an acronym: SMVSSs which represents Social Media and Video Streaming Services. The section headings summarize the scope of the document. The findings are ones which struck me as fairly obvious; specifically:
- People have no idea how much data are collected, analyzed, and monetized
- Revenue is generated by selling ad which hook to the user data
- Lots of software (dumb and smart) are required to make the cost of operations as efficient as possible
- Children’s system use and their data are part of the game plan.
The report presents assorted “should do” and “must do.” These too are obvious; for example, “Companies should implement policies that would ensure greater protection of children and teens.”
I am a dinobaby. Commercial enterprises are going to do what produces revenue and market reach. “Should” and “would” are nice verbs. Without rules and regulations the companies just do what companies do. Consequences were needed more than two decades ago. Now the idea of “fixing up” social media is an idea which begs for reasonable solutions. Some countries just block US social media outfits; others infiltrate the organizations and use them and the data as an extension of a regime’s capabilities. A few countries think that revenue and growth are just dandy. Do you live in one of these nation states?
Net net: Worth reading. I want a T shirt that says SMVSSs.
Stephen E Arnold, September 27, 2024
Discord: Following the Telegram Road Map?
September 26, 2024
This essay is the work of a dumb dinobaby. No smart software required.
A couple of weeks ago, I presented some Telegram (the company in Dubai’s tax-free zone) information. My team and I created a timeline, a type of information display popular among investigators and intelligence analysts. The idea is that if one can look at events across a span of hours, days, months, or years in the case of Telegram, one can get some insight into what I call the “innovation cadence” of the entity, staff growth or loss, type of business activity in which the outfit engages, etc.
Some high-technology outfits follow road maps in circulation for a decade or more. Thanks, MSFT Copilot. Good enough.
I read “Discord Launches End-to-End Encrypted Voice and Video Chats.” This social media outfit is pushing forward with E2EE. Because the company is located in the US, the firm operates under the umbrella of US laws, rules, and regulations. Consequently, US government officials can obtain documents which request certain information from the company. I want to skip over this announcement and the E2EE system and methods which Discord is using or will use as it expands its services.
I want to raise the question, “Is Discord following the Telegram road map?” Telegram is, as you probably know, is not providing end-to-end encryption by default. In order to send a “secret” encrypted message, one has to click through several screens and send a message to a person who must be online to make the Telegram system work. However, Telegram provides less sophisticated methods of keeping messages private. These tactics include a split between public Groups and private Groups. Clever Telegram users can use Telegram as a back end from which to deliver ransomware or engage in commercial transactions. One of the important points to keep in mind is that US-based E2EE outfits have far fewer features than Telegram. Furthermore, our research suggests that Telegram indeed a plan. The company has learned from its initial attempt to create a crypto play. Now the “structure” of Telegram involves an “open” foundation with an alleged operation in Zug, Switzerland, which some describe as the crypto nerve center of central Europe. Plus, Telegram is busy trying to deploy a global version of the VKontakte (the Russian Facebook) for Telegram users, developers, crypto players, and tire kickers.
Several observations:
- Discord’s innovations are essentially variants of something Telegram’s engineers implemented years ago
- The Discord operation is based in the US which has quite different rules, laws, and tax regulations than Dubai
- Telegram is allegedly becoming more cooperative with law enforcement because the company wants to pull off an initial public offering.
Will Discord follow the Telegram road map, undertaking the really big plays; specifically, integrated crypto, an IPO, and orders of magnitude more features and functional capabilities?
I don’t know the answer to this question, but E2EE seems to be a buzzword that is gaining traction now that the AI craziness is beginning to lose some of its hyperbolicity. However, it is important to keep in mind that Telegram is pushing forward far more aggressively than US social media companies. As Telegram approaches one billion users, it could make inroads into the US and tip over some digital apple carts. The answer to my question is, “Probably not. US companies often ignore details about non-US entities.” Perhaps Discord’s leadership should take a closer look at the Telegram operation which spans Discord functionality, YouTube hooks, open source tactics, its own crypto, and its recent social media unit?
Stephen E Arnold, September 26, 2024
Consistency Manifested by Mr. Musk and the Delightfully Named X.com
September 25, 2024
This essay is the work of a dumb dinobaby. No smart software required.
You know how to build credibility: Be consistent, be sort of nice, be organized. I found a great example of what might be called anti-credibility in “Elon Rehires lawyers in Brazil, Removes Accounts He Insisted He Wouldn’t Remove.” The write up says:
Elon Musk fought the Brazilian law, and it looks like the Brazilian law won. After making a big show of how he was supposedly standing up for free speech, Elon caved yet again.
The article interprets the show of inconsistency and the abrupt about face this way:
So, all of this sounds like Elon potentially realizing that he did his “oh, look at me, I’m a free speech absolutist” schtick, it caused ExTwitter to lose a large chunk of its userbase, and now he’s back to playing ball again. Because, like so much that he’s done since taking over Twitter, he had no actual plan to deal with these kinds of demands from countries.
I agree, but I think the action illustrates a very significant point about Mr. Musk and possibly sheds light on how other US tech giants who get in regulatory trouble and lose customers will behave. Specifically, they knock off the master of the universe attitude and adopt the “scratch my belly” demeanor of a French bulldog wanting to be liked.
The failure to apply sanctions on companies which willfully violate a nation state’s laws has been one key to the rise of the alleged monopolies spawned in the US. Once a country takes action, the trilling from the French bulldog signals a behavioral change.
Now flip this around. Why do some regulators have an active dislike for some US high technology firms? The lack of respect for the law and the attitude of US super moguls might help answer the question.
I am certain many government officials find the delightfully named X.com and the mercurial Mr. Musk a topic of conversation. No wonder some folks love X.com so darned much. The approach used in Brazil and France hopefully signals consequences for those outfits who believe no mere nation state can do anything significant.
Stephen E Arnold, September 25, 2024
The EU Has a Small Sense of Humor: X.com Is Under Endowed?
September 17, 2024
This essay is the work of a dumb dinobaby. No smart software required.
Elon Musk has a big rocket. Elon Musk has a big car company. Elon Musk has a big hole making machine. But Elon Musk has a high-technology social media outfit which is too small.
I think European regulators have a sense of humor. Furthermore, calling attention to Mr. Musk’s fascination with “big,” the characterization is likely to evoke eye rolls and some nudges among those in the know. Thanks, MSFT Copilot. Good enough, a bit like a Tesla.
I read “Musk’s X Deemed Too Small for EU Crackdown on Big Tech Power.” Small, yes. The “real news” report says:
X will dodge the DMA’s raft of dos and don’ts because it isn’t a powerful enough service for business users and doesn’t meet certain revenue thresholds, according to the people, who spoke under condition of anonymity.
Okay, small and impotent.
Let’s look at the “too small” judgment compared to Brazil’s approach. The EU pushes the little bitty X thingy idea; Brazil kicked X.com out of the country. The Brazilian action reacted to X.com as if it were a big outfit with an outsized reach, from the beach in Rio to the sky above Cristo Redentor. Brazil relaxed its freeze on X.com’s bank account so the big X.com fine could be paid.
Observations:
- X.com is too small. Ouch. Intentional or not, this has to remind someone of crude jokes in the high school boys’ locker room.
- The EU wants to make it crystal clear that its actions will be directed at the really big US high-technology outfits which violate assorted EU rules and regulations, write checks for fines, and keep on doing what the companies choose to do.
- Slapping a label on a company which presents itself as a global blockbuster illustrates some disdain.
Net net: Brazil went big. The EU goes small. Very small, X.com, tinier than a Telegram.
Stephen E Arnold, September 17, 2024
Social Media Cowboys, the Ranges Are Getting Fences
September 2, 2024
This essay is the work of a dumb dinobaby. No smart software required.
Several recent developments suggest that the wide open and free ranges are being fenced in. How can I justify this statement, pardner? Easy. Check out these recent developments:
- The founder of Telegram is Pavel Durov. He was arrested on Saturday, August 26, 2024, at Le Bourget airport near Paris
- TikTok will stand trial for the harms to children caused by the “algorithm”
- Brazil has put up barbed wire to keep Twitter (now X.com) out of the country.
I am not the smartest dinobaby in the rest home, but even I can figure out that governments are taking action after decades of thinking about more weighty matters than the safety of children, the problems social media causes for parents and teachers, and the importance of taking immediate and direct action against those breaking laws.
A couple of social media ranchers are wondering about the actions of some judicial officials. Thanks, MSFT Copilot. Good enough like most software today.
Several questions seem to be warranted.
First, the actions are uncoordinated. Brazil, France, and the US have reached conclusions about different social media companies and acted without consulting one another. How quickly with other countries consider their particular situation and reach similar conclusions about free range technology outfits?
Second, why have legal authorities and legislators in many countries failed to recognize the issues radiating from social media and related technology operators? Was it the novelty of technology? Was it a lack of technology savvy? Was it moral or financial considerations?
Third, how will the harms be remediated? Is it enough to block a service or change penalties for certain companies?
I am personally not moved by those who say speech must be free and unfettered. Sorry. The obvious harms outweigh that self-serving statement from those who are mesmerized by online or paid to have that idea and promote it. I understand that a percentage of students will become high achievers with or without traditional reading, writing, and arithmetic. However, my concern is the other 95 percent of students. Structured learning is necessary for a society to function. That’s why there is education.
I don’t have any big ideas about ameliorating the obvious damage done by social media. I am a dinobaby and largely untouched by TikTok-type videos or Facebook-type pressures. I am, however, delighted to be able to cite three examples of long overdue action by Brazilian, French, and US officials. Will some of these wild west digital cowboys end up in jail? I might support that, pardner.
Stephen E Arnold, September 2, 2024
Am I Overly Sensitive to X (Twitter) Images?
August 28, 2024
X AI Creates Disturbing Images
The AI division of X, xAI, has produced a chatbot called Grok. Grok includes an image generator. Unlike ChatGPT and other AIs from major firms, Grok seems to have few guardrails. In fact, according to The Verge, “X’s New AI Image Generator Will Make Anything from Taylor Swift in Lingerie to Kamala Harris with a Gun.” Oh, if one asks Grok directly, it claims to have sensible guardrails and will even list a few. However, writes senior editor Adi Robertson:
“But these probably aren’t real rules, just likely-sounding predictive answers being generated on the fly. Asking multiple times will get you variations with different policies, some of which sound distinctly un-X-ish, like ‘be mindful of cultural sensitivities.’ (We’ve asked xAI if guardrails do exist, but the company hasn’t yet responded to a request for comment.) Grok’s text version will refuse to do things like help you make cocaine, a standard move for chatbots. But image prompts that would be immediately blocked on other services are fine by Grok.”
The article lists some very uncomfortable experimental images Grok has created and even shares a few. See the write-up if curious. We learn one X user found some frightening loopholes. When he told the AI he was working on medical or crime scene analysis, it allowed him to create some truly disturbing images. The write-up shares blurred versions of these. The same researcher says he got Grok to create child pornography (though he wisely does not reveal how). All this without a “Created with AI” watermark added by other major chatbots. Although he is aware of this issue, X owner Elon Musk characterizes this iteration of Grok as an “intermediate step” that allows users “to have some fun.” That is one way to put it. Robertson notes:
“Grok’s looseness is consistent with Musk’s disdain for standard AI and social media safety conventions, but the image generator is arriving at a particularly fraught moment. The European Commission is already investigating X for potential violations of the Digital Safety Act, which governs how very large online platforms moderate content, and it requested information earlier this year from X and other companies about mitigating AI-related risk. … The US has far broader speech protections and a liability shield for online services, and Musk’s ties with conservative figures may earn him some favors politically.”
Perhaps. But US legislators are working on ways to regulate deepfakes that impersonate others, particularly sexually explicit imagery. Combine that with UK regulator Ofcom’s upcoming enforcement of the OSA, and Musk may soon find a permissive Grok to be a lot less fun.
Cynthia Murrell, August 28, 2024
Moving Quickly: School Cell Phone Bans
August 21, 2024
In a victory for common sense, 9to5Mac reports, “More Schools Banning Students from Using Smartphones During Class Time.” Proponents of bans argue they improve learning outcomes and reduce classroom disruption. To which we reply: well, duh. They also claim bans protect children from cyberbullying. Maybe. Writer Ben Lovejoy states:
“More schools are banning students from using smartphones in classes, with calls for a federal ban rather than the current mix of state laws. Apple’s home state of California is expected to be the next state to introduce a ban. Orlando has so far taken the toughest line, banning smartphone use during the entire day, and blocking access to social media networks on the school Wi-Fi. Worldwide, around one in four countries has implemented bans or restrictions on the use of smartphones in schools. A 9to5Mac poll conducted a year ago found strong support for the same happening in the US, with 73% in favor and only 21% opposed. … Within the US, four states have already implemented bans, or are in the process of doing so: Florida, Indiana, Louisiana, and South Carolina. Exact policies vary. Some schools allow phones to used during breaks, while the strictest insist that they are placed in lockers or other safe places at the beginning of the school day, and not retrieved until the end of the day.
“Cellphone-free education” laws in Minnesota and Ohio will go into effect next year. The governors of California, Virginia, and New York indicate their states may soon follow suit. Meanwhile, according to a survey by the National Parents Union, 70% of parents support bans. But most want students to have access to their phones during lunchtime and other official breaks. Whether just during class times or all day, it can be expensive to implement these policies.
“Pennsylvania recently allotted millions of dollars in grants for schools to purchase lockable bags to store pupils’ phones while Delaware recently allocated $250,000 for schools to test lockable phone pouches.”
Leaving phones at home is not an option—today’s parents would never stand for it. The days of being unable to reach one’s offspring for hours at a time are long gone. How did parents manage to live with that for thousands of years?
Cynthia Murrell, August 21, 2024
Meta Shovels Assurances. Will Australia Like the Output?
August 14, 2024
This essay is the work of a dinobaby. Unlike some folks, no smart software improved my native ineptness.
I came across a news story which I found quite interesting. Even though I am a dinobaby, I am a father and a grandfather. I used to take pictures when my son and daughter were young. I used Kodak film, printed the pictures my wife wanted, and tossed the rest. Pretty dull. Some parents have sportier ideas. I want to point out that some ideas do not appeal to me. Others make me uncomfortable.
How do you think I reacted to the information in “Parents Still Selling Revealing Content of Their Kids on Instagram, Despite Meta’s Promises to Ban the Practice.” The main idea in the write up seems to be:
The ABC [Australian Broadcasting Council] has found almost 50 Instagram accounts that allow subscribers to pay for exclusive content of children or teenagers, some of which is sexualized. Meta had vowed to clamp down on the practice but said it was taking time to "fully roll out" its new policy. Advocates say the accounts represent an "extreme" form of child exploitation.
If I understand the title of the article and this series of statements, I take away these messages:
- Instagram contains “revealing content” of young people
- Meta — the Zuck’s new name for the old-timey Facebook, WhatsApp, and Instagram services — said it would take steps to curtail posting of this type of content. A statement which, the ABC seems to apply, was similar to other Silicon Valley-inspired assertions: A combination of self-serving assurances and then generating as much revenue as possible because some companies face zero consequences.
- Meta seems to create a greenhouse for what the ABC calls “child exploitation.”
I hope I captured the intent of the news story’s main idea.
I noted this passage:
Sarah Adams, an online child safety advocate who goes by the name Mom.Uncharted, said it was clear Meta had lost control of child accounts.
How did Meta respond to the ABC inquiry. Check this:
"The new policy is in effect as of early April and we are taking action on adult-run accounts that primarily post content focused on children whenever we become aware of them," a Meta spokesperson said in a statement. "As with any new policy, enforcement can take time to fully roll out."
That seems plausible. How long has Meta hosted questionable content? I remember 20 years ago. “We are taking action” is a wonderfully proactive statement. Plus, combatting child exploitation is one of those tasks where “enforcement can take time.”
Got it.
Stephen E Arnold, August 14, 2024
Podcasts 2024: The Long Tail Is a Killer
August 9, 2024
![green-dino_thumb_thumb_thumb_thumb_t[2]](https://arnoldit.com/wordpress/wp-content/uploads/2024/07/green-dino_thumb_thumb_thumb_thumb_t2.gif "green-dino_thumb_thumb_thumb_thumb_t[2]")
This essay is the work of a dumb humanoid. No smart software required.
One of my Laws of Online is that the big get bigger. Those who are small go nowhere.
My laws have not been popular since I started promulgating them in the early 1980s. But they are useful to me. The write up “Golden Spike: Podcasting Saw A 22% Rise In Ad Spending In Q2 [2024].” The information in the article, if on the money, appear to support the Arnold Law articulated in the first sentence of this blog post.
The long tail can be a killer. Thanks, MSFT Copilot. How’s life these days? Oh, that’s too bad.
The write up contains an item of information which not surprising to those who paid attention in a good middle school or in a second year economics class. (I know. Snooze time for many students.) The main idea is that a small number of items account for a large proportion of the total occurrences.
Here’s what the article reports:
Unsurprisingly, podcasts in the top 500 attracted the majority of ad spend, with these shows garnering an average of $252,000 per month each. However, the profits made by series down the list don’t have much to complain about – podcasts ranked 501 to 3000 earned about $30,000 monthly. Magellan found seven out of the top ten advertisers from the first quarter continued their heavy investment in the second quarter, with one new entrant making its way onto the list.
This means that of the estimated three to four million podcasts, the power law nails where the advertising revenue goes.
I mention this because when I go to the gym I listen to some of the podcasts on the Leo Laporte TWIT network. At one time, the vision was to create the CNN of the technology industry. Now the podcasts seem to be the voice of the podcasts which cannot generate sufficient money from advertising to pay the bills. Therefore, hasta la vista staff, dedicated studio, and presumably some other expenses associated with a permanent studio.
Other podcasts will be hit by the stinging long tail. The question becomes, “How do these 2.9 million podcasts make money?”
Here’s what I have noticed in the last few months:
- Podcasters (video and voice) just quit. I assume they get a job or move in with friends. Van life is too expensive due to the cost of fuel, food, and maintenance now that advertising is chasing the winners in the long tail game.
- Some beg for subscribers.
- Some point people to their Buy Me a Coffee or Patreon page, among other similar community support services.
- Some sell T shirts. One popular technology podcaster sells a $60 screwdriver. (I need that.)
- Some just whine. (No, I won’t single out the winning whiner.)
If I were teaching math, this podcast advertising data would make an interesting example of the power law. Too bad most will be impotent to change its impact on podcasting.
Stephen E Arnold, August 9, 2024
-
- Subscribe to Beyond Search
Feature archive
News archive
-
