A List of Eavesdroppers: Possibly Sort of Incomplete and Misleading?

August 22, 2019

DarkCyber noted “Here’s Every Major Service That Uses Humans to Eavesdrop on Your Voice Commands.” Notice the word “major.” Here’s the list from the write up:

  • Amazon
  • Apple
  • Facebook
  • Google
  • Microsoft

DarkCyber wonders if these vendors/systems should be considered for inclusion in the list of “every” eavesdropping service:

  • China Telecom
  • Huawei
  • Shoghi
  • Utimaco

DarkCyber is confused about “every” when five candidates are advanced. The six we have suggested for consideration are organizations plucked from our list of interesting companies which may be in the surveillance sector. We await more comprehensive lists from the “real news” outfit “Daily Beast.” Growl!

Stephen E Arnold, August 22, 2019

Web Site Accessibility

August 20, 2019

Over the years, the DarkCyber team has had to create Web sites which conform to the ADA and 508 guidelines for Web site accessibility. In that same span of time, Web sites have become more and more difficult to use, not just for individuals with disabilities but for people in general.

We noted “The Internet’s Accessibility Reckoning.” We found the information and point of view in the article generally in line with our ideas.

This passage captures the sentiment often expressed:

In order to be accessible to consumers with disabilities, businesses often need to update their website’s software code to work with screen readers and other technologies that make websites more accessible to those with disabilities.

This observation seems accurate as well:

Inconsistent court rulings and regulatory positions on the issue over the years have brought little clarity on whether businesses have to legally update their software, leaving millions of Americans unable to access retail and consumer websites.

DarkCyber wants to point out that Web sites evokes an image of a large computer and a desktop monitor. The reality is that the majority of Internet access is from:

  • Mobile devices, some of which have tiny screens and interface elements which are impossible for a person with a vision impairment, no matter how slight, to identify and press accurately.
  • Internet of Things devices which assume a person can talk to the gizmo and it will deliver the desired function.
  • Behind-the-scenes or predictive services which display what an algorithm determines the user requires.

The problem with each of these interface “spaces” is that the article does not discuss them, few Web designers think about them, and most regulators are unable to perceive these issues.

To sum up, making Web sites accessible is a bit more difficult than writing a regulation that adequately addresses each of these three areas. The word “reckoning” might be missing the mark. Perhaps “impossibility”?

Stephen E Arnold, August 20, 2019

Scalability: Assumed to Be Infinite?

August 20, 2019

I hear and read about scalability—whether I want to or not. Within the last 24 hours, I learned that certain US government applications have to be smart (AI and ML) and have the ability to scale. Scale to what? In what amount of time? How?

The answers to these questions are usually Amazon, Google, IBM, Microsoft, or some other company’s cloud.

I thought about this implicit assumption about scaling when I read “Vitalik Buterin: Ethereum’s Scalability Issue Is Proving To Be A Formidable Impediment To Adoption By Institutions.” The “inventor” of Ethereum (a technology supported by Amazon AWS by the way), allegedly said:

Scalability is a big bottleneck because Ethereum blockchain is almost full. If you’re a bigger organization, the calculus is that if we join it will not only be full but we will be competing with everyone for transaction space. It’s already expensive and it will be even five times more expensive because of us. There is pressure keeping people from joining, but improvements in scalability can do a lot in improving that.”

There are fixes. Here’s one from the write up:

Notably, Vitalik is known to be a supporter of other crypto currencies besides Ethereum. In July, Buterin suggested using Bitcoin Cash (BCH) to solve the scalability barrier in the short-term as they figure out a more permanent solution. Additionally, early this month, he supported the idea of integrating Bitcoin Lightning Network into the Ethereum smart contracts asserting that the “future of crypto currencies is diverse and pluralist”.

Questions which may be germane:

  1. What’s the limit of scalability?
  2. How do today’s systems scale?
  3. What’s the time and resource demand when one scales to an unknown scope?

Please, don’t tell me, “Scaling is infinite.”

Why?

There are constraints and limits. Two factors some people don’t want to think about. Better to say, “Scaling. No problem.”

Wrong. Scaling is a problem. Someone has to pay for the infrastructure, the know how, downstream consequences of latency, and the other “costs.”

Stephen E Arnold, August 20, 2019

Tradition: New Methods Gummed Up by Back and Forthing

August 19, 2019

DarkCyber spotted a post called “The Arc of Collaboration.” At first glance, the article points out that “messaging” may be a:

better center of gravity than documents.

That makes sense. People send texts from their mobile devices. Lots of text messages. Phone calls are okay if prearranged with a text. Email is okay, but despite Fancy Dan smart in boxes and folders, email still requires some grunting around to find the message with the needed attachment.

Here’s a key point in the write up:

Slack is not air traffic control that coordinates everything. It’s 911 for when everything falls apart.

The write up points out:

Slack is ubiquitous at most companies in tech (and in many other industries as well), but it doesn’t feel like it is becoming the central nervous system undergirding all the apps and workflows of its customers. A new generation of functional apps have risen, with messaging and collaboration built directly into them as first parties. And with them it becomes increasingly clear that Slack isn’t air traffic control for every app, it’s 911 for when they fail.

DarkCyber agrees.

Quick blast from the past: Remember Lotus Notes? Hmmm.

Here’s an insight from the write up:

Productivity and Collaboration are two sides of the same coin for any team with more than one person. Work is just the iterated output of individuals creating and coordinating together. But the two have been distinct and isolated segments historically, due to how long the feedback loops of both were.

The emphasis on latency is an important point. Time is the one thing that is difficult to manufacture.

Quick blast from the past: In 1972, I worked at a nuclear services company. We had to prepare a 400 page document in less than 10 days. One scientist said, “Just hire 400 people and each types one page.” Right. But the time required to locate 400 typewriters with identical government accepted type balls and 400 people who could type simultaneously and the people needed to proofread those 400 pages was more than one day.

DarkCyber noted this passage:

The dream of Slack is that they become the central nervous system for all of a company’s employees and apps. This is the view of a clean *separation* of productivity and collaboration. Have all your apps for productivity and then have a single app for coordinating everyone, with your apps also feeding notifications into this system. In this way, Slack would become a star. With every app revolving around it. Employees would work out of Slack, periodically moving to whichever app they were needed in, before returning to Slack. But productivity *isn’t* separate from collaboration. They are the two parts of the same loop of producing work. And if anything collaboration is in *service* of team productivity.

The problem is “meta coordination”; that is:

Discord is the best analog for what should exist. For a while Slack and Discord were compared to each other as competitors. As Discord has focused squarely in gaming, and Slack in companies this comparison has been used less and less. But this misses the main distinction between Slack and Discord. Discord is actually two products bundled into one. It *is* a messaging app that looks akin to Slack. But it is *also* a meta-layer that runs across all games. … Discord has functionality like a social graph, seeing what games your friends are playing, voice chat, etc. These have been misunderstood by the market. They aren’t random small features. They are the backbone of a central nervous system.

There are more valuable insights in this Kwokchain essay. But these points resonate with DarkCyber.

Stephen E Arnold, August 19, 2019

Simplicity: Something to Keep in Mind Whether Playing Stocks or Writing Code

August 17, 2019

Humans love to make things complex. Years ago I spotted an engraving of Venice.

image

Dense, complicated.

Flash forward a few hundred years, and the map doesn’t look much different, just more dense, more complex.

image

In my lectures I use the term “fractalize” to capture the idea that as one looks more closely or monitors a series of changes over time, the complexity increases. My appropriation of the specialist word “fractal” was influenced by images like this:

image

So what?

I thought about this imposed or inherent complexification when I read “I’ve Reproduced 130+ research papers about “Predicting the Stock Market”, Coded Them from Scratch and Recorded the Results. Here’s What I’ve Learnt.”

Hats off for this analysis.

The text is worth a couple of reads and some thinking.

But I want to jump to the net net of the write up:

“… if you’re building trading strategies, simple is good 🙂

There’s another, equally significant conclusion too: Backtest.

The idea is to evaluate outcomes, identify what’s on the beam and what’s off the beam, then modify.

Keep things simple, right? Because either complexity is emergent or it is imposed. When complexity kicks in, remediation becomes difficult, even impossible.

Stephen E Arnold, August 17, 2019

Code Skill for Everyone? An Interesting Question

August 8, 2019

Amazon, Google, and Microsoft want “everyone” to code. Not so fast.

Necessity is the mother of invention and prisoners are some of the most ingenious individuals when it comes to making food, tattoo machines, booze, and shanks. Prisoners also prove their dexterity in hiding contraband items and getting them into prisons. Books were being used to get contraband items into prisons and it got so bad many prisons have forbidden people to send books to those behind bars. Specific books have also been banned by prisons because of their content and Oregon and other states are taking a stand by forbidding books that teach code. Motherboard Vice shares why in the article, “Prisons Are Banning Books That Teach Prisoners How To Code.”

Oregon’s Department of Corrections wants to set the record straight that not all technology-related books are banned, but each one that is sent through the mail room is assessed to see if it presents “a clear and present danger.” Some of the books that are deemed unsuitable include Microsoft Excel 2016 for Dummies, Google Adsense for Dummies, and Windows 10 For Dummies. It is not surprising that Black Hat Python by Justin Seitz is on the list, because it does include hacking tricks and black hat is dubbed black hat for a reason.

However, basic programming languages are not inherently a clear and present danger. Some of the content in the books is outdated and not a danger to the prison. Then again prisons, like most federal organizations, are notoriously under budgeted and could still be running on Windows 98 or even worse Windows ME. Not allowing prisoners to gain computer literacy skills is more harmful, because you need to be sufficient in computers for even the most basic jobs. Without the proper skills, it is much easier to slip back into a life of crime.

But…

“Officials at the Oregon Department of Corrections (DOC) argue, however, that knowledge of even these basic programs can pose a threat to prisons. ‘Not only do we have to think about classic prison escape and riot efforts like digging holes, jumping fences and starting fires, modernity requires that we also protect our prisons and the public against data system breaches and malware,’ DOC spokesperson Jennifer Black said in an emailed statement. ‘It is a balancing act we are actively trying to achieve.’”

That is a good point, but…

“According to Rutgers law professor Todd Clear, security concerns are overblown because learning to hack can require more than reading a book (for example, unrestricted internet access and some savvy comrades), and prison staff can monitor prisoners’ activities. “They are different places, no doubt, but the security claim is often specious,’ he said.”

In Oregon’s defense 98% of books and magazines sent into prisons are approved. Items that are banned based on “based on IT experience, DOC technical architecture and DOC’s mandate to run safe and secure institutions for all.” Coding classes, where offered, are popular among inmates.

Should prisoners be given access to educational classes, so they improve their lives and break free of the prison system? Perhaps the “everyone” push needs a footnote?

Whitney Grace, August 8, 2019

Palantir: Did ICE Paid $60 Million for an App

August 2, 2019

DarkCyber spotted a short article in Counterpunch. The title?

Records Show Palantir Made $60 Million Contracting with ICE for Mobile App

The write up said:

A critical July 2019 exposé from WNYC based on documents obtained via FOIA request shows how Palantir’s proprietary software, in this case the FALCON mobile app, is essential to the removal operations of ICE and related agencies. As WNYC explained, “FALCON mobile allows agents in the field to search through a fusion of law enforcement databases that include information on people’s immigration histories, family relationships, and past border crossings.”

Counterpunch then shared its own research findings:

Counterpunch has learned that since 2016, Palantir has made more than $60 million in contract awards from ICE for access to FALCON and for Operations & Maintenance (O&M) for the mobile application. This, of course, is solely for FALCON and related services, and likely just scratches the surface of the true scope of Palantir’s profits from collaboration with ICE, to say nothing of Palantir’s lucrative relations with other government agencies such as CIA, DoD, etc.

The write up covers some other information about Palantir. DarkCyber finds the $60 million for an app interesting.

Stephen E Arnold, August 2, 2019

Toronto Questions Google and Its Smart City

July 26, 2019

We heard a rumor that Google wanted a piece of the tax money to push forward with its Toronto Smart City project. That may have been a rumor. Nevertheless, the project continues and is attracting attention.

Sidewalk Labs, a division of Alphabet (Google’s parent company), is eager to get into the smart-city business, beginning with Toronto. Perhaps too eager, some say, relegating important privacy considerations to afterthoughts. IT Business Canada reports, “Sidewalk Labs Decision to Offload Tough Decisions on Privacy to Third Party is Wrong, Says Its Former Consultant.” Now we know why Ann Cavoukian is their former consultant—she left the advisory role when Sidewalk Labs refused to follow her advice. Reporter Alex Coop writes:

“After over two years of controversy, Sidewalk Labs finally presented a 1,500-page draft master smart city plan for a government-owned stretch of Toronto’s eastern waterfront, but critics immediately pointed out how it doesn’t include an independent group overseeing all digital innovations or strict guidelines that force proposed projects to de-identify personally identifiable data when collected. Alphabet Inc.’s subsidiary has gotten an earful in recent months about privacy concerns surrounding the proposed facelift to the waterfront property. … Sidewalk Labs is proposing a non-profit data trust, but those details, the company said in the NIDP, will be determined based on input from government, the community, and researchers.”

After Sidewalk made the plan public, Cavoukian spoke out, insisting the company take more responsibility for privacy protections. We learn:

“Cavoukian resigned from her advisory role with Sidewalk Labs last October amid rising concerns that the organization wasn’t going to force companies to de-identify collected personal information at the source. This process is used to prevent a person’s identity from being connected with information gathered by the smart city’s chattering devices. Sidewalk Labs encourages this philosophy throughout the MIDP and said it will push the yet-to-be created data trust to abide by it as well. But Cavoukian said this actually leaves the door open, even if it’s a tiny bit, for incoming companies to potentially sidestep the rules.”

The Canadian Civil Liberties Association is also concerned, and urged government officials to hit the brakes in an open letter. Currently, Toronto has placed more than 11,000 digital devices, like Wi-Fi access points, cellular nodes, environmental sensors, and traffic cams, around the city. Of course, the idea is to make life easier for the city residents, but we all know what they say about good intentions.

Did Google select the wrong city for its project? Would Scarberia been a wiser choice?

Cynthia Murrell, July 26, 2019

Intel: Chips Like a Brain

July 18, 2019

We noted “Intel Unveils Neuromorphic Computing System That Mimics the Human Brain.” The main idea is that Intel is a chip leader. Forget the security issues with some Intel processors. Forget the fabrication challenges. Forget the supply problem for certain Intel silicon.

Think “neuromophic computing.”

According to the marketing centric write up:

Intel said the Loihi chips can process information up to 1,000 times faster and 10,000 times more efficiently than traditional central processing units for specialized applications such as sparse coding, graph search and constraint-satisfaction problems.

Buzz, buzz, buzz. That’s the sound of marketing jargon zipping around.

How about this statement, offered without any charts, graphs, or benchmarks?

With the Loihi chip we’ve been able to demonstrate 109 times lower power consumption running a real-time deep learning benchmark compared to a graphics processing unit, and five times lower power consumption compared to specialized IoT inference hardware,” said Chris Eliasmith, co-chief executive officer of Applied Brain Research Inc., which is one of Intel’s research partners. “Even better, as we scale the network up by 50-times, Loihi maintains real-time performance results and uses only 30% more power, whereas the IoT hardware uses 500% more power and is no longer in real-time.”

Excited? What about the security, fab, and supply chain facets of getting neuromorphic disrupting other vendors eager to support the artificial intelligence revolution? Not in the Silicon Angle write up.

How quickly will an enterprise search vendor embrace “neuromorphic”? Proably more quickly than Intel can deliver seven nanometer nodes.

Stephen E Arnold, July 18, 2019

GSA Inspector General Finds Something Obvious

July 3, 2019

I read “GSA IG: Federal Acquisition Service Ineffective in Administering Enterprise IT Modernization Contract.” Startling. Amazing. Shocking.

The write up explained:

The IG said that FAS failed to ensure that the Transition Ordering Assistance task order met the requirements for the EIS information technology modernization initiative, resulting in “high rates of spending with minimal transition progress.” Other findings include deficiencies in planning and management, invoicing and contractor performance assessments.

How does one address the shortcomings?

Easy.

Get in the consultants. Form a team. Work up “metrics for work completion”. Make sure these are in line “with budget concerns.” Then everyone implement “interagency agreements.”

Who knew that solving a problem would be so straightforward.

Why do these problems exist? Maybe consultants and staff struggling to deal with certain types of complex interactions.

What happens to projects underway as these recommendations are followed? Maybe more inefficiency, delays, and waste.

Camus might have dropped Sisyphus as his hero and substituted the GSA’s Inspector General?

Stephen E Arnold, July 3, 2019

Next Page »

  • Archives

  • Recent Posts

  • Meta