Amazon Trumped?

December 5, 2019

DarkCyber does not have a dog in this fight. The fight? Jeff Bezos versus the President of the United States. If the information in “Trump Bezos Round 2: Amazon Faces Broad Antitrust Probe of Cloud Business” is accurate, lawyers involved in the matter will have a very good chance to generate some billable hours.

The write up reminds the reader that Amazon lost the $10 billion Department of Defense JEDI deal. Amazon then sued on the basis of the President’s pushing back against Amazon.

The write up reports:

But now, as Bloomberg details, investigators at the U.S. Federal Trade Commission have been asking software companies recently about practices around Amazon’s cloud unit, known as Amazon Web Services. Specifically, the outreach by the FTC signals that the agency, which is already looking at Amazon’s conduct in its vast online retail business, is taking a broader look at the company to determine whether it could be violating antitrust laws and harming competition.

Interesting. Mr. Bezos has  money and a newspaper. The President has presidential things. Will presidential things trump the Bezos bulldozer?

In a comment to the write up, Sticky_Pickles said: “When you try to sue the government…”

But DarkCyber is thinking of the lawyers working on the matter. Winners.

Stephen E Arnold, December 5, 2019

WWAD: What Will Amazon Do?

December 4, 2019

Silicon Angle published “Commentary: Andy Jassy Aims to Reinvent Amazon Web Services for the Cloud’s Next Generation.” The story carries the subtitle “In an exclusive one-on-one conversation, Amazon’s cloud chief reveals how he views the future of the cloud, the competition, market shifts, customer demands and controversies.”

Several statements in the write up warranted an orange highlight:

  • It’s time to embrace the next cloud wave or get crushed by it.
  • The cloud has completely “flipped the business and startup model on its head.”
  • “Enterprises realize that if they want to be successful, sustainable companies over time, they can’t just make small, incremental changes,” he said.
  • The “vast majority” of organizations pursuing a multicloud strategy tend to pick a predominant provider and then, if they feel like they want another one, either because there’s a group that really is passionate about them or they want to know they can use a second cloud provider in case they fall out of sorts with the initial cloud provider, they will. Jassy went on to say that for customers implementing multiple clouds the workloads are split between a primary and secondary cloud more like 70/30 or 80/20 or 90/10, not 50/50.
  • “Companies are going to want to eliminate network hops and find a way to have the compute and the storage much more local to the 5G network edge.”
  • Next year roughly 82% of all new workloads will run Linux.

Net net: Crushing is part of the game plan. The interview is a component of the AWS re:Invent PR push. Prime stuff, not Grade A, but okay for consumption by Amazon shoppers.

Stephen E Arnold, December 4, 2019

AWS: A Semi Critical Look

December 3, 2019

DarkCyber found “Unbundling AWS” interesting. We decided to label the write up as semi critical. We will reveal the reasons at the foot of this post.

The write up explains one reason why AWS has become one of the leaders in cloud service. (Yes, we are hedging our bets because it is not clear how the cloud vendors in China are keeping score for their “growth.”)

The article includes this chart. Its story is clear. AWS is growing. The article highlights some important attributes of Amazon. First, there’s the old saw about AWS being a juggernaut, a word I like better than flywheel. Second, there’s this observation:

Getting a new software product to market has never been as cheap or fast as it is today, despite the fact that the surface area of in-depth knowledge required to build high-performing software has never been higher.

image

DarkCyber thinks this is a very, very important facet of Amazon’s approach. Why? You will have to wait until my chapter in a forthcoming book becomes available or attend my lecture in Washington, DC, on December 11, 2019, at the DG Vision conference.

Third, the article includes this important observation, often overlooked by retail crazed MBAs:

The availability of open source tooling and the ease of access to infrastructure on AWS and other IaaS providers, and infrastructure turning into software, which means it’s programmable and, increasingly, thinly-sliced.

Big implications ahead, gentle reader.

But what DarkCyber found particularly rewarding was the overt statement that entrepreneurs will just use AWS. We noted this bulleted list:

  • “Frameworks and deployment tools that make application software agnostic to the underlying infrastructure provider. Things like the Serverless framework, containers + orchestration, or IAC tools like Saltstack, Terraform, Ansible, etc
  • The overlapping areas of logging, APM, and monitoring. This is a hot area right now, with IPO’s like Dynatrace or Datadog, or acquisitions like SignalFX. Related: Cloudwatch is terrible!
  • Data science workflows – this is my subjective, anecdotal experience, but most data scientists I know have a preference for Google Cloud for a lot of their work, and custom hardware like TPUs likely play a role here
  • Authentication and identity – Auth0, LoginRadius, Okta, etc … where it may make sense to have a third-party handle
  • Paradigms that lead to different stack choices – I’m a big proponent of the JAMstack, and it’s a prime example of a paradigm where AWS may not be a natural choice for parts of this architecture. I believe that we will continue to see this and other new architectural paradigms evolve.”

We think the write up gets one thing off center; specifically:

we should all be so lucky to be at a scale and level of popularity where this becomes a problem. It’s hard for me to see a lot of cases where AWS will be competing with companies before they reach scale.

We think AWS will compete with its entrepreneurs and big buck customers. Amazon Essentials makes that clear.

Stephen E Arnold, December 3, 2019

DarkCyber for December 3, 2019, Now Available

December 3, 2019

DarkCyber for December 3, 2019, is now available at on Vimeo, YouTube, and on the DarkCyber blog.

The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web, cybercrime, and lesser known Internet services.

This week’s program features an interview with Trent Livingston, founder and chief executive officer of ESI Analyst. Livingston highlights the principal features of ESI Analyst. The cloud-centric software generated positive discussion at a recent law enforcement and digital security conference.

In the 10 minute interview, Livingston explains what makes ESI Analyst different from other investigative and eDiscovery systems. He said, “The system’s principal differentiators are its ease of use and affordability.” Livingston explained that licenses pay for blocks of data processed for an investigation or a legal discovery process. There are no per-user fees or annual fees. Cost savings range from 30 to 70 percent in typical use cases.

Other features of ESI Analyst include one-click analytics, options to display data on a map, and link analysis. Plus the system does not require classroom instruction. He noted, “Some users are up and running in as little as 30 minutes.”

In the next release of the software, Livingston’s team will be adding connectors and new report formats. Users will be able to output chat streams and maps in a form suitable for use in a legal matter. Livingston also revealed support for Amazon Web Services and Elasticsearch to add additional information access flexibility to ESI Analyst.

Stephen E Arnold, author of CyberOSINT: Next Generation Information Access, said, “ESI Analyst advances beyond the challenging interfaces and rigid pricing models for IBM Analysts Notebook- and Palantir Technologies Gotham-type systems. More predictable pricing and eliminating tedious classroom instruction reduces costs and improves efficiency. ESI Analyst makes clear the value of innovation for policeware.”

DarkCyber is a weekly production of Stephen E Arnold. The currency series of videos ends with the August 27, 2019, program. The new series of DarkCyber videos begins on November 5, 2019. The new series will focus on policeware with an emphasis on Amazon’s products and services for law enforcement, intelligence professionals, and regulatory authorities in the US, Canada, Australia, New Zealand, and the United Kingdom.

DarkCyber programs are published twice each month without a charge, advertising, or commercial endorsements.

Stephen E Arnold will be speaking on December 11, 2019, at the Mayflower Hotel in Washington, DC. The event is sponsored by DG Vision. Media interested in speaking with Stephen can write darkcyber333 at yandex dot com to arrange a time to discuss the Dark Web and its impact on corporate governance.

Kenny Toth, December 3, 2019

HPE: Missed? Hybrid What?

November 27, 2019

I read “HPE Misses Q4 Revenue Targets, Sees Decline in Hybrid IT Group.”

I noted this statement:

the company continues to see declining revenue in several business lines.

But there is a bright spot, according to an objective money expert type:

Analyst Patrick Moorhead noted that HPE’s growth in strategic areas like Aruba Services and Apollo is indicative of a positive long term revenue strategy. “For HPE, I believe the future is all about its differentiation and execution in the hybrid cloud and ‘everything as a service’ about which I am optimistic,” said Moorhead.

The future? More cost cuts? Nope. The HPE future is Kubernetes.

Some observations:

  • Misses, declines, yada yada. One point: progress is slow
  • Excitement.Excitement HPE?
  • Outlook? Sure, predict the future of HPE. No problem. Just guess.

Net net: A troublesome report from management making management decisions which appear to cause shares of HPE to drop. Yikes.

Stephen E Arnold, November 27, 2019

Open Source Software: A Digital Snail Darter

November 26, 2019

Years ago I worked on a project. The focus was the snail darter, a little fish. A commercial initiative intruded on the habitat of the creature. The bureaucratic process chugged forward. I lost track of the snail darter. Probably there are a few of the creatures around, but their future was impinged upon by the need and desire to covert streams and “undeveloped” land into a wonderland of EPA compliant effluent, asphalt, and industrial facilities.

snail darter

Wikipedia’s image shows a paper clip next to a snail darter. This reminds me of my mobile phone next to an Amazon data center.

I thought about the snail darter when I read “Dining Preferences of the Cloud and Open Source: Who Eats Who?” Not surprisingly the write up does not mention the snail darter or its obstruction of “progress”. But the article describes how open source has found its digital manifestations threatened by large commercial firms.

There is a description of Amazon’s method which has disrupted to some degree the happiness of Elastic (developers and maintainers of Elasticsearch) and MongoDB (a DBaaS service). No, I don’t know what DBaaS is. It may be a way to make community supported software tough in a cloud eat cloud datasphere.

We noted this passage:

Most of the current debate focuses on Amazon and a few open source companies they have startled, like gazelles on the savannah, specifically Elastic and MongoDB. All while chronically prefacing their messaging with “customers tell us…”, AWS is offering its own services that are built on (Elastic) or are compatible with (MongoDB) popular open source projects, thereby competing with the relatively successful commercial open source companies associated with those projects. In the case of Elastic, AWS has generously created a new open source distribution of the features that Elastic had held back as proprietary software. The prey have responded with both pluckily defiant blog posts and a frenzy of license engineering to impede AWS’ ability to use their ostensibly open source software. Others, like Cockroach Labs and Redis Labs, have followed with their own new licenses. This has renewed an existential and philosophical debate about open source: is it about free speech or does it also include the right to a free moat for key project contributors? In the end, the high priests of open source do not seem to be endorsing the “open except for people who compete with us” approach.

The main point is that the business model is in place, working, and becoming more important to many developers and organizations.

But Amazon is not unique. Google and Microsoft are following the lead of AWS. Sheep do not appear to be at risk when they tag along, content to generate revenue by playing the me-too game.

The write up concludes on an upbeat; specifically:

Open source is here to stay as a development model. It is hard to imagine any kind of infrastructure or developer software that isn’t open source. But there is work to do on the accompanying business strategy. The next great open source endeavor may be to make multi-cloud a reality, at least for key workloads. But the new associated business models will have to embrace services as the primary delivery model and make a serious commitment to a level of integration that is the hallmark of cloud services.

Net net: There are still some snail darters.

Stephen E Arnold, November 26, 2019

The Cost of Indifference and the Value of Data Governance

November 23, 2019

The DarkCyber team suggests a peek at “Unsecured Server Exposes 4 Billion Records, 1.2 Billion People.” The write up states:

The data itself comes from the data aggregator and enrichment companies People Data Labs (PDL) and OxyData.Io and contains basic personal information, such as names, home and mobile phone numbers and email addresses and what may be information scraped from LinkedIn, Facebook and other social media sources.

The write up points out that the data losses included:

  • Over 1.5 billion unique people, including close to 260 million in the U.S.
  • Over 1 billion personal email addresses. Work email for 70%+ decision makers in the US, UK, and Canada.
  • Over 420 million LinkedIn URLs.
  • Over 1 billion Facebook URLs and IDs.
  • 400 million plus phone numbers with more than 200 million U.S.-based valid cell phone numbers.

The hosting provider may have been Amazon AWS. The software system was Elasticsearch. The individuals were those who set up the system.

Without reploughing a somewhat rocky field, one might suggest that default settings for cloud services, software, and passwords need a rethink. One might want to think about the staff assigned to the job of setting up the system. One might want to think about the sources of the information the company named in the article tapped. In short, one could think about quite a few points of failure.

Another approach might be to raise the question of responsibility. I suppose this is a type of governance, a term which refers to figuring out what’s to be done and how to complete tasks without creating this all-too-common situation of whizzy systems’ functioning as convenience stores for those who want data.

A few observations:

First, the individuals involved in setting up this system were not, it seems, managed particularly well. That’s a problem when managers don’t know what to stipulate their contractors and employees must do to secure online services. These “individuals” work at different organizations. Thus, coordination and checks are difficult. But the alternative? Loss of data.

Second, the developers of the software understand the security implications of certain user actions. The fix is to purchase additional security. Security is not baked in. Security is an option. That approach may generate revenue, but the quest for revenue seems to have a downside. Loss of data.

Third, the operators of the cloud system continue to follow the “just a platform” approach to business. The idea is that the functionality of a cloud system makes it easy to deploy an application. In a hurry? No problem. Use the basics. Want something special? That takes time, and when done in a careless or partial way, loss of data.

It seems that “loss of data” may be preventable but loss of data is part of the standard operating procedure in the present managerial environment.

How does the problem become lessened? Governance. Will companies and individuals step up and go through the difficult task of figuring out what and how before losing data?

Unlikely. Painful lessons like the one revealed in the source article slip like rain water off the windshield of a car speeding down the information superhighway.

Dangerous? Sure. Will drivers slow down? Nope. The explanation after an accident was, “I don’t know. Car just skidded.” There’s insurance for automobile accidents. For cloud data wrecks, no consequences of a meaningful nature. Just blog posts. These are effective?

I will be talking about how the tendrils of the Dark Web and security lapses may create a greater interest in data governance. Exciting? Only if you were one of the billion or so whose personally identifiable information was put online in a less than secure way. I will be at the DG Vision Conference in Washington, DC, early in December 2019.

Stephen E Arnold, November 23, 2019

Amazon Rolls Out an Online Data Market

November 21, 2019

Here is some interesting news from Amazon Web Services. Inside Big Data reports, “Introducing AWS Data Exchange.” Third-party data has become integral to the processes of research, analytics, and machine-learning models for businesses and academic institutions, but the process of tapping into that data has been cumbersome and time-consuming. Organizations have had to establish and manage relationships with disparate data providers, and those providers have had to invest fortunes in marketing and technology to reach and serve customers. The AWS Data Exchange brings all these processes together on Amazon’s cloud platform. This will bring welcome simplicity to data providers and consumers alike while positioning AWS as an indispensable resource.

Oracle has a data marketplace too.

Through the AWS Marketplace, customers will be able to subscribe to popular data providers including Reuters (news data), Change Healthcare (healthcare transactions and claims), Dun & Bradstreet (global business records), Foursquare (location data), TruFactor (anonymized consumer data), and Pitney Bowes (demographics). Clearly, these data vendors represent a diverse assortment of data types to meet a wide range of needs. The API also integrates into certain third-party analytics platforms, like Databricks and Deloitte’s ConvergeHEALTH Miner. See the write-up for more on each of these resources. We also learn:

“Prior to subscribing to a data product, customers can review the price and terms of use that providers make publicly available. Once subscribed, customers can use the AWS Data Exchange API or console to ingest data they subscribe to directly into Amazon Simple Storage Service (Amazon S3) to use across the broadest and deepest portfolio of cloud services in AWS. Each time a provider publishes a new revision of their data, AWS Data Exchange notifies all subscribers via an Amazon CloudWatch Event, allowing them to automatically consume new revisions in their data lakes, applications, analytics, and machine-learning models running on AWS. Data subscription costs are consolidated in customers’ existing AWS invoice. Additionally, customers can ask their data providers to deliver their existing subscriptions to them using AWS Data Exchange at no cost. This enables customers to use AWS Data Exchange to consume all their third-party data in the AWS cloud using a single API. AWS Data Exchange also makes it easy for qualified data providers to securely package, license, and deliver data products to millions of AWS customers worldwide. AWS knows that customers care deeply about privacy and data security. AWS Data Exchange prohibits sharing sensitive personal data (e.g. personal health information) as well as any personal data that is not already lawfully and publicly available.”

The exchange also lets data providers publish their data on their terms, including private offers and custom terms for certain customers. They have the ability to review use cases and manage compliance needs, and will receive daily, weekly, and monthly reports on subscription activity. Perhaps most welcome to some, AWS will manage billing, collection, and secure data delivery. This development will make a big difference for many organizations; Amazon must be pretty pleased with itself.

Cynthia Murrell, November 21, 2019

Microsoft Search: Still Playing an Old Eight Track Cassette?

November 20, 2019

How many times has DarkCyber heard about Microsoft’s improved search? Once, twice? Nope, dozens upon dozens. Whether it was the yip yap about Fast Search & Transfer, Colloquis and its natural language processing, Powerset and its semantic search system, Semantic Machines for natural voice functions, or the home brew solutions from hither and yon in the Microsoft research and development empire. There’s Outlook search and Bing search and probably a version of LinkedIn’s open source search kicking around too.

But that’s irrelevant in today’s “who cares about the past?” datasphere. DarkCyber noted “Here’s How Microsoft Is Looking to Make Search Smarter and More Natural.” What is smart search? An abrogation of user intentions? What is more natural? Boolean logic, field codes, date and time metadata, and similar artifacts of a long lost era seem okay for the DarkCyber team.

The write up explains in its own surrealistic way:

Microsoft’s ultimate goal with Microsoft Search is to provide answers not just to simple queries, but also more personalized, complex ones, such as “Can I bring my pet to work?”. The Microsoft Graph API, semantic knowledge understanding from Bing, machine-reading comprehension and the Office 365 storage and services substrate all are playing a role in bringing this kind of search to Microsoft’s apps.

Yeah, okay. But enterprise SharePoint users still complain that current content cannot be located. The current tools are blind to versions of content residing on departmental servers or parked in a cloud account owned by the legal department. And what about the prices just quoted by an enterprise sales professional? Sorry. You are out of luck, but Microsoft is… trying.

Now grab this peek into the future of Microsoft search:

Turing in Bing already has helped Microsoft to understand semantics via searching by concept instead of keyword. Natural-language processing also has helped with understanding query intent, she noted. Semantic understanding means users don’t have to expect exact word matches. (When searching for Coke, matches with “canned soda,” also could be part of the set of results generated, for example.) The Turing researchers are employing machine reading, as well, to help with contextual search/results.

The chaotic and often misfiring Microsoft search technologies do one thing well: Generate revenue for the legions of certified Microsoft partners.

Users? Yeah, Microsoft may help you too. In the meantime, the lawyers will manage their own contract drafts and eDiscovery materials. The engineers will stick with the tools baked into AutoCAD type systems? The marketers will do what marketers in many companies do? Stuff data on USBs, into the Google cloud, or copy the files to a shared folder on a former employee’s desktop. Yes, it happens.

Microsoft and search. Getting better. Here’s a snippet about Powerset (CNET, 2008)

Much of what Powerset has enabled with its technology is a superior user experience for searching. Powerset’s Wikipedia search, which surfaces concepts, meanings, and relationships (like subject, verbs, and objects in a language), is the very small tip of the iceberg.

Time for a new eight track tape?

Stephen E Arnold, November 20, 2019

The Sharp Toothed MSN Gnaws on the Google Search Carcass

November 18, 2019

Search and retrieval is fraught with challenges. In the enterprise search sector, fraud has been popular as a way to deal with difficulties. In the Web search sector, the methods have been more chimerical.

MSN, a property of Microsoft, published “How Google Interferes With Its Search Algorithms and Changes Your Results.” The write up appears to recycle the work of the Wall Street Journal. The authors allegedly are Kirsten Grind, Sam Schechner, Robert McMillan and John West. It is unlikely that Alphabet Google will invite these people to the firm’s holiday bash this year.

What’s in the write up? The approximately 8,500 word article does the kitchen sink approach to sins. Religious writers boil evil down to seven issues. Google, it seems, requires to words to cover the online advertising firm’s transgressions.

DarkCyber will not engage in the naming of evils. Several observations are warranted:

  1. Google’s waterproof coating has become permeable
  2. After decades, “search experts” are starting to comprehend the intellectual impact of search results which has been shaped
  3. The old-fashioned approach of published editorial policies, details about updating indexes, and user control of queries via Boolean logic is not what fuels the Google method.

But so what? With more than 60 percent of search queries to the Google flowing from mobile devices, old school approaches won’t work. Figuring out what works depends on defining “works”.

Finding information is a big deal. What happens when one tries to hide information? The answers may be observed in the action of Google employees who have forced the company to stop communicating in “all hands” Friday meetings.

What’s Microsoft doing? For one thing, poking Googzilla in the eye with MSN articles is one example of Microsoft’s tactical approach. The other is to ignore problematic Windows 10 updates and “ignite” people to embrace a hybrid cloud paradigm.

And what about Microsoft’s own search technologies. One pundit apologist continues to explain that Microsoft search is just getting more efficient, not better.

Net net: Google and Microsoft may have more in common than some individuals realize. Maybe envy? Maybe techno-attraction? Maybe two black holes circling? Whatever. The situation is interesting.

Stephen E Arnold, November 18, 2019

« Previous PageNext Page »

  • Archives

  • Recent Posts

  • Meta