Big Brother Now in Corporate Avatar
October 31, 2016
Companies in the US are now tracking employee movements and interactions to determine how productive their assets are. Badges created by Humanyze; embedded in employee IDs track these key indicators and suggest appropriate measures to help improve employee productivity.
An article published on Business Insider titled Employees at a dozen Fortune 500 companies wear digital badges that watch and listen to their every move reveals:
Humanyze visualizes the data as webs of social interaction that reveal who’s talking to whom on a by-the-second basis. The goal: Revolutionize how companies think about how they organize themselves.
The badges though only track employees who have explicitly given permission to track their working hours, imagination is the only inhibiting factor that will determine how the meta-data can be used. For instance, as the badges are being embedded into employee IDs (that already have chips), it can also be used by someone with right tools to track the movement of an employee beyond working hours.
Social engineering in the past has been used in the past to breach IT security at large organizations. With Humanyze badges, hackers now will have one more weapon in their arsenal.
One worrisome aspect of these badges becomes apparent here:
But the badges are already around the necks of more than 10,000 employees in the US, Waber says. They’ve led to wild insights. One client moves the coffee machine around each night, so the next morning employees in nearby departments naturally talk more.
The ironic part is, companies are exposing themselves to this threat. Google, Facebook, Amazon are already tracking people online. With services like Humanyze, the Big Brother has also entered the corporate domain. The question is not how the data will be used by hacked; it’s just when?
Vishal Ingole October 31, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
NTechLab as David to the Google Goliath of Facial Recognition
October 27, 2016
The article titled A Russian Startup is Beating Google with Eerily Accurate Facial Recognition Technology on Business Insider positions NTechLab as the company leading the industry in facial recognition technology. In 2015, the startup beat Google to win the “MegaFace” competition. The article explains,
NTechLab sets itself apart from its competitors with its high level of accuracy and its ability to search an extensive database of photographs. At the MegaFace Championship, NTechLab achieved a 73 percent accuracy with a database of 1 million pictures. When the number dropped to 10,000 images, the system achieved a jaw-dropping accuracy of 95 percent. “We are the first to learn how to efficiently handle large picture databases,” said NTechLab founder Artem Kukharenko to Intel iQ.
The startup based its technology in deep learning and a neural network. The company has held several public demonstrations at festivals and amusement parks. Attendees share selfies with the system, then receive pictures of themselves when the system “found” them in the crowd. Kukharenko touts the “real-word” problem-solving capabilities of his system. While there isn’t a great deal of substantive backup to his claims, the company is certainly worth keeping an eye on.
Chelsea Kerwin, October 27, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Google Introduces Fact Checking Tool
October 26, 2016
If it works as advertised, a new Google feature will be welcomed by many users—World News Report tells us, “Google Introduced Fact Checking Feature Intended to Help Readers See Whether News Is Actually True—Just in Time for US Elections.” The move is part of a trend for websites, who seem to have recognized that savvy readers don’t just believe everything they read. Writer Peter Woodford reports:
Through an algorithmic process from schema.org known as ClaimReview, live stories will be linked to fact checking articles and websites. This will allow readers to quickly validate or debunk stories they read online. Related fact-checking stories will appear onscreen underneath the main headline. The example Google uses shows a headline over passport checks for pregnant women, with a link to Full Fact’s analysis of the issue. Readers will be able to see if stories are fake or if claims in the headline are false or being exaggerated. Fact check will initially be available in the UK and US through the Google News site as well as the News & Weather apps for both Android and iOS. Publishers who wish to become part of the new service can apply to have their sites included.
Woodford points to Facebook’s recent trouble with the truth within its Trending Topics feature and observes that many people are concerned about the lack of honesty on display this particular election cycle. Google, wisely, did not mention any candidates, but Woodford notes that Politifact rates 71% of Trump’s statements as false (and, I would add, 27% of Secretary Clinton’s statements as false. Everything is relative.) If the trend continues, it will be prudent for all citizens to rely on (unbiased) fact-checking tools on a regular basis.
Cynthia Murrell, October 26, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Machine Learning Changes the Way We Learn from Data
October 26, 2016
The technology blog post from Danial Miessler titled Machine Learning is the New Statistics strives to convey a sense of how crucial Machine Learning has become in terms of how we gather information about the world around us. Rather than dismissing Machine Learning as a buzzword, the author heralds Machine Learning as an advancement in our ability to engage with the world around us. The article states,
So Machine Learning is not merely a new trick, a trend, or even a milestone. It’s not like the next gadget, instant messaging, or smartphones, or even the move to mobile. It’s nothing less than a foundational upgrade to our ability to learn about the world, which applies to nearly everything else we care about. Statistics greatly magnified our ability to do that, and Machine Learning will take us even further.
The article breaks down the steps of our ability to analyze our own reality, moving from randomly explaining events, to explanations based on the past, to explanations based on comparisons with numerous trends and metadata. The article positions Machine Learning as the next step, involving an explanation that compares events but simultaneously progresses the comparison by coming up with new models. The difference is of course that Machine Learning offers the ability of continuous model improvement. If you are interested, the blog also offers a Machine Learning Primer.
Chelsea Kerwin, October 26, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Partnership Aims to Establish AI Conventions
October 24, 2016
Artificial intelligence research has been booming, and it is easy to see why— recent advances in the field have opened some exciting possibilities, both for business and society as a whole. Still, it is important to proceed carefully, given the potential dangers of relying too much on the judgement of algorithms. The Philadelphia Inquirer reports on a joint effort to develop some AI principles and best practices in its article, “Why This AI Partnership Could Bring Profits to These Tech Titans.” Writer Chiradeep BasuMallick explains:
Given this backdrop, the grandly named Partnership on AI to Benefit People and Society is a bold move by Alphabet, Facebook, IBM and Microsoft. These globally revered companies are literally creating a technology Justice League on a quest to shape public/government opinion on AI and to push for friendly policies regarding its application and general audience acceptability. And it should reward investors along the way.
The job at hand is very simple: Create a wave of goodwill for AI, talk about the best practices and then indirectly push for change. Remember, global laws are still obscure when it comes to AI and its impact.
Curiously enough, this elite team is missing two major heavyweights. Apple and Tesla Motors are notably absent. Apple Chief Executive Tim Cook, always secretive about AI work, though we know about the estimated $200 million Turi project, is probably waiting for a more opportune moment. And Elon Musk, co-founder, chief executive and product architect of Tesla Motors, has his own platform to promote technology, called OpenAI.
Along with representatives of each participating company, the partnership also includes some independent experts in the AI field. To say that technology is advancing faster than the law can keep up with is a vast understatement. This ongoing imbalance underscores the urgency of this group’s mission to develop best practices for companies and recommendations for legislators. Their work could do a lot to shape the future of AI and, by extension, society itself. Stay tuned.
Cynthia Murrell, October 24, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Half of the Largest Companies: Threat Vulnerable
October 24, 2016
Compromised Credentials, a research report by Digital Shadows reveals that around 1,000 companies comprising of Forbes Global 2000 are at risk as credentials of their employees are leaked or compromised.
As reported by Channel EMEA in Digital Shadows Global Study Reveals UAE Tops List in Middle East for…
The report found that 97 percent of those 1000 of the Forbes Global 2000 companies, spanning all businesses sectors and geographical regions, had leaked credentials publicly available online, many of them from third-party breaches.
Owing to large-scale data breaches in recent times, credentials of 5.5 million employees are available in public domain for anyone to see. Social networks like LinkedIN, MySpace and Tumblr were the affliction points of these breaches, the report states.
Analyzed geographically, companies in Middle-East seem to be the most affected:
The report revealed that the most affected country in the Middle East – with over 15,000 leaked credentials was the UAE. Saudi Arabia (3360), Kuwait (203) followed by Qatar (99) made up the rest of the list. This figure is relatively small as compared to the global figure due to the lower percentage of organizations that reside in the Middle East.
Affected organizations may not be able to contain the damages by simply resetting the passwords of the employees. It also needs to be seen if the information available is contemporary, not reposted and is unique. Moreover, mere password resetting can cause lot of friction within the IT departments of the organizations.
Without proper analysis, it will be difficult for the affected companies to gauge the extent of the damage. But considering the PR nightmare it leads to, will these companies come forward and acknowledge the breaches?
Vishal Ingole, October 24, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Sugar Polluted Scientific Research
October 19, 2016
If your diet includes too much sugar, it is a good idea to cut back on the amount you consume. If also turns out if you have too much sugar in your research, the sugar industry will bribe you to hide the facts. Stat News reports that even objective academic research is not immune from corporate bribes in the article, “Sugar Industry Secretly Paid For Favorable Harvard Research.”
In the 1960s, Harvard nutritionists published two reviews in medical journals that downplayed the role sugar played in coronary heart disease. The sugar industry paid Harvard to report favorable results in scientific studies. Dr. Cristin Kearns published a paper in JAMA Internal Medicine about her research into the Harvard sugar conspiracy.
Through her research, she discovered that Harvard nutrionists Dr. Fredrick Stare and Mark Hegsted worked with the Sugar Research Foundation to write a literature review that countered early research that linked sucrose to coronary heart disease. This research would later help the sugar industry increase its market share by convincing Americans to eat a low-fat diet.
Dr. Walter Willett, who knew Hegsted and now runs the nutrition department at Harvard’s public health school, defended him as a principled scientist…‘However, by taking industry funding for the review, and having regular communications during the review with the sugar industry,’ Willett acknowledged, it ‘put him [Hegsted] in a position where his conclusions could be questioned. It is also possible that these relationships could induce some subtle bias, even if unconscious,’ he added.
In other words, corporate funded research can skew scientific data so that it favors their bottom dollar. This fiasco happened in the 1960s, have things gotten worse or better? With the big competition for funding and space in scientific journals, the answer appears to be yes.
Whitney Grace, October 19, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Malware with Community on the Dark Web
October 14, 2016
While Mac malware is perhaps less common than attacks designed for PC, it is not entirely absent. The Register covers this in a recent article, EasyDoc malware adds Tor backdoor to Macs for botnet control. The malware is disguised as a software application called EasyDoc Converter which is supposed to be a file converter but does not actually perform that function. Instead, it allows hackers to control the hacked mac via Tor. The details of the software are explained as follows,
The malware, dubbed Backdoor.MAC.Eleanor, sets up a hidden Tor service and PHP-capable web server on the infected computer, generating a .onion domain that the attacker can use to connect to the Mac and control it. Once installed, the malware grants full access to the file system and can run scripts given to it by its masters. Eleanor’s controllers also uses the open-source tool wacaw to take control of the infected computer’s camera. That would allow them to not only spy on the victim but also take photographs of them, opening up the possibility of blackmail.
A Computer World article on EasyDoc expands on an additional aspect of this enabled by the Dark Web. Namely, there is a Pastebin agent which takes the infected system’s .onion URL, encrypts it with an RSA public key and posts it on Pastebin where attackers can find it and use it. This certainly seems to point to the strengthening of hacking culture and community, as counterintuitive of a form of community, it may be to those on the outside.
Megan Feil, October 14, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
National Geographic Quad View
October 13, 2016
Google Maps and other map tools each have their unique features, but some are better than others at helping you find your way. However, most of these online map tools have the same basic function and information. While they can help you if you are lost, they are not that useful for topography. National Geographic comes to our rescue with free topographic PDFs. Check them out at PDF Quads.
Here are the details straight from the famous nature magazine:
National Geographic has built an easy to use web interface that allows anyone to quickly find any quad in the country for downloading and printing. Each quad has been pre-processed to print on a standard home, letter size printer. These are the same quads that were printed by USGS for decades on giant bus-sized pressed but are now available in multi-page PDFs that can be printed just about anywhere. They are pre-packaged using the standard 7.5 minute, 1:24,000 base but with some twists.
How can there be twists in a topographic map? They are not really that surprising, just explanations about how the images are printed out. Page one is an overview map that, pages two through five are standard topographic maps sized to print on regular paper, and hill shading is added to provide the maps with more detail.
Everyone does not use topography maps, but a precise tool is invaluable to those who do.
Whitney Grace, October 13, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Labor Shortage of Cyber Security Professionals
October 13, 2016
It’s no surprise that hackers may be any age, but that teenagers could cause 60 million pounds worth of damage to a corporation is newsworthy, regardless of age. The Telegraph published an article, From GCHQ to Google: the battle to outpace hackers in the cyber race, reporting on this. A 15-year-old boy hacked the TalkTalk computer network stole personal data, including financial information, of 157,000 customers. This comes at a time when the UK government announced plans to invest £1.9 billion in cyber security over the next five years. We also learned,
No amount of money will help overcome one of the greatest difficulties in the security industry though: the lack of skilled people. By 2019 there will be a global shortfall of 1.5 million security professionals, according to ISC Squared, a security certification and industry education body. And the numbers could in fact be significantly higher, given that there are already more than 1 million cybersecurity positions unfilled worldwide, according to a 2015 Cisco report. Heading up the government’s move to train more cyber defenders is spook agency GCHQ, which sponsors academic bursaries, runs summer camps and training days, holds competitions and has created a cyber excellence accreditation for top universities and masters programmes. The intention is to spot talent in children and nurture them through their education, with the end goal being a career in the industry.
The problem of for any rocketing industry ready to blast off always seems to boil down to people. We have seen it with big data in all of it’s forms from electronic medical records to business analytics to cyber security. It seems industry is most fertile when people and technology work best stride-by-stride.
Megan Feil, October 13, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
-
- Subscribe to Beyond Search
Feature archive
News archive
-
