DarkCyber for August 6, 2019, Now Available
August 6, 2019
DarkCyber for August 6, 2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/351872293. The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web, cybercrime, and lesser known Internet services.
DarkCyber (August 6, 2019) explores reports about four high-profile leaks of confidential or secret information. Each “leak” has unique attributes, and some leaks may be nothing more than attempts to generate publicity, cause embarrassment to a firm, or a clever repurposing of publicly available but little known information. Lockheed Martin made available in a blog about automobiles data related to its innovative propulsion system. The fusion approach is better suited to military applications. The audience for the “leak” may be US government officials. The second leak explains that the breach of a Russian contractor providing technical services to the Russian government may be politically-motivated. The information could be part of an effort to criticize Vladimir Putin. The third example is the disclosure of “secret” Palantir Technologies’ documents. This information may create friction for the rumored Palantir INITIAL PUBLIC OFFERING. The final secret is the startling but unverified assertion that the NSO Group, an Israeli cyber security firm, can compromise the security of major cloud providers like Amazon and Apple, among others. The DarkCyber conclusion from this spate of “leak” stories is that the motivations for each leak are different. In short, leaking secrets may be political, personal, or just marketing.
Other stories in this week’s DarkCyber include:
A report about Kazakhstan stepped up surveillance activities. Monitoring of mobile devices in underway in the capital city. DarkCyber reports that the system may be deployed to other Kazakh cities. The approach appears to be influenced by China’s methods; namely, installing malware on mobile devices and manipulating Internet routing.
DarkCyber explains that F Secure offers a free service to individuals who want to know about their personal information. The Data Discovery Portal makes it possible for a person to plug in an email. The system will then display some of the personal information major online services have in their database about that person.
DarkCyber’s final story points out that online drug merchants are using old-school identity verification methods. With postal services intercepting a larger number of drug packages sent via the mail, physical hand offs of the contraband are necessary. The method used relies on the serial number on currency. When the recipient provides the number, the “drug mule” verifies that number on a printed bank note.
DarkCyber videos appears each week through the September 30, 2019. A new series of videos will begin on November 1, 2019. Programs are available on Vimeo.com and YouTube.com.
Kenny Toth, August 6, 2019
DarkCyber for July 30, 2019, Now Available
July 30, 2019
DarkCyber for July 30, 2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://www.vimeo.com/350567599. The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web, cybercrime, and lesser known Internet services.
DarkCyber (July 30, 2019) explores China’s aggressive method of dealing with encrypted messaging; Perceptics’ data breach and its consequences; a way to determine email links to other online services; and Palantir’s secret Gotham information exposed.
This week’s lead story concerns Palantir Technologies, a vendor of search and analytic tools for analysts. Founded in 2003, Palantir has draped a cloak of secrecy over one of its flagship products, now more than 16 years’ old. The information about the “secret” document appeared in Vice, an online information service. For those unfamiliar with investigative software, the revelations were of interest to some individuals. Vice’s public records request yielded a user manual written for police with access to the Palantir Gotham “intelware” system. The manual—described as secret and confidential—provides step-by-step instructions for performing certain investigative tasks; for example, how to obtain a profile of a person of interest, how to obtain information about a vehicle, and similar basic investigative questions.
Other stories in the July 23, 2019, program are:
First, China has introduced a very direct method of obtaining access to content on mobile phones and tablets. Citizens and allegedly some visitors have to install software from Xiamen Meiya Pico Information Company. The MFSocket software provides access to images, audio files, location data, call logs, messages, and the phone’s calendar and contacts, including those used in the messaging app Telegram. It is possible that the Meiya Pico organization has a cooperative relationship with the Chinese government. The company allegedly has 40 percent of the Chinese digital forensics market.
Second, a Web service named Deseat.me provides a useful service. Few people know what Web sites and Web services are linked to a person’s email address. Deseat.me makes locating this information easy. The service, at this time, is offered without charge. DarkCyber points out that many modern policeware systems offer a similar functionality for any email address. Deseat, along with a small number of similar services, makes the process of locating these linked sites and services easy and quick.
Finally, Perceptics, a company best known for its license plate identification system, suffered a security breach. Among the items of information compromised were US government data and a range of Perceptics’ proprietary data. The information allegedly included data related to recent border activities, a contentious issue in the United States. Perceptics may find that making sales to the US government more difficult. A loss of contracts would adversely impact the company’s revenue. A larger issue is that the security measures implemented by a company engaged in cyber services failed to deploy systems which guarded high-value data. The cost of a data breach can be high and create a public relations challenge for organizations more comfortable operating in a low-profile way.
DarkCyber videos appears each week through the September 30, 2019. A new series of videos will begin on November 1, 2019. Programs are available on Vimeo.com and YouTube.com.
Kenny Toth, July 30, 2019
NSO: More PR Excitement, Facts, or Bloomberg Style Reporting?
July 20, 2019
I read the Financial Times’ write up about NSO Group. The title is a show stopper: “Israeli Group’s Spyware Offers Keys to Big Tech’s Cloud.” (Note: You may have to pay money to view the orange newspaper’s online “real” news write up.
There’s a diagram:
There’s a reminder that NSO is owned by an outfit called “Q Cyber.” There’s information contained in a “pitch document.” There’s a quote from Citizen Lab, a watchdog outfit on cyber intelligence firms and other interesting topics.
What’s missing?
- Information from a Q Cyber or NSO professional. A quote or two would be good.
- Statements from an entity which has used the method and obtained the desired results; for example, high value intel, a person of interest neutralized, the interruption of an industrialized crime operation, or something similar
- Scanned images of documents similar to the Palantir Gotham how to recently exposed by Vice, a zippy new news outfit.
Think about the PR problem the revelations create: NSO gets another whack on the nose.
Think about the upside: Visibility and in the Financial Times no less. (Does NSO need more visibility and semantic connections to Amazon, Apple, or any other “in the barrel” high tech outfit?)
Outfits engaged in cyber intelligence follow some unwritten rules of the road:
First, these outfits are not chatty people. Even at a classified conference where almost everyone knows everyone else, there’s not much in the way of sales tactics associated with used car dealers.
Second, documentation, particularly PowerPoints or PDFs of presentations, are not handed out like chocolate drops for booth attendees who looked semi alert during a run through of a feature or service. Why not whip out a mobile device with a camera and snap some of the slides from the presentation materials or marketing collateral? The graphic is redrawn and quite unlike the diagrams used by NSO type cyber intel outfits. Most trained intelligence professionals are not into “nifty graphics.”
Third, cyber intel companies are not into the media. There are conference organizers who snap at people who once worked as a journalist and made the mistake of telling someone that “before I joined company X, I worked at the ABC newspaper.” Hot stuff New York Times’ stringers are stopped by security guards or police before getting near the actual conference venue. Don’t believe me. Well, try to gate crash the upcoming geo spatial conference in Washington, DC, and let me know how this works out for you.
Fourth, why is NSO acting in a manner so different from the other Israel-influenced cyber intelligence firms? Is Voyager Labs leaking details of its analytic and workflow technology? What about Sixgill’s system for Dark Web content analysis? What’s Webhose.io doing with its content and expanding software suite? What’s Verint, a public company, rolling out next quarter? NSO is behaving differently, and that is an item of interest, worthy of some research, investigation, and analysis.
For the established cyber intel firms like NSO, assertions are not exactly what sells licenses or make BAE Systems, IBM, or Raytheon fear that their licensees will terminate their contracts. How many “customers” for NSO type systems are there? (If you said a couple of hundred, you are getting close to the bull’s eye.) Does publicity sell law enforcement, security, and intelligence systems? Search engine optimization specialists are loco if they think cyber intel firms want to be on the first page of a Google results page.
Consider this series of bound phrases:
Cat’s paw. Bloomberg methods. Buzzfeed and Vice envy. A desire to sell papers. Loss of experienced editors. Journalists who confuse marketing with functioning software?
These are the ideas the DarkCyber team suggested as topics an investigator could explore. Will anyone do this? Unlikely. Too arcane. Too different from what problems multiple systems operating on a global scale present for one method to work. Five Eyes’ partners struggle with WhatsApp and Telegram messages. “Everything” in Amazon or Apple? Really?
Net net: Great assertion. How about something more?
Stephen E Arnold, July 20, 2019
Is Google Aiding the Chinese Government?
July 17, 2019
DarkCyber does not know if Google is aiding the Chinese government. Axios published this story — “Peter Thiel says FBI, CIA should probe Google” — which seems to suggest that the fun loving Googlers are up to something. Here’s the segment of the write up which we circled in red:
“Number one, how many foreign intelligence agencies have infiltrated your Manhattan Project for AI?
“Number two, does Google’s senior management consider itself to have been thoroughly infiltrated by Chinese intelligence?
“Number three, is it because they consider themselves to be so thoroughly infiltrated that they have engaged in the seemingly treasonous decision to work with the Chinese military and not with the US military… because they are making the sort of bad, short-term rationalistic [decision] that if the technology doesn’t go out the front door, it gets stolen out the backdoor anyway?”
These appear to be allegations wrapped in a question bundle. Who can get upset with a few questions?
One thing is certain: Google needs big, new revenue to keep the system rolling. With costs of infrastructure skyrocketing, Google has to generate revenue or face the unpleasant task of curtailing spending. Add to the mix the Bezos bulldozer; that is, the system which gets people to pay for the Amazon plumbing as the company expands its online advertising, policeware, and services businesses. Facebook — despite its self inflicted wounds — continues to push forward. Libra, the proposed digital currency for the country of Facebook, seems more innovative than Google’s new social media meet up service.
Who can answer the Peter Thiel questions? Perhaps Palantir Gotham armed with the “right” data? Will Google trip on its shoelaces?
Stephen E Arnold, July 17, 2019
Amazonia for July 15, 2019
July 15, 2019
The Amazon displacement effect appears to be gaining momentum. Here’s a selection of Bezos bulldozer actions for the past week. DarkCyber has included a handful of items that took place outside this review window, but holidays can perturb in unexpected ways.
Amazon: Disinformation or Dissing the Competition?
A quite interesting article appeared in the Brisbane Times. The title caught my attention: “Former Amazon Scientist Pokes Holes in Data Collection at Brisbane Summit.” DarkCyber noted these quotes and statements in the write up:
- …People in poorer economic areas may not drive, so might not see potholes as a problem, or they were less likely to be connected online, so were less likely to report them. DarkCyber note: This means that the data will mis-report potholes. In short, the data leads to uninformed decisions.
- …Organizations should be transparent about how they used private data, and that citizens should be able to see their own data within the organization…The “right to inspect the refinery”, he said, was another right – that any person must be able to see and observe how organizations were using their data.” DarkCyber note: Amazon seems to preserve and use Alexa data, but that information is not revealed to customers of the Alexa devices.
Note that the speaker is a “former” Amazon scientist.
Employment Developments: Efficiency and Beyond
A report which appeared on July 8, 2019, suggested that Amazon workers will strike on Prime Day. That is a Monday, the same day this Amazonia news run down appears. Alas, we can’t update before this goes live on Prime Day. The origin of this story appears to be Engadget which pegs the action in Minnesota. If false, Amazon has dodged a problem. If it is true, disgruntled Amazon low tier workers may become more bold. What happened in the Middle Ages when those lower down the Great Chain of Being were unhappy? I don’t remember. Perhaps Amazon will have a book about these historical antecedents.
“Amazon Finds an Alternative Workforce Through Northwest Center, a Seattle Nonprofit Helping People with Disabilities” explains another Amazon management approach to staffing. The title explains the tactic.
Another tactic is the use of home workers for customer service roles. These employees receive some benefits. For details see “Amazon Is Hiring 3,000 Work-from-Home Employees with Full Benefits.”
Amazon will retrain its workers. Automation is coming and with it, many jobs will be crushed under the Bezos bulldozer. The New York Times explains the $700 million “retraining” effort but does not reference similar initiatives in Stalinist soviets.
ZDNet contributes the notion of a protest about upskilling. ZDNet reported:
Amazon’s announcement comes amid an Amazon Web Services conference in New York where CTO Werner Vogels was interrupted by protesters. Chants, which revolved around AWS providing technology to the US government, repeatedly picked up as Vogels talked early in his keynote. Vogels, flustered a smidge but rolling with it, said: “I’m more than willing to have a conversation, but maybe they should let me finish first.” AWS’ New York Summit had a similar issue last year, but the 2019 version was more persistent. On AWS’ live stream the protester audio was muted. “We’ll all get our voices heard,” said Vogels.
Does the Bezos bulldozer listen to humans directly or just through Alexa devices? DarkCyber does not know the answer.
Business Insider reveals that Amazon employees want the online bookstore to take a stand against the US government’s enforcement of immigration law. These individuals may not realize that Amazon facial recognition technology may be able to identify them.
Build a Serverless Architecture with AWS
A how to, diagrams, and step by step instructions. Navigate to Hypertrack and learn how “awesome” serverless is. The write up includes suggestions for specific AWS functions to include.
AWS Control Tower Available
I bet you didn’t know that Amazon AWS had a control tower. DarkCyber did not. Satellites, yes. Control towers? Sure, but these are a service automating “the process of setting up a new baseline multi account AWS environment.” InfoQ explains:
With Control Tower, a cloud administrator has a tool, which automates various tasks involving the initial setup of a new AWS environment such as identity and access management, centralized logging, and security audits across accounts. Furthermore, the service consists of several components, including:
- A Landing Zone – the multi-account AWS environment the tool sets up
- Blueprints – design patterns used to establish the Landing Zone
- A set of default policy controls known as Guardrails
- The Environment – an AWS account with all of the attendant resources set up to run an application.
Amazon QLDB
Jerry Hargrove published a useful diagram. Yes, we know it is small, but you can get a larger one and more from the link:
A link to the QLDB is included in the source.
Amazon Offers Centralized and Decentralized Blockchain Services
Most of the people with whom DarkCyber speaks are not aware of Amazon’s digital currency and blockchain services. We noted that Forbes, the capitalist tool, has noticed some blockchain capabilities available from Amazon. We noted:
AWS announced the preview for both of these models, centralized and decentralized, in late November of 2018, according to a press release. At the time of the July 3, 2019 interview with me, Pathak noted, “Quantum Ledger Database, QLDB, is still in preview,” while “Amazon Managed Blockchain went into General Availability at the end of April.” While in preview, customers can gain free access to these projects by filling out a form and signing up, an AWS representative clarified via email. When released for General Availability, anyone can use them.
Timely coverage.
Amazon Emotion Detection
Detecting a person’s emotions can be useful. Examples range from an insurance company’s identifying an insured driver evidencing signs of impending “rage” behavior to an Amazon DeepLens camera identifying an individual becoming increasingly problematic in a restaurant, night club, or sporting event. “Amazon May be Developing a Wearable That Detects Human Emotions” discusses this innovation. DarkCyber wonders if the technology has already been implemented in other Amazon devices; for example, the Alexa home gizmos. Could security and government authorities find this type of data-generating technology useful? DarkCyber thinks this is an interesting question.
DeepLens Now Available in Europe
DarkCyber covers the imaging devices in its Dark Web Version 2 lecture. We want to note The Register’s article “AWS’s Upgraded DeepLens AI Camera Zooms in on Europe” states:
The product is the result of work between AWS and Intel. DeepLens’s hardware consists of a mini PC running Ubuntu 16.4 LTS (Long Term Servicing) upon which is mounted an HD camera.
We noted:
The advantage of DeepLens is that it is ready to go, presuming you want to use AWS for your ML project. The pre-installed software includes AWS IoT Greengrass, which does local processing of IoT data such as the stream of images from your DeepLens camera.
This comment warranted a checkmark:
AWS has its own forthcoming Inferentia project, custom hardware for processing all the common ML frameworks, but currently it seems Google Cloud Platform has an advantage for TensorFlow.
Amazon Neighborhood Watch
A viewer of the DarkCyber Video news program questioned our assertion that Amazon was monitoring with humans, not just DeepLens and other zippy technology. Here’s a no cost source of information: “Amazon’s Neighborhood Watch App Raises Discrimination, Privacy Fears.” The problem is, of course, is that people cannot track Amazon’s activities nor do most professionals want to exert that effort. Hey, those meetings are important and there’s yoga and the off site. The write up points out:
Advocates and experts are worried that an Amazon-owned mobile app, used by owners of its Ring security cameras to upload videos for neighbors to see, could entrench racial discrimination and violate people’s privacy.
Why it matters: The app, called Neighbors, is striking deals to partner with police departments across the country.
Driving the news: Last week, journalists on Twitter noticed Ring was hiring an editor — prompting concerns that Amazon was stoking community fears to sell security systems. (Amazon bought the company last year.)
How it works: People with and without Ring cameras can download the Neighbors app. It features a feed where users can post videos and photos from their cameras, file reports of activity they think is suspicious and read crime reports from the app’s “News Team.”
Poke around online and other bits and pieces of information will surface. If you are lucky, you may get to meet Teresa Carlson, a former Microsoftie who is now Amazon’s VP of the Worldwide Public Sector. (This means government work.)
Amazon Brands
Trust Amazon?
Nope. “There’s No Reason to Trust Amazon’s Choice.” The idea is that Amazon recommends its own products. Do consumers know which products are really Amazon’s? No. The write up states:
Amazon’s typical statement on the matter is this: “Amazon’s Choice is just our recommendation, and customers can always ask for specific brands or products if they choose.” But Amazon’s recommendation doesn’t mean much if the recommendation engine is getting fooled.
Typical? Nope, standard operating procedure.
Furthermore, the article “These Are All the Businesses You Never Knew Were Owned by Amazon” was a heroic effort by a shopaholic. Among the gems in the list were these five brands with names DarkCyber found suggestive:
- 206 Collective (Was a variant of this in use in Stalinist stores?)
- Coastal Blue (Similar to the code name for the first stealth aircraft, “Have Blue”)
- Core 10 (a phrase similar to those in use in the nuclear industry)
- The Fix (slang for a rigged event or a drug injection)
- Mint Lilac (a code name similar to those used by SAS operatives).
Amazon Acquisitions
Business Insider (which may or may not beg for your email or demand cash to view the article) compiled from open sources of information a list of Amazon acquisitions. These lists are usually incomplete because the researchers typically exclude partial investments, stakes held by individuals who employed by Amazon, and clever deals in which services are exchanged for stock. The real excitement is often in these secondary holdings. In the case of this article, the coverage of the list is superficial. Contact your local Wall Street purveyor of investor research for a more thorough run down.
Amazon’s Impact on Truck Drivers
Business Insider ran this story: “Truckers Say Amazon’s New Logistics Empire Is Being Underpinned by Low, Ridiculous Rates — and Some Are Refusing to Work with Them.” Amazon’s investments in self driving are not included in the lists of Amazon’s acquisitions. But Amazon is focused on efficiency. Robots are efficient. Humans require benefits, retirement plans, and other “soft” and “squishy” things which add escalating and variable costs. Nope, not in Amazon’s future.
How to Put Amazon in Your Business?
Answer: Just use Amazon. Plus, CTO Vision ran a “real” news story called “Amazon on How Businesses Can Implement AI.” The write up is a pointer to an Amazon movie “How AWS Is Changing Businesses Using Artificial Intelligence.” The video runs about four minutes, too short for popcorn, long enough to get the message across, “Embrace Amazon.” Admission is free even if one does not have a Prime membership. More Amazon PR is included in “At Re:MARS, Amazon Sells Itself As an AI Innovator.” Unlike Facebook and Google, Amazon is taking note of America Online’s disc campaign and refined it. Instead of CD ROMs, Amazon is using digital reminders, flashy technology, and glitzy conferences to make clear that it is the Bezos way or one will be sitting on the side of the Amazon toll way.
Amazon Revenue
According to GeekWire, Amazon’s sale of products make up less than half of Amazon’s revenue. Where’s the other revenue come from? Amazon Web Services, advertising, and “other” revenue streams. Is this important? Facebook, Google, and Microsoft may care. Regulators? Tough to say.
We noted a question posed by the Motley Fool, a rock solid financial advisory service: Is Amazon spending too much cash on Lord of the Rings? You can read the MBAistic discussion at this link. The answer is that the streaming world is a competitive place. Deep pockets are needed for this game. Even Google is working to fix up its YouTube service. If Amazon doesn’t get with the seeing stone, Apple, Disney, Netflix, or another outfit with cash will. Netflix has lost “Friends” and that’s the new world of streaming video. Losing friends.
Amazon: Asking Permission
“Amazon Asks to Join Broadband Space Race with Elon Musk’s SpaceX” signals a new spirit at Amazon. The write up reports:
Amazon.com asked for U.S. permission to launch 3,236 communications satellites, joining a new space race to offer internet service from low orbits and challenge the fleet planned by Elon Musk’s SpaceX.
Yes, asking permission.
Amazon’s satellite initiative is designed to help people get Internet access. Those without Internet access can use Amazon for shopping, videos, and computer services. But the permission angle is noteworthy.
Amazon Faces Challenges
There has been an uptick in “Amazon faces challenges” news. The Telegraph published “As Amazon Turns 25, What Are the Biggest Challenges Facing the World’s Most Powerful Company?” The Week, another UK publishing outfit, chimed in with “Amazon at 25: Where Next for the Online Giant?” These “analyses” recycle truisms. But after a decade of inattention, the rush to criticize is amusing.
More interesting were these items about Amazon’s new world:
Deliveroo Stalled
CNN reported:
UK regulators have ordered Amazon to pause its investment in UK food delivery startup Deliveroo while they consider whether the deal amounts to a takeover.
UK Investigates Amazon
The Associated Press, an outfit which frightens us, emitted a write up called “UK Investigation of Amazon Investment Shows Tougher Approach.” The AP story appeared in SFGate. We won’t quote from the story. What’s up is that government authorities are going to scrutinize Amazon. Amazon has been in business for more than 20 years. What’s the rush? Possible revenue from fines and taxes. These are potent forces in some nation states.
French Push Back
SFGate reported that Amazon faced some environmental pushback in Paris, France. We learned:
Protesters also disrupted Amazon sites in the southern city of Toulouse and northern city of Lille, hoping to inspire similar action in other countries.
C’est dommage.
Adding fuel to the environmental dumpster fire was a report that the online bookstore will not reveal how much carbon is pumped into the atmosphere by its Australian server operations. The Register said:
It’s one rule for Jeff Bezos’ online empire, and another for everyone else.
Security Issue
A new exploit has appeared. The code is Magecart and it attacks misconfigured AWS S3 instances. The method used is called “skimming.” The basic idea is to siphon off credit card data.
One unique feature of the S3 attacks is that the group is using a “spray and pray” technique as opposed to previous attacks that were highly targeted. In this case, the Magecart group is installing the skimmer code on any open S3 instances it can find in the hope that some of them may be linked to sites that have e-commerce functions.
Financial fraud is a new core competency of some bad actors and industrialized crime cartels. You can read more in Silicon Angle.
Selected Partner / Integrator News
- The Chengdu Hi-tech Zone has teamed up with the Chinese non governmental organization to create a joint innovation zone. The idea is that Amazon and its partner will have an accelerator, incubator, international maker space and talent base. Source: Yahoo
- Datadog has achieved AWS Microsoft workloads competency status. Source: Business Wire
- Dobler Consulting has achieved Select Partner status as part of the Amazon Partner Network (APN). Source: Business Insider
- Saviynt announced support for the newly launched Amazon EventBridge, from Amazon Web Services (AWS). (Amazon EventBridge is a serverless event bus service that connects applications using events.) Source: Digital Journal
- Iron Mountain now supports AWS. The announcement included this remarkable phrase: ‘’Iron Mountain announced it has joined the AWS Partner Network (APN) as a Select Technology Partner, enabling customers to accelerate their digital transformation journey with AWS.” Source: Yahoo
- The Spanish vendor Media Interactiva Media Interactiva offers system developers and engineers the chance to prepare for certification in Amazon Web Services (AWS). Source: Business Insider (may be paywall protected or free. It’s sort of hit and miss with this media and “real” news giant.)
- SentryOne has also achieved Advanced Tier status in the Amazon Web Partner Services Network (APN) as well as Amazon Web Services (AWS) Microsoft Workloads Competency status. Source: Yahoo
- SIOS Technology Corp. achieved Amazon Web Services (AWS) Microsoft Workloads Competency status within the AWS Partner Network (APN). Source: Yahoo
- Trend Micro will deliver transparent, inline network security with Amazon Web Services Transit Gateway. Source: MarketWatch
- Turbonomic has achieved Amazon Web Services (AWS) Microsoft Workloads Competency status as an inaugural global launch AWS Partner Network (APN) Partner. Source: Yahoo
- Unissant has joined the AWS consulting partner network. Source: Globe News Wire
- Oooh rah. The US Marines and Amazon have teamed up for AWS training. Source: Education Drive
Stephen E Arnold, July 15, 2019
ICE Document Collection
July 10, 2019
DarkCyber noted that Mijente published a collection of US government documents. According the landing page for “Ice Papers”:
The ongoing threat of raids for mass deportations has made it necessary for us to understand the inner workings of ICE’s mass raid operations. We’ve confirmed in government documents that ICE operations are politically motivated and not at all about national security, as the administration claims. In their own words, via plans and tactics we uncovered, you will catch a glimpse into their machinations to target, harass, and expel migrants from their communities. While the documents detail information about raids planned back in 2017, we noted the “rinse-and-repeat” nature of ICE’s operations and what we can expect, as Trump reignites the threat of more raids to come after July 4th.
In the collection are documents which provide some competitive insight into Palantir Technologies. Here’s a snip from the Mijente collection. The blue text is a direct quote.
Palantir’s programs and databases were integrated into all Operation Mega planned raids. They are now part of most enforcement actions by ICE.
These raids now use powerful tech and databases in the field. ICE is given authority to use the newest technology and equipment during local operations, including FALCON, FALCON Mobile, ICE EDDIE and Cellbrite [sic] during arrests. [Source document]
- Palantir-designed FALCON and FALCON Mobile. FALCON Mobile can scan body biometrics, including tattoos and irises. FALCON and FALCON Mobile can use “link analysis” to connect profiles and biometrics with associates and vehicles.
- EDDIE is a mobile fingerprinting program that is attached to a mobile fingerprint collection device. These fingerprints are then put into FALCON systems, including ICE’s case management system, Integrated Case Management (ICM, see below). The fingerprints are used to identify people to see if they have criminal history or immigration history, including a final deportation order.
- Cellbrite is a handheld unit that breaks into smartphones and downloads information – up to 3000 phones for one device. It can even extract data that was deleted from your phone. ICE claims that they should obtain consent. (See Operation Raging Bull Field Guidance.) FALCON includes access to services provided by Cellbrite.
- ICM was integrated into Operation Mega. All the systems mentioned above feed into the massive new ICE case management system, ICM, another Palantir Technologies product. ICM is a new intelligence system capable of linking across dozens of databases from inside and outside DHS. ICM is scheduled to be completed by September 2019.
The information is used to support the political objectives of ICE. Both HSI and the Fugitive Operations Team set up a detailed and comprehensive reporting system for arrests and deportations that focused on contact with the criminal system, not on their ties to family or communities.agencies. The reporting system, comprised of Daily Operation Reports (DORs), which included numbers arrested after an immigration raid, and “egregious write-ups,” which were summaries of certain arrests during national or local ICE operations, was aligned with ICE’s public affairs and communications system, e.g. this information usually went into ICE press releases.
DarkCyber’s view is that these types of document collections are likely to be controversial. On one hand, individuals testing intelligence analysis software are likely to find the content useful for certain queries. Those working in other fields may make use of the information in these documents in other ways.
While this information is online (as of July 9, 2019), it may warrant a quick look.
Stephen E Arnold, July 10, 2019
ICE Vendors
July 2, 2019
We spotted a list of vendors working with ICE. You can find the company names plus some details about their work in “An Incomplete List of Companies Working with ICE.” The write up uses the phrases “concentration camps” and
ethnic cleansing” which spin the list in a way that advances a particular mental slant. Here’s the description of Palantir Technologies, a vendor providing intelligence software or what DarkCyber classifies as “intelware”:
Palantir Technologies (@PalantirTech): This famously evil company got a $39,340,901 contract from ICE for building and helping to run FALCON, “a database and analytical platform […] to track immigrants and crunch data on forms of cross-border criminal activity.” More info on Palantir’s involvement with ICE and deportation here. Reporting by Spencer Woodman (@SpencerWoodman).
My former employer appears in the list as well:
Booz Allen Hamilton, Inc.(@BoozAllen): A huge infotech company which received a contract worth up to $100,457,166 for advising ICE with their ethnic cleansing campaign and concentration camp system.
However, for a company looking to sell support services to firms with existing government contractors, this list is useful. Cross correlate this list with the names of the individuals at these companies responsible for locating specialist subcontractors, and you might find a bonanza.
Recycling public information can be difficult, and this list is a good sales reference for certain types of vendors.
It would be helpful if the list were in alphabetical order, but that’s unnecessary if one has a short attention span and thumb types with agility.
You may have to register to read the article. However, that ploy is unlikely to deliver the benefits the Medium operation anticipates. Annoying those who suggest others read one’s work seems to be an interesting marketing angle. My dog is now officially a Medium “reader.” He’s a French bulldog, and he is indifferent to Facebook tracking. Good boy!
Stephen E Arnold, July 2, 2019
DarkCyber for July 2, 2019, Is Now Available
July 2, 2019
DarkCyber for July 2, 2019, is now available at www.arnoldit.com/wordpress and on Vimeo at https://vimeo.com/345294527. The program is a production of Stephen E Arnold. It is the only weekly video news shows focusing on the Dark Web, cybercrime, and lesser known Internet services.
This week’s story line up includes: Tor survives another court battle related to a child who overdosed on Dark Web drugs; a newspaper unwittingly provides a road map for undertaking credit card fraud; a profile of DataWalk, a next-generation intelligence platform with a secret sauce; and Recorded Future’s threat intelligence service runs from Amazon’s platform.
This week’s lead story is the revelation that Recorded Future relies on Amazon AWS to serve its new threat intelligence service. Recorded Future was founded in 2009 with initial investors Google and In-Q-Tel, the investment arm of the US Central Intelligence Agency. In May 2019, the predictive analytics company was acquired by Insight Partners, a leading global capital and private equity firm. The purchase price was about $700 million. Recorded Future’s threat intelligence service is in the same product category as FireEye’s information service. Providing threat information in a browser provides easier access to this information. Stephen E Arnold, author of CyberOSINT: Next Generation Information Access, said: “The use of the Amazon AWS platform, not the competing Google service, is significant. Recorded Future joins BAE, Palantir Technology, and a handful of other firms leveraging the AWS infrastructure. Amazon is emerging as the plumbing for law enforcement and intelligence software.”
Other stories for the July 2, 2019, program are:
First, a Utah court decided that Tor, the software bundle required to access the Dark Web, was not liable for a death. The parents of a young person who overdosed on drugs ordered from a online contraband vendor via Tor sued the foundation involved with the anonymizing technology. Other cases have been filed against Tor. The deciding factor in this most recent decision and other cases is the US law which treats online platforms differently from traditional publishers. The court uncovered information that there are about 4,000 people in Utah who use Tor and presumably the Dark Web each day.
Second, a British newspaper published an informational article about online credit card fraud. DarkCyber interpreted the information in the report as a road map for a person who wanted to commit an online crime. The news story provided sufficient information about where to locate “how to” materials to guide an interested individual. Tips for locating sources of stolen credit card data were embedded “between the lines” in the report. The newspaper did omit one important fact. Organized crime syndicates are hiring individuals to commit credit card fraud and other financial crimes.
Finally, DarkCyber profiles a start up called DataWalk. This company provides a next-generation intelligence analysis and investigation platform. Competitors include IBM Analyst’s Notebook and Palantir Technologies Gotham / Titan products. DataWalk, however, has patented its technology which implements the firm’s method of delivering query results from disparate sources of structured an unstructured content. Plus the company can provide an analyst with content from third-party content products such as Thomson Reuters and the specialist publisher Whooster. The service also scales to accommodate data analysis, regardless of the volume of information available to the system. DataWalk’s analytic system operates in near-real time. DataWalk allows a user to perform sophisticated investigative and analytic procedures via a mouse-centric graphical interface. A user can click on an icon and the system automatically generates a “workflow ribbon.” The ribbon can be saved and reused or provided to another member of the investigative team. More information about this firm is available at www.datawalk.com .
Kenny Toth, July 2, 2019
Twitter Tools
June 10, 2019
One of our readers spotted “5 Twitter Tools to Discover the Best and Funniest Tweets.” The article is a round up of software utilities which will provide a selected stream of information from Twitter “content creators.” Keep in mind that threads have been rendered almost useless by Twitter’s editorial procedures. Nevertheless, if you don’t have access to a system which provides the “firehose” content or a repository of indexed and parsed Twitter content, you may find one of these useful:
- Funny Tweeter
- Ketchup (an easy way to provide Google with information about Tweets)
- Really Good Questions
- Thread Reader (what about those disappeared tweets and the not available tweets
- Twitter’s digest
- Twubbler (not exactly a Palantir Gotham timeline, however)
Consult the source article for explanations of each and the links.
Stephen E Arnold, June 10, 2019
Factualities for May 29, 2019
May 29, 2019
Numbers, particularly nice round ones, have been zipping around the interwebs in the last seven days. Here’s a tasty selection of some which caught our attention.
8. Number of people with whom a Google Duo user can chat simultaneously on one mobile phone screen. Source: Esquire
2,000. Number of Mannequin Challenge videos Google used to train its smart software. Source: Igyhaan
14. Number of years Google stored some customers’ passwords in plain text. Source: Next Web
3. Number of years to elapse before IBM commercializes quantum computing. Source: Interesting Engineering
$30 million. Palantir Technologies’ losses in 2018. Note: The company was founded in 2003. Source: Bloomberg
885 million. Number of customer records “exposed” online by a Fortune 500 insurance company named First American Financial. Source: Krebs on Security
71 percent. Percentage of student who would buy an Apple Mac computer if the students could afford the Apple product. Source: Tech Radar
50 percent. Percentage of businesses unable to handle cloud computing security. Source: IT Pro Portal
$425 million. How much money Google will not capture due to the Huawei ban. Source: Mr. Top Step
$2.5 billion. Dollar size of the cloud game market (aka online games) in 24 months. Source: IHS
120 minutes. The length of Microsoft’s E3 2019 press conference. Source: Game Rant
Stephen E Arnold, May 29, 2019
-
- Subscribe to Beyond Search
Feature archive
News archive
-
