Browse > Home / Search

France and US Businesses: Semi Permanent Immiscibility?

November 30, 2022

Unlike a pendulum, the French government and two US high-technology poster kids don’t see eye to eye. However, governments, particularly those in France, are not impressed with the business practices of some US firms. The tried and true “Senator, thank you for the question” and assurances that the companies in questions are following the ethical precepts of respected French philosophers don’t work. “France Directs Schools to Stop Using Microsoft Office & Google Workspace” reports:

In a recent response to an interrogation by a Member of the Parliament, the French Minister of Education clarified that French schools should not use Microsoft 365 and Google Workspace. The reasons behind the Ministry’s position are twofold. First, the Ministry is concerned about the confidentiality and lawfulness of data transfers. Second, reliance on European providers is coherent with the government’s “cloud at the center” policy.

The write up explains that France’s view of privacy and the practices of Apple and Google are not in sync. Then there is the issue of the cloud and where data and information “are.” Given modern network and data center technology, the “there” is often quite tricky to pin down. Tricky is not a word the current French government feels comfortable using when talking about schools, teachers, students, and research conducted by French universities.

How will this play out? France will get its way. That’s why some chickens have labels which mean conformance. No label on that chicken, no deal.

Stephen E Arnold, November 30, 2022

Written by Stephen E. Arnold · Filed Under Google, Government, Microsoft, News | Comments Off on France and US Businesses: Semi Permanent Immiscibility? 

AI: Technology Is Neutral, Right?

November 28, 2022

AI technology can be a boon to many—including cybercriminals. The SmartData Collective describes “3 Ways AI Has Led to Horrifying Cybersecurity Threats.” Writer Alexander Bekker warns:

“The last thing you want is to be hacked by cybercriminals and have your company’s and customers’ data fall into the wrong hands. In order to prevent this from happening, it is important to be aware of any current digital security threats. Sadly, AI technology is only making cybersecurity threats worse than ever. Bob Violino wrote an article in CNBC that said both cybersecurity experts and black hat hackers are using AI technology. However, cybercriminals seem to be benefiting the most from AI, which means that cybersecurity experts need to be more diligent and innovative to use it effectively. With this in mind, let’s start by looking at three of the top current digital threats that are becoming worse due to AI technology, as well as how to prevent them from happening to your company:”

At the top of the list is ransomware, an already robust threat which can be turbocharged with AI automation. Most ransomware attacks begin with phishing emails, so companies must train workers to recognize those tricks. Regular backups will ensure a firm can recover data if someone does slip up. Bekker also mentions credential stuffing, wherein hackers acquire credentials stolen from one company and use them to access another. Machine learning algorithms help criminals make connections between organizations much faster than before. To guard against these attacks, companies should require multi-factor authentication and make sure no one reuses passwords for different websites. This advice brings us to the final culprit, poor cyber hygiene. Some algorithms specialize in pinpointing targets with weak security practices. We are reminded:

“To help improve cyber hygiene, start by requiring two-factor authentication, use a password manager program, and ask that employees not use personal devices for work. Also, to help ensure that hackers will not be able to gain access to usable information, it is important to make sure that your company SSL certificates are current.”

As these bad bots continue to grow more sophisticated, best security practices become even more important. Even if they do not become any less tedious.

Cynthia Murrell, November 28, 2022

Written by Stephen E. Arnold · Filed Under AI, cybercrime, News | Comments Off on AI: Technology Is Neutral, Right? 

Google and Crypto: Solana Should Anyone Ask

November 18, 2022

I read “Google Cloud Just Became a Solana Validator.” The article explains what Google has chosen to reveal to those who follow the company via “real” journalists; namely:

Google’s cloud computing division Google Cloud announced on Saturday that it’s now running a validator on the Solana blockchain, and will soon add features aimed at welcoming Solana developers and node runners.

No big deal. Amazon has blockchain-related services and a handful of patents pertaining to its digital currency inventions. No big deal either.

The write up says:

Google Cloud also announced it’s now indexing Solana data and adding it to its BigQuery data warehouse, a move that will “make it easier for the Solana developer ecosystem to access historical data.” The feature will launch in the first quarter of 2023, Mittal said. Mittal added that Google Cloud is bringing its credits program to “select startups in the Solana ecosystem” with up to $100,000 in Cloud Credits available for applicants.

Ah, more functionality.

What’s not in the write up? How about deanonymization functionality?

Stephen E Arnold, November 18, 2022

Written by Stephen E. Arnold · Filed Under intelware, News | Comments Off on Google and Crypto: Solana Should Anyone Ask 

Amazon: The Bezos Bulldozer Shoves Customers and Crushes Competitors

November 11, 2022

The myth of the enlightened technology company led by an ethical, socially-minded leadership team seems to be dissipating like fog in a Kentucky hollow on a spring morning. Whether it was the craziness of blue and gray checks on Twitter or the public confessions of the Zuck, there is mounting evidence that knowledge of programming does not translate into effective management. In our nifty money centric country,  money means brilliance, leadership skills, wisdom, and a quantum link to JP Morgan, Jay Gould, Andrew Carnegie, et al.

I want to shift from the public chaos to an interesting article from a Silicon Valley type of “real” news outfit. The article which caught my attention is “Basically Everything on Amazon Has Become an Ad.” The write up reveals that Amazon is not an old-fashioned Sears catalog. Nope, Amazon is a more expensive variant of eBay. I noted:

Amazon has designs to boost its ad business to new heights by selling more video commercials on Amazon properties like the video game livestreaming service Twitch and during live sporting events streamed on Prime Video; and by offering audio ads on Amazon Music. The company has also invested heavily in in-house software tools that allow brands to purchase highly targeted ads around the web.

The write up then misses what I think is the main thrust of the Bezos bulldozer. The article states:

Amazon has become a power player in yet another industry, adding advertising to a list that already includes e-commerce, logistics, entertainment, cloud computing, and voice assistants.

Sort of like other close-enough-for-horseshoes’ analysis.

The direction at Amazon is institutionalizing dark patterns. Users/customers think one thing, and the company is moving them like cattle in a Chicago stock yard to the meat packing plant.

Advertising is manipulative communication. Consider these methods at Amazon:

  • Complex pricing mechanisms within AWS
  • Lack of transparency about the data flowing into its commercial database business
  • Functionality provided to certain government agencies within the Amazon Government regions and clouds
  • Functionality within “free” music designed to create a need for a more expensive version of the service so users can create playlists.

There are other dark patterns as well. (I won’t mention the security mechanism for certain AWS cloud services which are extra cost options, not the default.)

Net net: More attention may be warranted by regulatory entities in the US and other countries. The Bezos bulldozer is reshaping landscapes, and everyone thinks that these “developments” are good for everyone. How many rabbits and squirrels are crushed by the Bezos bulldozers each day? Give up. The answer is a lot. Who wants to give up the one-click service, the subscription to common products, and the mythical one-day delivery?

Stephen E Arnold, November 11, 2022

Written by Stephen E. Arnold · Filed Under Amazon, Business strategy, News | Comments Off on Amazon: The Bezos Bulldozer Shoves Customers and Crushes Competitors 

The Google: Indexing and Discriminating Are Expensive. So Get Bigger Already

November 9, 2022

It’s Wednesday, November 9, 2022, only a few days until I hit 78. Guess what? Amidst the news of crypto currency vaporization, hand wringing over the adult decisions forced on high school science club members at Facebook and Twitter, and the weirdness about voting — there’s a quite important item of information. This particular datum is likely to be washed away in the flood of digital data about other developments.

What is this gem?

An individual has discovered that the Google is not indexing some Mastodon servers. You can read the story in a Mastodon post at this link. Don’t worry. The page will resolve without trying to figure out how to make Mastodon stomp around in the way you want it to. The link to you is Snake.club Stephen Brennan.

The item is that Google does not index every Mastodon server. The Google, according to Mr. Brennan:

has decided that since my Mastodon server is visually similar to other Mastodon servers (hint, it’s supposed to be) that it’s an unsafe forgery? Ugh. Now I get to wait for a what will likely be a long manual review cycle, while all the other people using the site see this deceptive, scary banner.
image

So what?

Mr. Brennan notes:

Seems like El Goog has no problem flagging me in an instant, but can’t cleanup their mistakes quickly.

A few hours later Mr. Brennan reports:

However, the Search Console still insists I have security problems, and the “transparency report” here agrees, though it classifies my threat level as Yellow (it was Red before).

Is the problem resolved? Sort of. Mr. Brennan has concluded:

… maybe I need to start backing up my Google data. I could see their stellar AI/moderation screwing me over, I’ve heard of it before.

Why do I think this single post and thread is important? Four reasons:

  1. The incident underscores how an individual perceives Google as “the Internet.” Despite the use of a decentralized, distributed system. The mind set of some Mastodon users is that Google is the be-all and end-all. It’s not, of course. But if people forget that there are other quite useful ways of finding information, the desire to please, think, and depend on Google becomes the one true way. Outfits like Mojeek.com don’t have much of a chance of getting traction with those in the Google datasphere.
  2. Google operates on a close-enough-for-horseshoes or good-enough approach. The objective is to sell ads. This means that big is good. The Good Principle doesn’t do a great job of indexing Twitter posts, but Twitter is bigger than Mastodon in terms of eye balls. Therefore, it is a consequence of good-enough methods to shove small and low-traffic content output into a area surrounded by Google’s police tape.  Maybe Google wants Mastodon users behind its police tape? Maybe Google does not care today but will if and when Mastodon gets bigger? Plus some Google advertisers may want to reach those reading search results citing Mastodon? Maybe? If so, Mastodon servers will become important to the Google for revenue, not content.
  3. Google does not index “the world’s information.” The system indexes some information, ideally information that will attract users. In my opinion, the once naive company allegedly wanted to achieve the world’s information. Mr. Page and I were on a panel about Web search as I recall. My team and I had sold to CMGI some technology which was incorporated into Lycos. That’s why I was on the panel. Mr. Page rolled out the notion of an “index to the world’s information.” I pointed out that indexing rapidly-expanding content and the capturing of content changes to previously indexed content would be increasingly expensive. The costs would be high and quite hard to control without reducing the scope, frequency, and depth of the crawls. But Mr. Page’s big idea excited people. My mundane financial and technical truths were of zero interest to Mr. Page and most in the audience. And today? Google’s management team has to work overtime to try to contain the costs of indexing near-real time flows of digital information. The expense of maintaining and reindexing backfiles is easier to control. Just reduce the scope of sites indexed, the depth of each crawl, the frequency certain sites are reindexed, and decrease how much content old content is displayed. If no one looks at these data, why spend money on it? Google is not Mother Theresa and certainly not the Andrew Carnegie library initiative. Mr. Brennan brushed against an automated method that appears to say, “The small is irrelevant controls because advertisers want to advertise where the eyeballs are.”
  4. Google exists for two reasons: First, to generate advertising revenue. Why? None of its new ventures have been able to deliver advertising-equivalent revenue. But cash must flow and grow or the Google stumbles. Google is still what a Microsoftie called a “one-trick pony” years ago. The one-trick pony is the star of the Google circus. Performing Mastodons are not in the tent. Second, Google wants very much to dominate cloud computing, off-the-shelf machine learning, and cyber security. This means that  the performing Mastodons have to do something that gets the GOOG’s attention.

Net net: I find it interesting to find examples of those younger than I discovering the precise nature of Google. Many of these individuals know only Google. I find that sad and somewhat frightening, perhaps more troubling than Mr. Putin’s nuclear bomb talk. Mr. Putin can be seen and heard. Google controls its datasphere. Like goldfish in a bowl, it is tough to understand the world containing that bowl and its inhabitants.

Stephen E Arnold, November 9, 2022

Written by Stephen E. Arnold · Filed Under Business strategy, Google, News, Social, Social Media, Web 3 | Comments Off on The Google: Indexing and Discriminating Are Expensive. So Get Bigger Already 

Another OSINT Blind Spot: Fake Reviews

November 9, 2022

Fraud comes in many flavors. Soft fraud is a mostly ignored branch of online underhandedness. Examples range from online merchants selling products which don’t work or are never shipped to phishing scams designed to obtain online credentials. One tributary to the Mississippi River of online misbehavior is the category “Fake Reviews.” These appear on many services; for example, Amazon. Some authors and publishers crank out suspicious reviews as a standard business practice. Those with some cash and a low level of energy just hire ghost promoters on Fiverr-like services.

I noted “Up to 30% of Online Reviews Are Fake and Most Consumers Can’t Tell the Difference.” The write up says:

The latest survey from Brand Rated shows nine out of ten consumers use reviews to help decide what to buy, where to eat and which doctor or dentist to see. Experts say that’s a problem because up to 30% of online reviews are fake. “My research shows that the review platforms are just saturated with fake reviews. Far more so than most people are aware of,” said [Kay] Dean [Founder of Fake Review Watch.]

Several questions, assuming the data are accurate:

  1. What incentives exist for bad actors to surf on this cloud of unknowing?
  2. How will smart software identify “fake content” and deal with it in a constructive way?
  3. How many of the individuals in this magical 30 percent will have difficulty making sense of conflicting technical or medical information?

Net net: Cyber crime (hard and soft) are entering a golden age. OSINT analysts, are you able to identify real and fake in a reliable way? Think carefully about your answer.

Stephen E Arnold, November 9, 2022

Written by Stephen E. Arnold · Filed Under News, Open source | Comments Off on Another OSINT Blind Spot: Fake Reviews 

A Flashing Yellow Light for GitHub: Will Indifferent Drivers Notice?

November 9, 2022

I read “We’ve Filed a Law­suit Chal­leng­ing GitHub Copi­lot, an AI Prod­uct That Relies on Unprece­dented Open-Source Soft­ware Piracy. Because AI Needs to Be Bair & Eth­i­cal for Every­one.” The write up reports:

… we’ve filed a class-action law­suit in US fed­eral court in San Fran­cisco, CA on behalf of a pro­posed class of pos­si­bly mil­lions of GitHub users. We are chal­leng­ing the legal­ity of GitHub Copi­lot (and a related prod­uct, OpenAI Codex, which pow­ers Copi­lot). The suit has been filed against a set of defen­dants that includes GitHub, Microsoft (owner of GitHub), and OpenAI.

My view of GitHub is that it presents a number of challenges. On one hand, Microsoft is a pedal-to-the-metal commercial outfit and GitHub is an outfit with some roots in the open source “community” world. Many intelware solutions depend on open source software. In my experience, it is difficult to determine whether cyber security vendors or intelware vendors offer software free of open source code. I am not sure the top dogs in these firms know. Big commercial companies love open source software because these firms see a way to avoid the handcuffs proprietary code vendors use for lock in and lock down without a permission slip. These permissions can be purchased. This fee irritates many of the largest companies which are avid users of open source software.

A second challenge of GitHub is that it serves bad actors in two interesting ways. Those eager to compromise networks, automate phishing attacks, and probe the soft underbelly of companies “protected” by somewhat Swiss Cheese like digital moats rely on open source tools. Second, the libraries for some code on GitHub is fiddled so that those who use libraries but never check too closely about their plumbing are super duper attack and compromise levering vectors. When I was in Romania, “Hooray for GitHub” was, in my opinion, one of the more popular youth hang out disco hits.

The write up adds a new twist: Allegedly inappropriate use of the intellectual property of open source software on GitHub. The write up states:

As far as we know, this is the first class-action case in the US chal­leng­ing the train­ing and out­put of AI sys­tems. It will not be the last. AI sys­tems are not exempt from the law. Those who cre­ate and oper­ate these sys­tems must remain account­able. If com­pa­nies like Microsoft, GitHub, and OpenAI choose to dis­re­gard the law, they should not expect that we the pub­lic will sit still. AI needs to be fair & eth­i­cal for every­one.

This issue is an important one. The friction for this matter is that the US government is dependent on open source to some degree. Microsoft is a major US government contractor. A number of Federal agencies are providing money to companies engaged in strategically significant research and development of artificial intelligence.

The different parties to this issue may exert or apply influence.

Worth watching because Amazon- and Google-type companies want to be the Big Dog in smart software. Once the basic technology has been appropriated, will these types of companies pull the plug on open source support and god cloud commercial? Will attorneys benefit while the open source community suffers? Will this legal matter mark the start of a sharp decline in open source software?

Stephen E Arnold, November 9, 2022

Written by Stephen E. Arnold · Filed Under Microsoft, News, Open source | Comments Off on A Flashing Yellow Light for GitHub: Will Indifferent Drivers Notice? 

Microsoft and Security: Customers! Do Better

November 7, 2022

I have a hunch that cyber security is like Google in the early 2000s. Magic, distractions, and blather helped disguise the firm’s systems and methods for generating revenue. Now (November 4, 2022) the cyber security sector may be taking a page or two from the early Google game plan. Who can blame the cyber security vendors, all 3000 to 7000 of them in the US alone. The variance is a result of the methodology of the business analysts answering the question, “How many companies are chasing commercial, non profit, and government prospects. Either number makes it clear that cyber security is a very big business.

Now stick with me: What operating system and office software is used by about two thirds of the organizations in the United States. The answer, if I can believe the data from my research team, is close enough for horse shoes. Personally, I would peg the penetration of Microsoft software at closer to 90 percent, but let’s go with the 67 percent, plus or minus five percent. That means that cyber security vendors have to provide security for companies already obtaining allegedly secure software and services from Microsoft.

With cyber crime, breaches, zero days, etc, etc going up with dizzying speed, what’s the message I carry away? The answer is, “Cyber security is not working.”

I read “Microsoft Warns Businesses to Up Their Security Game against These Top Threats.” The article then identifies security as a problem. The solution, if I understand the article, is:

Microsoft suggests throughout the MDDR that organizations implement a number of its products into its tech stack to protect against and deal with threats, such as its Security Service Line for support throughout a ransomware attack, and Microsoft Defender for Endpoint for cloud-based protection.

If you are not familiar with MDDR the acronym stands for the Microsoft Digital Defense Report. Presumably Microsoft’s crack security experts and the best available cyber consultants crafted the methods summarized in the article.

The irony is that Microsoft’s own products and services create a large attack surface. Microsoft’s own security tools seem to have chinks, cracks, and gaps which assorted bad actors can exploit.

Net net: Perhaps Microsoft should do security better. Aren’t customers buying solutions which work and do in a way that protects business information and processes? Perhaps less writing about security and more doing security could be helpful?

Stephen E Arnold, November 7, 2022

Written by Stephen E. Arnold · Filed Under Microsoft, News, Security | Comments Off on Microsoft and Security: Customers! Do Better 

Adobe-Pantone, Has an Innovator Covered You You with Freetone Brown?

October 31, 2022

Annoyed about the loss of Pantone colors in Adobe products? I am okay with Affinity and assorted open source tools, so what the innovation free outfits do is not of consequence to me.

Should you want an open source alternative, a color wizard named Stuart Semple has a solution. The details of the colors or “frequencies” as I think of them appear in “I’ve Libertated [sic] the Pantone Colour Palette and I’m Giving It Away for Free Unless You Work for Adobe.”

The colors can be downloaded at this link. If the link goes dead, navigate to Culture Hustle and hunt around for the download link. Even though the palette is free, you will be coughing up your email address and some other potentially interesting information.

Several observations:

  • The cloud monetization plays are likely to stimulate some innovation. The vector of new angles will be designed to block, undercut, undermine, or discredit the corporate cleverness
  • As options become available, increased friction in work processes will result. File formats, digital fingerprints, and embedded sequences similar to those used in steganography will derail some activities. Getting back on track will consume time and resources
  • User groups are dangerous constructs. In person groups are less volatile than online communities. Clever corporates may find themselves locked in an unpleasant and litigious social dust up.

Check out those Freetone browns. What does the color suggest?

Stephen E Arnold, October 31, 2022

Written by Stephen E. Arnold · Filed Under Business strategy, Financial, News | Comments Off on Adobe-Pantone, Has an Innovator Covered You You with Freetone Brown? 

What Is the Color of Greed or Will a Color Picker Land You in Court?

October 31, 2022

When I arrived in Washington, DC, for my first real job at a nuclear consulting company loved by Richard Cheney, I found myself responsible for a contractor on K Street. At that meeting, the contractor explained that the Cheney fave used a specific color of blue to indicate nuclear radiation. Do you have a color in mind for Cherenkov radiation. I do. The printed color came from a thick and somewhat weird collection of color samples bound with a rivet through the heavy pages. Each page contained a group of colors; for example, PMS 313. I said, “Okay, with me.” (The P represents Pantone; the numbers are the presumably proprietary colors once happily confided to the dead tree printing world.)

On my Mac I have an application called ColorSlurp. No printed collection of color chips needed. Just look at a picture in Yandex images for Cherenkov radiation and click on a color. I can then use that color in a painting application like the estimable Paint.net software.

The color technology seems like magic to me. I can, for example, create a pdf of the goose which I use for my logo tinted a wonderful mélange of dead leaf brown and feather gray. Am I in legal jeopardy?

I just read “ You’re Going to Have To Pay to Use Some Fancy Colors In Photoshop Now.” The article explains much about color intellectual property and nothing about frequency. However, I noted this statement:

widely used Adobe apps like Photoshop, Illustrator, and InDesign will no longer support Pantone-owned colors for free, and those wishing for those colors to appear in their saved files will need to pay for a separate license. And this is real life.

Okay, a subscription to a frequency. I assume this makes sense to CPAs, MBAs, and the Adobe/Pantone crowd.

The point is that cloud services make it easy to monetize that which was more difficult to monetize in Gutenberg’s day.

I think we have discovered a color for greed. That color is linked to the color of attorneys and legal eagle feathers. I don’t want to name a color, present a P number, or include its frequency.

Let’s think about “real life.” Pleasant, isn’t it. What color of brown are the walls in most courtrooms tinted? There must be a PMS number for that. I think it is a combo of fertile loam and Cherenkov radiation. If you see it, it is too late.

Stephen E Arnold, October 31, 2022

Written by Stephen E. Arnold · Filed Under Financial, Legal matters, News | Comments Off on What Is the Color of Greed or Will a Color Picker Land You in Court? 

« Previous PageNext Page »

  • Archives

  • Recent Posts

  • Meta