Social Media Litigation is On the Rise

August 12, 2015

When you think about social media and litigation, it might seem it would only come up during a civil, domestic, criminal mischief, or even a thievery suit.  Businesses, however, rely on social media outlets like Facebook, Twitter, and Instagram to advertise their services, connect with their clients, and increase their Web presence.  It turns out that social media is also playing a bigger role not only for social cases, but for business ones as well.  The X1 eDiscovery Law and Tech Blog posted about the “Gibson Dunn Report: Number of Cases Involving Social Media Evidence ‘Skyrocket’” and how social media litigation has increased in the first half of 2015.

The biggest issue the post discusses is the authenticity of the social media evidence.  A person printing out a social media page or summarizing the content for court does not qualify as sufficient evidence.  The big question right now is how to guarantee that social media passes an authenticity test and can withstand the court proceedings.

This is where eDiscovery software comes into play:

“These cases cited by Gibson Dunn illustrate why best practices software is needed to properly collect and preserve social media evidence. Ideally, a proponent of the evidence can rely on uncontroverted direct testimony from the creator of the web page in question. In many cases, such as in the Vayner case where incriminating social media evidence is at issue, that option is not available. In such situations, the testimony of the examiner who preserved the social media or other Internet evidence “in combination with circumstantial indicia of authenticity (such as the dates and web addresses), would support a finding” that the website documents are what the proponent asserts.”

The post then goes into a spiel about how the X1 Social Discovery software can make social media display all the “circumstantial indicia” or “additional confirming circumstances,” for solid evidence in court.  What authenticates social media is the metadata and a MD5 checksum aka “hash value.” What really makes the information sink in is that Facebook apparently has every twenty unique metadata fields, which require eDiscovery software to determine authorship and the like.  It is key to know that everything leaves a data trail on the Internet, but the average Google search is not going to dig it up.

Whitney Grace, August 12, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Google Seeks SEO Pro

August 12, 2015

Well, isn’t this interesting. Search Engine Land tells us that “Google Is Hiring an SEO Manager to Improve its Rankings in Google.” The Goog’s system is so objective, even Google needs a search engine optimization expert! That must be news to certain parties in the European Union.

Reporter Barry Schwartz spotted the relevant job posting at the company’s Careers page. Responsibilities are as one might expect: develop and maintain websites; maintain and develop code that will engage search engines; keep up with the latest in SEO techniques; and work with the sales and development departments to implement SEO best practices. Coordination with the search-algorithm department is not mentioned.

Google still stands as one of the most sought-after employers, so it is no surprise they require a lot of anyone hoping to fill the position. Schwartz notes, though, that link-building experience is not specified. He shares the list of criteria:

“The qualifications include:

*BA/BS degree in Computer Science, Engineering or equivalent practical experience.

*4 years of experience developing websites and applications with SQL, HTML5, and XML.

*2 years of SEO experience.

*Experience with Google App Engine, Google Custom Search, Webmaster Tools and Google Analytics and experience creating and maintaining project schedules using project management systems.

*Experience working with back-end SEO elements such as .htaccess, robots.txt, metadata and site speed optimization to optimize website performance.

*Experience in quantifying marketing impact and SEO performance and strong understanding of technical SEO (sitemaps, crawl budget, canonicalization, etc.).

*Knowledge of one or more of the following: Java, C/C++, or Python.

*Excellent problem solving and analytical skills with the ability to dig extensively into metrics and analytics.”

Lest anyone doubt the existence of such an ironic opportunity, the post reproduces a screenshot of the advertisement, “just in case the job is pulled.”

Cynthia Murrell, August 12, 2015

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Will the Economist Become a Fiat Uno or a Maserati Levant?

August 11, 2015

i read “Exor to Get 40 Percent of the Economist after Pearson Stake Sale.” Pearson, an outfit which once owned a wax museum, is apparently going to sell a chunk of its share of the Economist (a magazine which calls itself a newspaper) to an outfit connected with the Agnelli family. For those who do not track the activities of the Agnellis, the family is a controlling shareholder in Fiat Chrysler Automobiles.

image image

Fiat Uno compared to  Maserati Levant SUV. Is the Economist like to emerge with Fiat Uno styling touches. From my vantage point in Harrod’s Creek, the Economist folks think of themselves owning a Maserati.

I rented a Fiat Uno once. Quite an interesting vehicle was that. The Economist is upscale. At one time it used coated stock in its magazine, sorry, newspaper. I assume that the Economist will receive some design and quality enhancements. Will the Economist emerge as the Fiat Uno of business information? The family wants to make Juventus football club number one. Football and tony business information may be complementary businesses.

Stephen E Arnold, August 11, 2015

Yebol: A Goner, Folks

August 11, 2015

I received a couple of messages about Yebol. The brand name referenced a human and semantic search engine which disappeared in the 2009-2010 time period. The system has been associated with Hong Feng Yin. The buzzwords associated with the system were meme theory and optimization, clustering and classification, etc. I am not sure what has triggered references to the system, but my file data shows that this is a system that anticipated Qwant.com. After a PR and marketing push in 2009, the Yebol shout became muted. The comments and links to Xavier Lur’s write up are a joint in time. Even Wikipedia knows this cat’s nine lives have been exhausted.

Stephen E Arnold, August 11, 2015

Google: Just an Index Entry

August 11, 2015

The world is spinning. Google is Alphabet. The pundits are out in force. To get the scoop straight from the leaders of the math club, navigate to “Google Announces Plans for New Operating Structure.” My view is easy to articulate.

First, Google, the search company, is a one trick revenue pony. The math club has not been able to generate significant, organic revenue from bake sales, Loon balloons, and head mounted computers. These activities generate questions about focus, cost control, and management capabilities. The new CFO is curious. Stakeholders are curious. Those seeking relevant search results are curious. The fix is to legitimize doing many things is to create a holding company and converting Google into one index entry.,

Second, the new name Alphabet allows the president of the math club to do anything from A to Z. Clever right? The shift will not increase the organic revenue from home grown products. After 15 years, the GOOG continues to ride the whale that GoTo, Overture, and Yahoo beached long, long ago. Who remembers? Not many, judging from the commentaries I have scanned. An A to Z company has to fill out those index entries.

Third, the stock tweaks will be good news for some stakeholders. But, like the splitting of Hewlett Packard into two companies, MBA plays cannot change the fact that the bulk of Google’s revenue comes from online advertising.

In short, I can stop harping about relevance, precision, and recall when I mention search. Google as an objective search system is paying the bills.

The thrill of the world’s information and all that jazz is gone. Will Alphabet come up with significant new revenue streams? I will wait and see. I might even search Watson for an answer if that technology moves beyond PR and marketing fireworks.

I won’t pose the query to Google. Time to dust off the links to Mojeek.com and Gibiru.com.

Stephen E Arnold, August 11, 2015

Exclusive Interview: Danny Rogers, Terbium Labs

August 11, 2015

Editor’s note: The full text of the exclusive interview with Dr. Daniel J. Rogers, co-founder of Terbium Labs, is available on the Xenky Cyberwizards Speak Web service at www.xenky.com/terbium-labs. The interview was conducted on August 4, 2015.

Significant innovations in information access, despite the hyperbole of marketing and sales professionals, are relatively infrequent. In an exclusive interview, Danny Rogers, one of the founders of Terbium Labs, has developed a way to flip on the lights to make it easy to locate information hidden in the Dark Web.

Web search has been a one-trick pony since the days of Excite, HotBot, and Lycos. For most people, a mobile device takes cues from the user’s location and click streams and displays answers. Access to digital information requires more than parlor tricks and pay-to-play advertising. A handful of companies are moving beyond commoditized search, and they are opening important new markets such as secret and high value data theft. Terbium Labs can “illuminate the Dark Web.”

In an exclusive interview, Dr. Danny Rogers, one of the founders of Terbium Labs with Michael Moore, explained the company’s ability to change how data breaches are located. He said:

Typically, breaches are discovered by third parties such as journalists or law enforcement. In fact, according to Verizon’s 2014 Data Breach Investigations Report, that was the case in 85% of data breaches. Furthermore, discovery, because it is by accident, often takes months, or may not happen at all when limited personnel resources are already heavily taxed. Estimates put the average breach discovery time between 200 and 230 days, an exceedingly long time for an organization’s data to be out of their control. We hope to change that. By using Matchlight, we bring the breach discovery time down to between 30 seconds and 15 minutes from the time stolen data is posted to the web, alerting our clients immediately and automatically. By dramatically reducing the breach discovery time and bringing that discovery into the organization, we’re able to reduce damages and open up more effective remediation options.

Terbium’s approach, it turns out, can be applied to traditional research into content domains to which most systems are effectively blind. At this time, a very small number of companies are able to index content that is not available to traditional content processing systems. Terbium acquires content from Web sites which require specialized software to access. Terbium’s system then processes the content, converting it into the equivalent of an old-fashioned fingerprint. Real-time pattern matching makes it possible for the company’s system to locate a client’s content, either in textual form, software binaries, or other digital representations.

One of the most significant information access innovations uses systems and methods developed by physicists to deal with the flood of data resulting from research into the behaviors of difficult-to-differentiate sub atomic particles.

One part of the process is for Terbium to acquire (crawl) content and convert it into encrypted 14 byte strings of zeros and ones. A client such as a bank then uses the Terbium content encryption and conversion process to produce representations of the confidential data, computer code, or other data. Terbium’s system, in effect, looks for matching digital fingerprints. The task of locating confidential or proprietary data via traditional means is expensive and often a hit and miss affair.

Terbium Labs changes the rules of the game and in the process has created a way to provide its licensees with anti-fraud and anti-theft measures which are unique. In addition, Terbium’s digital fingerprints make it possible to find, analyze, and make sense of digital information not previously available. The system has applications for the Clear Web, which millions of people access every minute, to the hidden content residing on the so called Dark Web.

image

Terbium Labs, a start up located in Baltimore, Maryland, has developed technology that makes use of advanced mathematics—what I call numerical recipes—to perform analyses for the purpose of finding connections. The firm’s approach is one that deals with strings of zeros and ones, not the actual words and numbers in a stream of information. By matching these numerical tokens with content such as a data file of classified documents or a record of bank account numbers, Terbium does what strikes many, including myself, as a remarkable achievement.

Terbium’s technology can identify highly probable instances of improper use of classified or confidential information. Terbium can pinpoint where the compromised data reside on either the Clear Web, another network, or on the Dark Web. Terbium then alerts the organization about the compromised data and work with the victim of Internet fraud to resolve the matter in a satisfactory manner.

Terbium’s breakthrough has attracted considerable attention in the cyber security sector, and applications of the firm’s approach are beginning to surface for disciplines from competitive intelligence to health care.

Rogers explained:

We spent a significant amount of time working on both the private data fingerprinting protocol and the infrastructure required to privately index the dark web. We pull in billions of hashes daily, and the systems and technology required to do that in a stable and efficient way are extremely difficult to build. Right now we have over a quarter trillion data fingerprints in our index, and that number is growing by the billions every day.

The idea for the company emerged from a conversation with a colleague who wanted to find out immediately if a high profile client list was ever leaded to the Internet. But, said Rogers, “This individual could not reveal to Terbium the list itself.”

How can an organization locate secret information if that information cannot be provided to a system able to search for the confidential information?

The solution Terbium’s founders developed relies on novel use of encryption techniques, tokenization, Clear and Dark Web content acquisition and processing, and real time pattern matching methods. The interlocking innovations have been patented (US8,997,256), and Terbium is one of the few, perhaps the only company in the world, able to crack open Dark Web content within regulatory and national security constraints.

Rogers said:

I think I have to say that the adversaries are winning right now. Despite billions being spent on information security, breaches are happening every single day. Currently, the best the industry can do is be reactive. The adversaries have the perpetual advantage of surprise and are constantly coming up with new ways to gain access to sensitive data. Additionally, the legal system has a long way to go to catch up with technology. It really is a free-for-all out there, which limits the ability of governments to respond. So right now, the attackers seem to be winning, though we see Terbium and Matchlight as part of the response that turns that tide.

Terbium’s product is Matchlight. According to Rogers:

Matchlight is the world’s first truly private, truly automated data intelligence system. It uses our data fingerprinting technology to build and maintain a private index of the dark web and other sites where stolen information is most often leaked or traded. While the space on the internet that traffics in that sort of activity isn’t intractably large, it’s certainly larger than any human analyst can keep up with. We use large-scale automation and big data technologies to provide early indicators of breach in order to make those analysts’ jobs more efficient. We also employ a unique data fingerprinting technology that allows us to monitor our clients’ information without ever having to see or store their originating data, meaning we don’t increase their attack surface and they don’t have to trust us with their information.

For more information about Terbium, navigate to the company’s Web site. The full text of the interview appears on Stephen E Arnold’s Xenky cyberOSINT Web site at http://bit.ly/1TaiSVN.

Stephen E Arnold, August 11, 2015

Teper Returns to SharePoint Division

August 11, 2015

SharePoint is a huge organization within the even larger corporation of Microsoft. Leaderships shifts are not uncommon, but they can often point toward something meaningful. The Seattle Times offers some insight into Microsoft’s latest shake-up in their article, “Microsoft Exec Teper Exits Strategy Role, Returns to Sharepoint.”

The article sums up the leadership change:

“Jeff Teper, Microsoft’s former head of corporate strategy, will return to the Office division he left a year ago. Teper, a longtime Office executive, shifted last year to corporate vice president of strategy, reporting to Chief Financial Officer Amy Hood. In April, he moved to Kurt DelBene’s team when that former Microsoft executive returned to the company to lead corporate strategy and planning.”

Teper’s earlier career is telling, as he led Microsoft’s move to Office 365. With the upcoming release of SharePoint Server 2016, users have been assured that on-premises versions will remain an option but that web-based services, including Office 365 features, will continue to shine. For continued updates on the future of SharePoint, stay tuned to the dedicated SharePoint feed on ArnoldIT.com. Stephen E. Arnold has made a career out of search and his work offers a lot of information without a huge investment in time.

Emily Rae Aldridge, August 11, 2015

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Advice for Smart SEO Choices

August 11, 2015

We’ve come across a well-penned article about the intersection of language and search engine optimization by The SEO Guy. Self-proclaimed word-aficionado Ben Kemp helps website writers use their words wisely in, “Language, Linguistics, Semantics, & Search.” He begins by discrediting the practice of keyword stuffing, noting that search-ranking algorithms are more sophisticated than some give them credit for. He writes:

“Search engine algorithms assess all the words within the site. These algorithms may be bereft of direct human interpretation but are based on mathematics, knowledge, experience and intelligence. They deliver very accurate relevance analysis. In the context of using related words or variations within your website, it is one good way of reinforcing the primary keyword phrase you wish to rank for, without over-use of exact-match keywords and phrases. By using synonyms, and a range of relevant nouns, verbs and adjectives, you may eliminate excessive repetition and more accurately describe your topic or theme and at the same time, increase the range of word associations your website will rank for.”

Kemp goes on to lament the dumbing down of English-language education around the world, blaming the trend for a dearth of deft wordsmiths online. Besides recommending that his readers open a thesaurus now and then, he also advises them to make sure they spell words correctly, not because algorithms can’t figure out what they meant to say (they can), but because misspelled words look unprofessional. He even supplies a handy list of the most often misspelled words.

The development of more and more refined search algorithms, it seems, presents the opportunity for websites to craft better copy. See the article for more of Kemp’s language, and SEO, guidance.

Cynthia Murrell, August 11, 2015

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

 

ZeroFox: New Products Available

August 10, 2015

ZeroFOX is a social media centric cyber security firm. The company announced several new products which enable the company to provide end to end social media cyber security solutions.

The products are:

ZeroFOX Enterprise is now powered by FoxScript. FoxScript is a customizable, javascript-based language that allows security analysts to write unique rules for ZeroFOX’s data collection and analysis engines within ZeroFOX Enterprise. FoxScript makes security teams their own greatest innovators: professionals will have a tool at their disposal to track custom security threats and address the issues that matter most to their specific organization. ZeroFOX’s FoxScript will enable security teams to address targeted employee exploitation on social networks and social engineering in particular, cited by 46% of this year’s Black Hat attendees as their greatest cyber security concern.

ZeroFOX Recon, a social media vulnerability and phishing assessment application, enables organizations to discover their social assets and test their vulnerabilities with a comprehensive assessment.

ZeroFOX Threat Feed is an easily-digestible URL feed that provides real-time visibility into global phishing and malware attacks delivered via social media. Threat Feed integrates seamlessly into existing security technology to supercharge organization’s Threat Intelligence Platforms (TIP) or SIEMs with threats from where their people are most vulnerable. Threat Feed can also be directly integrated into leading firewall, web security and email security platforms.

The announcement included two interesting items in its announcement:

  1. Facebook scams are an effective method to breach an organization’s network.
  2. Twitter is a popular attack vector used by “Russian government backed hackers.”

Why search when one can copy “interesting” digital information?

Stephen E Arnold, August 10, 2015

YouTube Consumer: Do You Want a Pet RAT?

August 10, 2015

Because information access is shifting from the dinosaur approach (human figures out a query) to the couch potatoes’ approach (just consume what a click and an algorithm deliver), I will be adding more coverage of “enhanced” search and retrieval.

Today, we do RATs.

Navigate to “Google Profits from YouTube RAT Infestation, Says Consumer Group.” The idea is that you learn how to embed remote access tools on another couch potato’s computing device. There are quite a few folks into the RAT game.

The article suggests that the GOOG profits from instructional videos which teach folks how to use RATs. According to the write up, the Digital Citizens Alliance (DCA) has

called on YouTube to stop monetizing videos that promote the use and dissemination of RATs, saying in a release that there’s “no reason” why major brands should be running adverts alongside these videos:

No company - especially one as big as Google - should make even a penny from videos that show the faces of victims and IP addresses.

The BBC reports that Adam Benson, deputy director of the DCA, said that the trade in stolen webcam footage was “troubling” and called on Google to stop relying on computer-based methods to find and remove the videos.

Intrigued? There are industrial strength tools available to build your own RAT colony. To get the details, you will have to wait until my new study “Dark Web Basics” is available.

Stephen E Arnold, August 10, 2015

« Previous PageNext Page »

  • Archives

  • Recent Posts

  • Meta