The Government Has a Sock Puppet Theater
January 13, 2017
Law enforcement officials use fake social media accounts and online profiles to engage with criminals. Their goal is to deter crime, possibly even catching criminals in the act for a rock solid case. While this happened way back in 2011, the comments are still coming. In light of the recent presidential election and the violent acts of the past year, it is no wonder the comments are still fresh. Tech Dirt talked about how the, “US Military Kicks Off Plan To Fill Social Networks With Fake Sock Puppet Accounts.”
The goal was for a company to develop a software that would allow one person to create and manage various social media profiles (including more than one profile on the same platform). These accounts will then, and we are speculating on this given how dummy accounts have been used in the past, to catch criminals. The article highlights how the government would use the sock puppet accounts:
Apparently a company called Ntrepid has scored the contract and the US military is getting ready to roll out these “sock puppet” online personas. Of course, it insists that all of this is targeting foreign individuals, not anyone in the US. And they promise it’s not even going to be used on US-based social networks like Facebook or Twitter, but does anyone actually believe that’s true?
Then the comments roll in a conversation that a span of five years the commentators argue about what it means to be American, reaffirming that the US government spies on its citizens, and making fun of sock puppets.
Whitney Grace, January 13, 2017
Exploring Dark Web Motivations
January 13, 2017
The Dark Web continues to be under the microscope. Sophos’ blog, Naked Security, published an article, The Dark Web: Just How Dark Is It? questioning the supposed “dark” motivations of its actors. This piece also attempts to bust myths about the complete anonymity of Tor. There is an entry guard, which knows who the user is, and an exit node, which knows the user’s history and neither of these are easy to avoid. Despite pointing out holes in the much-believed argument full anonymity always exists on Tor, the author makes an effort to showcase “real-world” scenarios for why their average readers may benefit from using Tor:
If you think a web site is legitimate, but you’re not completely sure and would like to “try before you buy,” why not take an incognito look first, shielding your name, your IP number, even your country? If you’re investigating a website that you think has ripped off your intellectual property, why advertise who you are? If you want to know more about unexceptionable topics that it would nevertheless be best to keep private, such as medical issues, lifestyle choices or a new job, why shouldn’t you keep your identity to yourself? Similarly, if you want to offer online services to help people with those very issues, you’d like them to feel confident that you’ll do your best to uphold their privacy and anonymity.
We’re not convinced — but perhaps that is because the article put its foot in its mouth. First, they tell us Tor does not provide full anonymity and then the author attempts to advocate readers use Tor for anonymity. Which is it? More investigation under a different lens may be needed.
Kenny Toth, January 13, 2017
Artificial Intelligence: The JASON Report
January 12, 2017
Compared to documents from the US Internal Revenue Service, “Perspectives on Research in Artificial Intelligence and Artificial General Intelligence Relevant to DoD, Document JSR-16-Task-003,” released in January 2017, is a literary gem. You may be able to locate the unclassified document at this link, but Beyond Search is not guaranteeing that the link will exist when you decide to pull down the 70 page report. If you are the Washington Post, looking for a source document may be too much trouble to do some “real” research. The report was prepared by The Mitre Corporation. You know the firm’s buildings on Colshire Drive. Look for the shiny windows.
Now the report.
The document does some important explanation of what artificial intelligence means. Most discussions of smart software ignore distinctions. The Jason document does not.
If you are interested in search, information access, and related disciplines, the report embraces a number of interest areas; for example, natural language processing, machine learning, and social media analysis. If you are familiar with the hive mind drone program, artificial intelligence is an important tool for warfighting, not just serving pizza ads to a mobile phone user.
Of particular interest is the discussion of “deep learning.” This term refers to the systems and methods used to make software “smart.” Recognition of objects, situational awareness, and learning are based on specific numerical recipes and procedures. Many of these have been known for many years. Fast computing makes it possible to knit together modules in order to improve the precision, recall, and reliability of data outputs. The report touches upon manifolds, a subject which is rarely included in the popular and trade banter about smart software. (For a mental image of manifolds optimization, visualize a termite nest.)
I highlight this listing of high potential topics in smart software:
- Reinforcement learning
- Graphical models (manifolds and triply periodic minimal surfaces)
- Generative models
- Probabilistic programming.
The paper acknowledges that smart software will make use of hybrid models; that is, orchestrated sequences of methods.
The discussion of hardware makes it clear that existing computer technology is a hurdle. Innovations like Google’s tensor processing unit component. In my experience, hardware remains a problem as long as going faster depends on Von Neumann architecture.
The implications for the US Department of Defense are significant. The unclassified report identifies some mountain tops and leaves the details out of the picture.
Worth reading.
Stephen E Arnold, January 12, 2017
IBM Does Not Correlate Patents and Revenue
January 12, 2017
I read “IBM Achieves Record Number of U.S. patents in 2016, 24th Straight Year of Patent Dominance.” I learned that Big Blue, the owner of the Watson things, “earned a total of 8,088 U.S. patents last year at a rate of 22 patents per day…” Impressive. I checked IBM’s financial performance and verified that the company has reported its 18th consecutive quarter of declining revenue. It certainly seems that generating top line revenue growth is not correlated with filing patents. What is correlated is the overhead cost of preparing patent documents. Less stressful than making sales I believe. I respond to revenue dominance, not lawyering. But that’s my Harrod’s Creek shortsightedness.
Stephen E Arnold, January 12, 2017
RAVN Flaps Amidst a Flurry of Feathers
January 12, 2017
I read “Abraaj Drives Innovation in Private Equity Market with Implementation of RAVN’s Cognitive Search Solution.” The main idea is that RAVN, a vendor of enterprise search, has snagged a customer. That’s good. What’s interesting about the write up is the language of the “news.” Here’s a rundown of the words I highlighted as flaps of the RAVN’s marketing department wings:
- Access
- Artificial intelligence and AI
- Classify
- Cognitive search
- Collaborate
- Component
- Connect enterprise
- Data mining
- Deal flow
- Differentiation
- Drive innovation
- Dynamic decisions
- Engagement
- Engine as in “cognitive engine”
- Experts and expertise
- Extract
- Functional knowledge
- Ground breaking
- Growth markets organization
- Highly distributed network
- Internal and external content
- Intelligently transforms
- Interrelationships
- Knowledge graph
- Knowledge management
- Knowledge sources
- Leverage
- Lifecycle
- Monitoring
- Multi geography
- Navigate
- Phases
- Platform
- Proprietary
- Sector knowledge.
- Sectoral
- Secure
- Solutions
- Teams
- Transformation
- Unstructured
- Visualize
What’s left out? No analytics, which is one of the must have functions for a modern search and content processing system. My hunch is that RAVN has numbers in its nest. In the millennial editing frenzy, counting visitors and other useful items was overlooked. Amazing stuff. No wonder some folks roll their eyes when enterprise search vendors trot out keyword search dressed in rhetoric honed by Sophists.
For more lingo which makes search seem more than it is, review the list of cacaphones at this link. Ah, the cacophony of search and retrieval vendors.
Stephen E Arnold, January 12, 2017
Chinese Censorship Agency Declares All News Online Must Be Verified
January 12, 2017
The heavy hand of Chinese censorship has just gotten heavier. The South China Morning Post reports, “All News Stories Must Be Verified, China’s Internet Censor Decrees as it Tightens Grip on Online Media.” The censorship agency now warns websites not to publish news without “proper verification.” Of course, to hear the government tell it, they just wants to cut down on fake news and false information. Reporter Choi Chi-yuk writes:
The instruction, issued by the Cyberspace Administration of China, came only a few days after Xu Lin, formerly the deputy head of the organisation, replaced his boss, Lu Wei, as the top gatekeeper of Chinese internet affairs. Xu is regarded as one of President Xi Jinping’s key supporters.
The cyberspace watchdog said online media could not report any news taken from social media websites without approval. ‘All websites should bear the key responsibility to further streamline the course of reporting and publishing of news, and set up a sound internal monitoring mechanism among all mobile news portals [and the social media chat websites] Weibo or WeChat,’ Xinhua reported the directive as saying. ‘It is forbidden to use hearsay to create news or use conjecture and imagination to distort the facts,’ it said.
We’re told the central agency has directed regional offices to aggressively monitor content and “severely” punish those who post what they consider false news. They also insist that sources be named within posts. Apparently, several popular news portals have been rebuked under the policy, including Sina.com, Ifeng.com, Caijing.com.cn, Qq.com and 163.com.
Cynthia Murrell, January 12, 2017
HSDirs Could Be the Key to Dark Web Intelligence
January 12, 2017
An article on Security Affairs called Boffins spotted over 100 snooping Tor HSDir nodes spying on Dark Web sites points to a new tactic that could be useful to companies offering Dark Web intelligence services. Within the inner workings of the Dark Web live at least 100, according to researchers, malicious hidden service directories (HSDirs). These are the relays of the network that allow people to visit hidden services. The author quotes researchers Filippo Valsorda and George Tankersley who presented at the Hack in the Box Security Conference,
When a person wants to host a hidden service, they have to advertise their service on a Tor Onion database, which is a DHT made up of a group of stable relay machines called HSDirs . The person who wants to visit the hidden service has to request information about that service from the database. Therefore, those relays or HSDirs can see who is making the request for a connection and when you want to connect. Therefore, to deanonymize a user’s traffic, an attacker could choose to become the HSDir nodes for the hidden service.
Additionally, researchers from Karlstad University in Sweden found 25 nodes within the The Onion Router (Tor) which showed entities snooping on the supposedly anonymous network. It appears gaps exist. The research shows an unspecified actor from Russia was eavesdropping. Are these snoopers Dark Web intelligence or cybercriminals? We shall stay tuned.
Megan Feil, January 12, 2017
Epi-Search and dtSearch
January 11, 2017
I read about Epi-Search in “Epi-Search, A Free Academic Resource, Lets Researchers Enter Up to 10,000 Words of Text and, Using a dtSearch® Engine API, Find “More Like This” Across the ISCE Library.” The idea is a good one. Plug in a research summary or journal article abstract. The system then outputs related documents. The search plumbing is provided by dtSearch, a vendor based in Bethesda, Maryland.
I ran a test using the description of my Cyberosint: Next Generation Information Access monograph on the system at this link. The system returned 10 hits to related documents. Here’s a partial list:
Only the “Penal Populism” was in the same city as the ball park in which I kick around.
The link to Google search results was in the ball park’s parking lot. But the majority of the Google hits point to sites for cyber security, not for the use of open source intelligence to obtain operational intelligence. The Google search grabbed the notion of bad actors compromising network integrity. Important, but not the game I follow. The Google search results returned by the Epi system were PDF files and advertisements.
On a side note, there is a product called Episerer which is offered by a company called Epi. You can get information at this link. Epi’s content management system includes a search engine marketed as Find. Perhaps the name clash can be resolved?
Stephen E Arnold, January 11, 2017
Coveo Search: Reveal Engine
January 11, 2017
Enterprise search is alive and well when it comes to pivots and jargon. One example is Coveo’s adoption of the moniker “Reveal Engine.” The idea is that one can search to find needed information. If the notion is unclear, you can watch the “Coveo Reveal Engine Explainer Video.” The idea is that Coveo’s software puts intelligence everywhere. I love those categorical affirmatives too.
Coveo explains:
Meet Coveo Reveal Engine, the self-learning technology in the Coveo platform that makes intelligent search even smarter. It continuously analyzes your visitors’ click stream data and behavior patterns captured by search usage analytics, then accurately serves up the content that is most likely to drive conversions and ensure self-service success. In other words, Coveo learns which content delivers the best outcomes and then automatically tunes search results to ensure the right content always rises to the top – without any manual effort on your part. Think of it as having a built-in concierge that intuitively knows what your visitors are looking for. It makes intelligent recommendations based on a deep understanding of what has worked best for others. Coveo understands your visitors’ intent. It auto-completes search terms, provides relevant related search suggestions, and even recommends complementary content they hadn’t originally sought out.
The pivot is that Coveo is positioning its search system to handle self service questions. More information about Coveo is available at www.coveo.com.
Stephen E Arnold, January 11, 2017
The Sophistication of the Dark Web Criminals of Today
January 11, 2017
Vendors of stolen credit card information on the dark web are now verifying their customers’ identities, we learn from an article at the International Business Times, “The Fraud Industry: Expect to be KYC’d by Criminals When Buying Stolen Credit Cards on the Dark Web.” Yes, that is ironic. But these merchants are looking for something a little different from the above-board businesses that take KYC measures. They want to ensure potential clients are neither agents of law-enforcement nor someone who will just waste their time. Reporter Ian Allison cites Richard Harris, an expert in fraud detection through machine learning, when he writes:
Harris said some websites begin with a perfunctory request that the buyer produce some stolen card numbers of their own to show they are in the game. ‘There are various websites like that where undercover cops have been caught out and exposed. Like anybody else, they are in business and they take the security of their business seriously,’ he said.
Things have moved on from the public conception of a hacker in a hoodie who might hack the Pentagon’s website one day and steal some credit card details the next. That was 10 or 15 years ago. Today this is a business, pure and simple. It is about money and lots of it, like for instance the recent hit in Japan that saw a criminal gang make off with ¥1.4bn (£8.9m, $13m) from over 1,400 ATMs in under three hours. They simultaneously targeted teller machines located in Tokyo, Kanagawa, Aichi, Osaka, Fukuoka, Nagasaki, Hyogo,Chiba and Nigata. The Japanese police suspect more than 100 criminals were involved in the heist.
Harris is excited about the potential for machine learning to help thwart such sophisticated and successful, criminals. The article continues with more details about today’s data-thievery landscape, such as the dark-web bulletin boards where trade occurs, and the development of “sniffers” — fake wi-fi hubs that entice users with a promise of free connectivity, then snatch passwords and other delectable data. Allison also mentions the feedback pages on which customers review dark-web vendors, and delves into ways the dark web is being used to facilitate human trafficking. See the write-up for more information.
Cynthia Murrell, January 11, 2017