Dark Web Drug Dealers Busted in Finland
March 1, 2017
Law enforcement’s focus on the Dark Web seems to be paying off, as we learn from the write-up, “Finland: Dark Web Drug Operation Exposed” at Hetq, an outlet of the Association of Investigative Journalists. In what was described as Finland’s largest drug bust, authorities seized over a million dollars’ worth of narcotics from a network selling their wares on the Dark Web. We learn:
The network is alleged to have imported €2 million (US$ 2.2 million) worth of drugs between 2014 and 2016, selling them on the dark web site Silkkitie. More than 40 kilograms of powdered narcotics, such as amphetamine, heroin and cocaine, as well as 40,000 ecstasy tablets and 30,000 LSD blotters were smuggled into Finland from the Netherlands and Germany, and then sold on the site. …
As part of the investigation, customs officers in April seized at least €1.1 million worth of heroin, cocaine, methamphetamine, MDMA and ecstasy in the coastal town of Kustavi. The same month, police arrested three Finnish citizens.
The write-up notes that Silkkitie users communicated through encrypted messages under pseudonyms, and that Bitcoin was the currency used. We’re also reminded that Silkkitie, a.k.a. Valhalla, is one of the Dark Web’s most popular drug marketplaces. The Finnish site was launched in 2013.
Cynthia Murrell, March 1, 2017
Comprehensive, Intelligent Enterprise Search Is Already Here
February 28, 2017
The article on Sys-Con Media titled Delivering Comprehensive Intelligent Search examines the accomplishments of World Wide Technology (WWT) in building a better search engine for the business organization. The Enterprise Search Project Manager and Manager of Enterprise Content at WWT discovered that the average employee will waste over a full week each year looking for the information they need to do their work. The article details how they approached a solution for enterprise search,
We used the Gartner Magic Quadrants and started talks with all of the Magic Quadrant leaders. Then, through a down-selection process, we eventually landed on HPE… It wound up being that we went with the HPE IDOL tool, which has been one of the leaders in enterprise search, as well as big data analytics, for well over a decade now, because it has very extensible platform, something that you can really scale out and customize and build on top of.
Trying to replicate what Google delivers in an enterprise is a complicated task because of how siloed data is in the typical organization. The new search solution offers vast improvements in presenting employees with the relevant information, and all of the relevant information and prevents major time waste through comprehensive and intelligent search.
Chelsea Kerwin, February 28, 2017
U.S. Government Keeping Fewer New Secrets
February 24, 2017
We have good news and bad news for fans of government transparency. In their Secrecy News blog, the Federation of American Scientists’ reports, “Number of New Secrets in 2015 Near Historic Low.” Writer Steven Aftergood explains:
The production of new national security secrets dropped precipitously in the last five years and remained at historically low levels last year, according to a new annual report released today by the Information Security Oversight Office.
There were 53,425 new secrets (‘original classification decisions’) created by executive branch agencies in FY 2015. Though this represents a 14% increase from the all-time low achieved in FY 2014, it is still the second lowest number of original classification actions ever reported. Ten years earlier (2005), by contrast, there were more than 258,000 new secrets.
The new data appear to confirm that the national security classification system is undergoing a slow-motion process of transformation, involving continuing incremental reductions in classification activity and gradually increased disclosure. …
Meanwhile, ‘derivative classification activity,’ or the incorporation of existing secrets into new forms or products, dropped by 32%. The number of pages declassified increased by 30% over the year before.
A marked decrease in government secrecy—that’s the good news. On the other hand, the report reveals some troubling findings. For one thing, costs are not going down alongside classifications; in fact, they rose by eight percent last year. Also, response times to mandatory declassification requests (MDRs) are growing, leaving over 14,000 such requests to languish for over a year each. Finally, fewer newly classified documents carry the “declassify in ten years or less” specification, which means fewer items will become declassified automatically down the line.
Such red-tape tangles notwithstanding, the reduction in secret classifications does look like a sign that the government is moving toward more transparency. Can we trust the trajectory?
Cynthia Murrell, February 24, 2017
Anonymous Transparency Project Boldly Attacks Google for Secrecy Then Dives Back Under Rug
February 23, 2017
The article on Mercury News titled Secretive Foe Attacks Google Over Government Influence reports on the Transparency Project, an ironically super-secret group devoted to exposing Google’s insane level of influence. Of course, most of us are already perfectly aware of how much power Google holds over our politicians, our privacy, and our daily functions. Across Chrome, Google search, YouTube etc., not a day goes by that we don’t engage with the Silicon Valley Monster. The group claims,
Over the past decade, Google has transformed itself from the dominant internet search engine into a global business empire that touches on almost every facet of people’s lives — often without their knowledge or consent,” the group’s first report said. Another report, based on White House guest logs, cites 427 visits by employees of Google and “associated entities” to the White House since January 2009, with 21 “small, intimate” meetings between senior Google executives and Obama.
While such information may be disturbing, it is hardly revelatory. So just who is behind the Transparency Project? The article provides a list of companies that Google has pissed off and stomped over on its path to glory. The only company that has stepped up to claim some funding is Oracle. But following the money in this case winds a strange twisted path that actually leads the author back to Google— or at least former Google CEO Eric Schmidt. This begs the question: is there anything Google isn’t influencing?
Chelsea Kerwin, February 23, 2017
Unintended Side Effects of Technology Restrictions
February 23, 2017
Do lawmakers understand how much they do not understand about technology? An article at Roll Call tells us, “Proposed Tech-Export Rules Bashed by Companies, Researchers.” It is perfectly understandable that human-rights organizations have pressed for limits on the spread of surveillance technology and “intrusion software”—a broad term for technology that steals data from computers and mobile devices, including some tools that can hijack hardware. Several Western governments have taken up that banner, imposing restrictions designed to keep this technology out of the hands of bad actors. In fact, 41 nations pledged their commitment to the cause when they signed on to the Wassenarr Arrangement in 2013.
While the intentions behind these restrictions are good, many critics insist that they have some serious unintended side effects for the good guys. Writer Gopal Ratnam reports:
Although such technologies can be used for malicious or offensive purposes, efforts to curb their exports suggests that the regulators didn’t understand the nature of the computer security business, critics say. Unlike embargoes and sanctions, which prohibit dealing with specific countries or individuals, the proposed restrictions would have forced even individual researchers working on computer security to obtain licenses, they say.
The technologies the Wassenaar agreement tried to restrict ‘certainly can be used for bad purposes, but cybersecurity tools used by malicious hackers are also used for good purposes by technology companies and developers,’ says John Miller, vice president for global cybersecurity and privacy policy at the Information Technology Industry Council, a Washington-based group that represents technology companies. ‘Export control law usually doesn’t get into making distinctions on what the technology is going to be used for.’ And that’s ‘one of the reasons it’s difficult to regulate this technology,’ Miller says.
Besides, say some, the bad guys are perfectly capable of getting around the restrictions. Eva Galperin, of the nonprofit Electronic Frontier Foundation, insists human rights would be better served by applying pressure generally to repressive regimes, instead of trying to stay ahead of their hackers. Ratnam goes on to discuss specific ways restrictions get in the way of legitimate business, like hampering penetration tests or impeding communication between researchers. See the article for more details.
Cynthia Murrell, February 23, 2017
Debunking Myths About the Dark Web
February 22, 2017
What is known as the Dark Web has a fair amount of myth surrounding it, thanks to a sensationalized name and a few high-profile media stories. Tech Republic shared an article called, Four misleading myths about the Dark Web, attempting to shine light on some of the common fallacies. In summary, the Dark Web is not necessarily anonymous, it’s not very difficult to access, it’s not all nefarious activity, and there is support for businesses and organizations seeking protection from and prevention of cybertheft and security breaches. The article explains,
The biggest mistake businesses large and small can make regarding the Dark Web is to pretend it doesn’t exist. After the FBI took down the Silk Road, dozens of other niche markets took its place. With a slick interface and well organized ecommerce-like storefront, AlphaBay, one of the largest black markets on the Dark Web, makes shopping for stolen credit card data a breeze. Fortunately for companies, there’s no need to track the Dark Web alone. One technology in particular, Matchlight by Terbium Labs, helps business monitor and locate stolen Dark Web data like stolen source code, employee social security numbers, and other proprietary trade documents.
The Dark Web has become almost synonymous with Tor, the seemingly most popular way to access it. Tor has actually been used since the 1990’s by members of the intelligence community; it was developed by the US Naval Research Laboratory. While over the last decade or so, Tor has been surrounded by media coverage about drugs and crime, it will be interesting to see if the coverage shifts — or increases — because of emerging technologies such as Matchlight.
Megan Feil, February 22, 2017
Search Engine Swaps User Faces into Results
February 22, 2017
Oh, the wonders of modern technology. Now, TechCrunch informs us, “This Amazing Search Engine Automatically Face Swaps You Into Your Image Results.” Searching may never be the same. Writer Devin Coldewey introduces us to Dreambit, a search engine that automatically swaps your face into select image-search results. The write-up includes some screenshots, and the results can be a bit surreal.
The system analyzes the picture of your face and determines how to intelligently crop it to leave nothing but your face. It then searches for images matching your search term — curly hair, for example — and looks for ‘doppelganger sets, images where the subject’s face is in a similar position to your own.
A similar process is done on the target images to mask out the faces and intelligently put your own in their place — and voila! You with curly hair, again and again and again. […]
It’s not limited to hairstyles, either: put yourself in a movie, a location, a painting — as long as there’s a similarly positioned face to swap yours with, the software can do it. A few facial features, like beards, make the edges of the face difficult to find, however, so you may not be able to swap with Rasputin or Gandalf.
Behind the nifty technology is the University of Washington’s Ira Kemelmacher-Shlizerman, a researcher in computer vision, facial recognition, and augmented reality. Her work could have more sober applications, too, like automated age-progressions to help with missing-person cases. Though the software is still in beta, it is easy to foresee a wide array of uses ahead. Now, more than ever, don’t believe everything you see.
Cynthia Murrell, February 22, 2017
Gender Bias in Voice Recognition Software
February 21, 2017
A recent study seems to confirm what some have suspected: “Research Shows Gender Bias in Google’s Voice Recognition,” reports the Daily Dot. Not that this is anything new. Writer Selena Larson reminds us that voice recognition tech has a history of understanding men better than women, from a medical tracking system to voice-operated cars. She cites a recent study by linguist researcher Rachael Tatman, who found that YouTube’s auto captions performed better on male voices than female ones by about 13 percent—no small discrepancy. (YouTube is owned by Google.)
Though no one is accusing the tech industry of purposely rendering female voices less effective, developers probably could have avoided this problem with some forethought. The article explains:
’Language varies in systematic ways depending on how you’re talking,’ Tatman said in an interview. Differences could be based on gender, dialect, and other geographic and physical attributes that factor into how our voices sound. To train speech recognition software, developers use large datasets, either recorded on their own, or provided by other linguistic researchers. And sometimes, these datasets don’t include diverse speakers.
Tatman recommends a purposeful and organized approach to remedying the situation. Larson continues:
Tatman said the best first step to address issues in voice tech bias would be to build training sets that are stratified. Equal numbers of genders, different races, socioeconomic statuses, and dialects should be included, she said.
Automated technology is developed by humans, so our human biases can seep into the software and tools we are creating to supposedly to make lives easier. But when systems fail to account for human bias, the results can be unfair and potentially harmful to groups underrepresented in the field in which these systems are built.
Indeed, that’s the way bias works most of the time—it is more often the result of neglect than of malice. To avoid it requires realizing there may be a problem in the first place, and working to avoid it from the outset. I wonder what other technologies could benefit from that understanding.
Cynthia Murrell, February 21, 2017
Upgraded Social Media Monitoring
February 20, 2017
Analytics are catching up to content. In a recent ZDNet article, Digimind partners with Ditto to add image recognition to social media monitoring, we are reminded images reign supreme on social media. Between Pinterest, Snapchat and Instagram, messages are often conveyed through images as opposed to text. Capitalizing on this, and intelligence software company Digimind has announced a partnership with Ditto Labs to introduce image-recognition technology into their social media monitoring software called Digimind Social. We learned,
The Ditto integration lets brands identify the use of their logos across Twitter no matter the item or context. The detected images are then collected and processed on Digimind Social in the same way textual references, articles, or social media postings are analysed. Logos that are small, obscured, upside down, or in cluttered image montages are recognised. Object and scene recognition means that brands can position their products exactly where there customers are using them. Sentiment is measured by the amount of people in the image and counts how many of them are smiling. It even identifies objects such as bags, cars, car logos, or shoes.
It was only a matter of time before these types of features emerged in social media monitoring. For years now, images have been shown to increase engagement even on platforms that began focused more on text. Will we see more watermarked logos on images? More creative ways to visually identify brands? Both are likely and we will be watching to see what transpires.
Megan Feil, February 20, 2017
Kasperski Discovers Firmware-Level Spyware Linked to NSA
February 20, 2017
It looks like the NSA is hacking computers around the world by accessing hard-drive firmware, reports Sott in their article, “Russian Researchers Discover NSA Spying and Sabotage Software Hidden in Hard Drives.” We learn that Russian security firm Kaspersky Lab found the sneaky software lurking on hard drives in 30 countries, mostly at government institutions, telecom and energy companies, nuclear research facilities, media outlets, and Islamic activist organizations. Apparently, the vast majority of hard drive brands are vulnerable to the technique. Writer Joseph Menn reports:
According to Kaspersky, the spies made a technological breakthrough by figuring out how to lodge malicious software in the obscure code called firmware that launches every time a computer is turned on. Disk drive firmware is viewed by spies and cybersecurity experts as the second-most valuable real estate on a PC for a hacker, second only to the BIOS code invoked automatically as a computer boots up. ‘The hardware will be able to infect the computer over and over,’ lead Kaspersky researcher Costin Raiu said in an interview.
Though the leaders of the still-active espionage campaign could have taken control of thousands of PCs, giving them the ability to steal files or eavesdrop on anything they wanted, the spies were selective and only established full remote control over machines belonging to the most desirable foreign targets, according to Raiu. He said Kaspersky found only a few especially high-value computers with the hard-drive infections.
Kaspersky’s reconstructions of the spying programs show that they could work in disk drives sold by more than a dozen companies, comprising essentially the entire market. They include Western Digital Corp, Seagate Technology Plc, Toshiba Corp, IBM, Micron Technology Inc and Samsung Electronics Co Ltd.”
Kaspersky did not come right out and name the NSA as the source of the spyware, but did connect it to Stuxnet, a known NSA tool. We also learn that a “former NSA employee” confirmed Kaspersky’s analysis, stating these tools are as valuable as Stuxnet.
Menn notes that this news could increase existing resistance to Western technology overseas due to security concerns. Researcher Raiu specifies that whoever created the spyware must have had access to the proprietary source code for the drives’ firmware. While Western Digital, Seagate, and Micron deny knowledge, Toshiba, Samsung, and IBM remain mum on the subject. Navigate to the article to read more details, or to view the four-minute video (scroll down a bit for that.)
Cynthia Murrell, February 20, 2017
-
- Subscribe to Beyond Search
Feature archive
News archive
-
