Google and the US: Winning Friends in China Not
August 7, 2020
DarkCyber spotted this weak beacon of adulting: “YouTube Bans Over 2,000 Chinese Accounts for Coordinated Influence Operations.” The write up states:
Between April and June this year, the company’s division responsible for combating government-backed attacks, Threat Analysis Group (TAG) took down about 2,600 YouTube accounts, significantly up from the 277 channels it blocked in the first three months of 2020. Most of these channels posted “spammy, non-political content”, Google said in a blog post, but some of them were actively participating in a spam network and uploaded political content primarily in Chinese.
Interesting. In an unrelated action DarkCyber wants to thank a reader for sending us a link to this story: “Pompeo Offers $10 Million Reward For Information On Foreign Election Interference.” The article reports:
In his latest speech excoriating China and the American tech industry for helping to enable untrustworthy Chinese companies by including their apps in various app stores, the Secretary of State warned Wednesday that the US was working to rein in Chinese cloud providers, while encouraging US tech firms to drop certain Chinese-run apps from their app stores. Pompeo also revealed the state department would offer $10 million reward for the identity or location of “any person who acting at the direction of a foreign government interferes with US. elections by engaging in certain criminal cyber activities.”
If these reports are accurate, Google and the US are unlikely to be perceived as positive factors in China’s effort to thrive globally.
Stephen E Arnold, August 7, 2020
A Recipe for Thinly Sliced Technology: Is the Pizza Still a Pizza?
July 30, 2020
I don’t want to wax philosophical. Amazon is associated with the concept of the two-pizza team. The idea is that when something crashes, get two people to fix it. Amazon is a two-pizza company, and it works well enough to make Mr. Bezos a star among stars when it comes to cash and risk of government regulation.
The write up “Many Small Teams” seems to be about an idea and a general business practice.
I noted this passage in the article:
Somewhere along the line, we forgot about “reducing communication” just started fixating on assigning independent teams to problem statements that were essentially tiny slices of business problems. As the problem space gets more finely sliced in hopes of achieving scale at each step, so does the number of teams. e.g. What might have been a “Data Delivery Team” charged with delivering fresh data to customers unfortunately becomes “Data ingestion Team”, “Data processing Team” and “Data Release Team” (real world example).
Is the author describing an Amazon vulnerability? When a pizza is sliced into thin pieces, is it still a pizza? What if the approach creates a dog’s breakfast?
Interesting question? The essay points out that an organic process takes place: Small teams grow. Then teams split. What’s the chief indicator of this condition? Perhaps documentation like Amazon’s explanations of its myriad cloud services. Little slices of pizza with more slicing taking place?
The author of the article works at Uber. Pizza delivery I get. But tiny pizza slices for a gig economy delivery outfit? Like I said philosophy.
Stephen E Arnold, July 31, 2020
IBM Discloses Iranian Hacking: Was Watson on the Job?
July 30, 2020
We spotted an interesting nugget of information in “Iran-Linked Hackers Mistakenly Leak Videos of Their Operations in Action: Report.”
The story reveals that:
IBM’s X-Force security team acquired about five hours of video footage of hacking operations by APT35, a hacking group linked to the Iranian government…
Where did the video originate? The answer: Iran.
The IBM researchers got a hold of the footage due to “a misconfiguration of security settings on a virtual private cloud server they’d observed in previous APT35 activity,” the report said, adding that the files were uploaded to the exposed server over a few days in May, just as IBM was monitoring the machine. The APT35 hackers recorded their operations to demonstrate to junior team members how to handle hacked accounts, according to the report. The videos show the hackers how to download the contents of compromised Gmail and Yahoo Mail accounts.
The report does not mention Watson. Interesting.
Stephen E Arnold, July 29, 2020
Oracle and Blockchain
July 28, 2020
Amidst the angst about US big technology companies, Rona, and Intel’s management floundering, Oracle blockchain is easy to overlook. “Oracle Updates Blockchain Platform Cloud Service.” The title alone invokes the image of Amazon’s blockchain platform and its associated moving parts.
The write up focuses on Oracle as if the Amazon and other options do not exist. But the parallels with Amazon’s blockchain services are clearly articulated. The article reports:
Blockchain Platform Cloud Service features stronger access controls for sharing confidential information, greater decentralization capabilities for blockchain consortiums, and stronger audibility when rich history database feature is used in conjunction with Oracle Database Blockchain Tables.
Even more Amazon envy seems to have influenced this “new” feature:
Oracle Cloud Infrastructure Availability Domains (and in the regions with a single Availability Domain, three Fault Domains) to provide stronger resilience and recoverability, with the SLA for the Enterprise SKUs of at least 99.95%.
The line up of services strikes me as having been developed after reading Amazon’s blockchain documentation; for example:
- On demand storage
- Spiffed up access controls
- Workflow functions.
There is one difference, however. It appears that Oracle wants to tackle Amazon blockchain at a weak point: Price. Oracle is not likely to be significantly cheaper than AWS blockchain. Oracle wants to make its pricing more or less understandable to a prospect.
Will clarity allow Oracle to compete with Amazon blockchain?
After losing Amazon as a customer and watching the online book store pump out blockchain inventions for several years, Oracle hopes its approach will prevail or at least catch up with the Bezos bulldozer.
Stephen E Arnold, July 28, 2020
Alleged Business Practices of the Rich and Worshipped or Ethics R Us
July 28, 2020
DarkCyber spotted two separate stories which address a common theme. The write ups are “new age” news, so allegations, speculation, and political perspectives infuse the words used in each of these. Nevertheless, both write ups merit noting because two points are useful when a trend line may lurk in the slope between the dots.
The first article is “Google Spying on Users’ Data to Learn How Rival Apps Work: Report.” The article asserts:
Google is reportedly keeping tabs to how its users interact with rival Android apps, selectively monitoring how the users interact with non-Google apps via an internal program to make its own products better.
The article jumps to Google’s unique ability to see lots of data from its privileged position of being involved in each facet of certain markets: Channel, partner, vendor, developer, and customer. The operative word in the title is “spying,” but the issue is ethical and socially responsible behavior. Some science club members want access to the good stuff in the electronics supply door. Hey, cool.
The second write up is about everyone’s favorite online retailer, cloud vendor, and services firm. DarkCyber thinks the logo of Amazon should be the Bezos bulldozer. It landscapes the way it wants. “Amazon Reportedly Invested in Startups and Gained Proprietary Information before Launching Competitors, Often Crushing the Smaller Companies in the Process” is one of those stories whose title is the story. We noted this passage in the write up as additive:
Amazon met with or invested in their companies, only to later build its own products that directly competed with the smaller company.
Let’s assume that these write ups are mostly accurate. The behaviors are untoward because those duped, bilked, fooled, or swindled assumed that those across the table were playing with an unmarked deck and wanted an honest game.
DarkCyber sees the behavior as similar to a “land grab.” As long as there is minimal anti monopoly enforcement and essentially zero consequences in a legal process, the companies identified in these write ups can do what they want. DarkCyber thinks that the behaviors are institutionalizes; that is, even with changes in senior management and regulatory oversight, the organizations will, like a giant autonomous mine truck, just keep rolling forward. When the truck rolls over a worker, collateral damage. That’s how life works in the gee whiz world of high technology.
Stephen E Arnold, July 28, 2020
TileDB Developing a Solution to Database Headaches
July 27, 2020
Developers at TileDB are working on a solution to the many problems traditional and NoSQL databases create, and now they have secured more funding to help them complete their platform. The company’s blog reports, “TileDB Closes $15M Series A for Industry’s First Universal Data Engine.” The funding round is led by Two Bear Capital, whose managing partner will be joining TileDB’s board of directors. The company’s CEO, Stavros Papadopoulos, writes:
“The Series A financing comes after TileDB was chosen by customers who experienced two key pains: scalability for complex data and deployment. Whole-genome population data, single-cell gene data, spatio-temporal satellite imagery, and asset-trading data all share multi-dimensional structures that are poorly handled by monolithic databases, tables, and legacy file formats. Newer computational frameworks evolved to offer ‘pluggable storage’ but that forces another part of the stack to deal with data management. As a result, organizations waste resources on managing a sea of files and optimizing storage performance, tasks traditionally done by the database. Moreover, developers and data scientists are spending excessive time in data engineering and deployment, instead of actual analysis and collaboration. …
“We invented a database that focuses on universal storage and data management rather than the compute layer, which we’ve instead made ‘pluggable.’ We cleared the path for analytics professionals and data scientists by taking over the messiest parts of data management, such as optimized storage for all data types on numerous backends, data versioning, metadata, access control within or outside organizational boundaries, and logging.”
So with this tool, developers will be freed from tedious manual steps, leaving more time to innovate and draw conclusions from their complex data. TileDB has also developed APIs to facilitate integration with tools like Spark, Dask, MariaDB and PrestoDB, while TileDB Cloud enables easy, secure sharing and scalability. See the write-up for praise from excited customers-to-be, or check out the company’s website. Readers can also access the open-source TileDB Embedded storage engine on Github. Founded in 2017, TileDB is based in Cambridge, Massachusetts.
Cynthia Murrell, July 27, 2020
Softies and SASers Team to Deliver Bigly Solutions
July 24, 2020
Microsoft and SAS are two of the biggest names in technology. They have decided to combine their powers to form a strategic, technological partnership. IT-Online shares the news in the report, “SAS, Microsoft Partner On Analytics And AI.”
SAS specializes in analytics software, while Microsoft popularized the personal computer. With this new partnership, their customers can expand SAS business solutions across Microsoft’s veritable product array. This specifically means:
“As part of the partnership, the companies will migrate SAS’ analytical products and industry solutions on to Microsoft Azure as the preferred cloud provider for the SAS Cloud. SAS’ industry solutions and expertise will also bring added value to Microsoft’s customers across health care, financial services and many other industries.”
The ultimate goal for Microsoft and SAS is to bolster their bottom dollar, but both clientele sets will gain many advantages. SAS will have easier access to the cloud and Microsoft gains access to powerful analytics software. The analytics software is of particular interest for Microsoft, because they want to integrate SAS technology into Azure and Dynamics 365 for new solutions.
Is this Cloud babble? You know: Blah, blah, flexibility. Blah, blah, scalability. It is a fancier way for both companies to enrich their product offerings for large organizations with inertia and a desire to move to the future of computing. Too bad Amazon.
Whitney Grace, July 24, 2020
Google Channels IBM: Batter Up, Not Tennis, Anyone?
July 23, 2020
The me too approach to innovation is amusing. IBM applied its marketing genius and the possibly less sparkling Watson to tennis. Now the Google has embraced baseball. “Major League Baseball Scores a Home Run with Google Cloud to Improve Fan Experience” reports that:
The oldest major professional sports league in the US, Major League Baseball, is making better use of data with Google Cloud to personalize the fan experience.
How is that fan experience right now, sports fan? Oh, right. There are limited fan experiences. Baseball lovers can watch some games from exotic countries excluded from the US World Series. That’s a filler like the extra ingredients in hot dogs at some minor league teams’ baseball parks.
There’s another foul ball. The big leaguers will use iPads, not Chromebooks in the dugout. What’s up with that, ump?
But the interesting part of the write up is not about baseball. Here’s the passage which snagged my attention:
MLB also has a project underway called Fast Ball, which Gaedtke [baseball big wig] describes as a fundamentally new approach to video for the game of baseball and its fans.
Again, without real life games, a “new approach” may be necessary.
And there’s more:
MLB is also analyzing fan touch points using Google Cloud across all of its operations to help understand how it can better serve fans.
Isn’t a touch point, “take me out to the ball game”?
The Google Cloud is there to create the “new approach” which seems quite similar to the IBM approach: Marketing fault? Looks more like two strikes and no balls.
Stephen E Arnold, July 23, 2020
Microsoft Policeware in the Line Up of Vendors of Interest
July 20, 2020
The Intercept published “The Microsoft Police State: Mass Surveillance, Facial Recognition, and the Azure Cloud.” Better late than never, “real” news about Microsoft’s race to catch up to Amazon and other specialist vendors is helpful.
The article uses the NYPD and other departments as examples of enforcement entities interested in Microsoft technology.
- And the write up explains these as evidence of a “police state” operated by the Softies in Redmond:
- A Domain Awareness System run from the Azure cloud. Not a Banjo duplicate, but close enough for horseshoes.
- An Internet of Things MAPP patrol car and a connected officer
- Robots like the Jack Russell and the LT2-F Bloodhound
- Smart software which seems similar to the ZTE installations in Quito, Ecuador
- Facial recognition technology, which has become the poster child for questionable technology.
Several observations:
- Other vendors are in the game as well, and several are providing more sophisticated solutions. Intercept’s focus seems, how shall I put it, narrow
- In my talks at the National Cyber Crime conference this week I put one theme in each of my three lectures: “Smart software is the best bet for restoring parity between bad actors and law enforcement.” Maybe the NYPD and other departments should abandon technology trials, experiments, and acquisitions to make the social fabric so much better
- The purpose of the Intercept write up seems bifurcated. On one hand, the Microsoft capabilities struck me as a check list from a marketing sales presentation. On the other hand, law enforcement is not behaving the way the Intercept believes the police, regulators, and investigators should. Mixed message? Cognitive dissonance? Bias?
Net net: Technology and smart software are essential tools for the foreseeable future.
Stephen E Arnold, July 20, 2020
And Microsoft Wants Its Partners to Support Government Entities?
July 16, 2020
The article “Hack of 251 Law Enforcement Web Sites Exposes Personal Data of 700,000 Cops” troubles me for two reasons.
First, the loss of the data increases risk for the professionals listed in the data files. Not good.
Second, the write up asserts as “real” news:
All of the hacked websites were hosted and built by the Texas web development firm Netsential on Windows servers located in Houston. They were all running the same custom (and insecure) content management system, developed using Microsoft’s ASP.NET framework in the programming language VBScript, using Microsoft Access databases. Because they all run the same software, if a hacker could find a vulnerability in one of the websites that allowed them to download all the data from it, they could use that vulnerability to hack the rest of the websites without much additional effort.
DarkCyber believes that much of the 21st century cyber software jabber is marketing speak.
If the statement about Microsoft’s infrastructure and software is accurate, there are some questions to answer:
- How did the Microsoft partner program allow “experts” certified by Microsoft to create a system with some interesting security issues?
- Where did the Netsential Web site go? Why did its content disappear?
- What does this incident mean in the context of the Department of Defense JEDI contract?
DarkCyber is concerned when a giant corporation cannot update its own Windows 10 operating system and fail to ensure that its partners are qualified to perform sensitive work in a careful manner.
Is there some useful code on Microsoft Github? Snap. Github fell over again just as I was looking.
Another troubling US technology lapse it seems for a company wanting to provide cloud services to the US government and law enforcement.
Stephen E Arnold, July 16, 2020
-
- Subscribe to Beyond Search
Feature archive
News archive
-
