IBM Discloses Iranian Hacking: Was Watson on the Job?

July 30, 2020

We spotted an interesting nugget of information in “Iran-Linked Hackers Mistakenly Leak Videos of Their Operations in Action: Report.”

The story reveals that:

IBM’s X-Force security team acquired about five hours of video footage of hacking operations by APT35, a hacking group linked to the Iranian government…

Where did the video originate? The answer: Iran.

The IBM researchers got a hold of the footage due to “a misconfiguration of security settings on a virtual private cloud server they’d observed in previous APT35 activity,” the report said, adding that the files were uploaded to the exposed server over a few days in May, just as IBM was monitoring the machine. The APT35 hackers recorded their operations to demonstrate to junior team members how to handle hacked accounts, according to the report. The videos show the hackers how to download the contents of compromised Gmail and Yahoo Mail accounts.

The report does not mention Watson. Interesting.

Stephen E Arnold, July 29, 2020

Amusing Moments: Facebook Pushes Back at a Mere Government

July 29, 2020

The trusted outfit — Thomson Reuters — published “Facebook Sues EU Antitrust Regulator for Excessive Data Requests.” The report is probably typical of every day behavior. The US Congressional hearing looms. Rumors that Facebook will say it defends America against — gasp — China is floating around.

Reuters notes that Facebook does not want the European Union’s regulators asking for documents. The regulators apparently want information suggesting that Facebook took action to further its interests, not those of the EU and its citizens.

But Facebook is defending America. If the Reuters’ story is accurate (which is different from trusted), Facebook believes the best defense is taking the regulators to court.

Defense and defending have some nuances of meaning some in Europe may have overlooked.

Stephen E Arnold, July 29, 2020

Quantexa: A Better Way to Nail a Money Launderer?

July 29, 2020

We noted the Techcrunch article “Quantexa Raises $64.7M to Bring Big Data Intelligence to Risk Analysis and Investigations.” There were a number of interesting statements or factoids in the write up; for example:

Altogether, Quantexa has “thousands of users” across 70+ countries, it said, with additional large enterprises, including Standard Chartered, OFX and Dunn & Bradstreet.

We also circled in true blue marker this passage:

As an example, typically, an investigation needs to do significantly more than just track the activity of one individual or one shell company, and you need to seek out the most unlikely connections between a number of actions in order to build up an accurate picture. When you think about it, trying to identify, track, shut down and catch a large money launderer (a typical use case for Quantexa’s software) is a classic big data problem.

And lastly:

Marria [the founder] says that it has a few key differentiators from these. First is how its software works at scale: “It comes back to entity resolution that [calculations] can be done in real time and at batch,” he said. “And this is a platform, software that is easily deployed and configured at a much lower total cost of ownership. It is tech and that’s quite important in the current climate.”

Some “real time” systems require time consuming and often elaborate configuration to produce useful outputs. The buzzwords take precedence over the nuts and bolts of installing, herding data, and tuning the outputs of this type of system.

Worth monitoring how the company’s approach moves forward.

Stephen E Arnold, July 29, 2020

Digital Shadows: Cyber Monitoring Inside

July 29, 2020

DarkCyber has pointed out in this blog and in the DarkCyber video news programs that cyber security generates hyperbole. Funding sources pump in cash. Companies buy not one cyber security system; big and mid-sized outfits buy news ones with each change of security professionals.

Why?

Most of the cyber security systems focus on what happened in the past. However, bad actors — some well funded by low profile operators — focus on the here and now.

Not surprisingly, competing claims, pricing plays, and fearful prospects keep the wheel spinning.

Digital Shadows Announces Integration with Atlassian Jira” indicates that the stealthy Digital Shadows has moved inside an issue tracking and project tracking platform. Presumably the “SearchLight Inside” deal will deliver better security to Jira users. Will this tie up boost Atlassian stock?

DarkCyber assumes that other Dark Web and cyber threat indexing services will pursue similar “inside” deals.

The real test comes when licensees of these “inside” cyber threat solutions demonstrate they can avoid Garmin- and Twitter-type security breaches.

Stephen E Arnold, July 29, 2020

Google: Human Data Generators

July 29, 2020

DarkCyber spotted this interesting article, which may or may not be true. But it is fascinating. The story is “Google Working on Smart Tattoos That Turn Skin into Living Touchpad.” The write up states:

Google is working on smart tattoos that, when applied to skin, will transform the human body into a living touchpad via embedded sensors. Part of Google Research, the wearable project is called “SkinMarks” that uses rub-on tattoos. The project is an effort to create the next generation of wearable technology devices…

DarkCyber believes that the research project makes it clear that Google is indeed intent collecting personal data. Where will the tattoo be applied? Forehead in Central America street gang fashion?

image

Russian prisoner style with appropriate Google iconography?

image

A tasteful tramp stamp approach?

image

The possibilities are plentiful if the report is accurate.

Stephen E Arnold, July 29, 2020

When Humor and Management Theory Collide: Craziness, Maybe Worse

July 29, 2020

Two write ups made it from our news system into my “must read” file.

The first is by the Big Dog Scott Galloway. An esteemed educator, Mr. Galloway provides punditry and overtalking on the New York Magazine Pivot show. His essay “Fire & Fawning” is fascinating. The charts, the data, and the wordsmithing are noteworthy.

From DarkCyber’s point of view, Mr. Galloway is providing advice to a group of high-technology movers and shakers who are awash in lawyers, advisers, and on-the-payroll wizards.

We noted this comment:

Big tech has won before the hearing starts. Agreeing to let all four testify concurrently inhibits the committee’s ability to go deep on any one issue, and will leave the American public with a sentiment instead of a viewpoint on big tech, much less any conclusions (such as, that the Obama DOJ was asleep at the switch, and Instagram and Whatsapp should be divested). The Covid-inspired remote format dramatically lessens the likelihood of an unscripted moment that reveals something the American public didn’t previously know. Fabric softener for tough questioning is the deep pockets that keep members in power.

If the hearings are “over,” why are an additional 2,200 words required? Answer: The write up is for the elected officials who will be conducting the session. However, elected officials have lawyers, advisers, and “interns” to prepare, review, and make sense of the million plus documents available to the group doing the asking.

The key difference is the billionaire status of those responding, and the billionaire access to wizards.

Granted, political hearings are unlikely to “win” or achieve very much. Maybe some of the interns will get jobs working for the billionaires and get a chance to earn the coveted “wizard” status.

And the data in the write up? Statistical information can be shaped, discredited, and shown to be orthogonal to other data. The art is nice, however.

Net net: The write up plays to a particular audience yet maintains the overtalking tone ill-suited for a podcast and for a “business” essay designed to tell people what to do.

The second essay is “Advice for Jeff Bezos on testifying before Congress from me, the totally real Bill Gates.” The focus is narrowed to Mr. Bezos by a Silicon Valley “real” news outfit. The tone is familiar; for example, “Jeff, buddy.” The intent shares some DNA with Mr. Galloway’s overtalking. Specifically, this Silicon Valley “real” news essay reminded me something called “satirical commentary.” One of the required classes I had to endure 50 plus years ago forced me to read mocking essays and figure out what some guy who lived in Twickenham did to earn the name “the wicked wasp.” This Silicon Valley “real” news outfit’s effort struck me as tone deaf and — I need a neologism I think — snotical. Snotical is a combination of snotty and cynical. The sting? Yes, where is thy sting?

Net net: The write is likely to be ignored by Mr. Bezos’ legions of lawyer, advisers, and quite bright worker bee drone humanoids.

Stepping back from the two essays, three observations I wish to offer are:

  1. Public advice is Monday morning quarterbacking and about as useful
  2. Those far from the fray demonstrate their lack of understanding of hearing processes
  3. New Age hippy dippy management analyses are little more than TikTok videos in prose.

Stephen E Arnold, July 29, 2020

The Curious Case of a SEO Expert Who Sees a Link Between Dining and DarkCyber

July 29, 2020

This is another “SEO Follies” write up by the DarkCyber research team. The essay falls into three parts: First, an explanation of why irrelevant backlinks are the rage among search engine optimization experts; second, how language becomes an irritant and a reflection on the search engine optimization company’s business methods; and, third, some reflections on the stupidity of some SEO or search engine optimization sales methods. I want to point out that SEO professionals mostly bilk unsuspecting customers by promising them that their Web page will be more findable in Google. If a company wants traffic, the company will either have to buy ads from Google or remain deep in a search results list.

The Quest for Backlinks

In my first Google monograph “The Google Legacy”, my research team and I compiled a list of publicly disclosed ranking factors. The list has been used by some universities in their information science courses (example: Syracuse University). The majority of these factors are recycled ideas from other search systems, research conducted by IBM Almaden (example: the CLEVER system), and common sense (example: the more links pointing to a Web page, the “better” that Web page is if one uses de Tocqueville’s concept of average as a way to determine what’s “good”).

The current rage for backlinks is little more than an effort to generate a false “good” score for a Web page. The present technique — practiced by charlatans like the Hustler who makes crazy videos and companies like the once prestigious Boston Consulting Group. Since The Google Legacy, two changes have taken place at Google. First, the company has expanded its grip on online advertising despite the best efforts of Amazon and Facebook. Second, the options for getting independent, objective search results from Google have decreased. The reality is that a business either buys traffic or pays a charlatan pitching search engine magic. Either way, a business has to pay for traffic. There are exceptions, but these are forced upon Google due to exogenous circumstances and most organizations cannot rely on an anomaly to publicize their existence.

The trend I have noticed is that requests for backlinks are coming more and more frequently. Here’s an example I received from a company in the UK authored by an SEO marketer delightfully named Izaak Crook. He wrote:

HI Sa,

How’s it going? I’m Izaak from AppInstitute.

I was browsing arnoldit.com and I noticed you’d covered Restaurant Technology before, linking to https://restauranttechnologynews.com/2019/07/online-food-delivery-fraud-increasing-can-tech-address-problem from http://arnoldit.com/wordpress/category/statistics/

I wondered if you’d be interested in checking out our post “7 Restaurant Technology Trends to Watch Out for in 2020”. We take a look at some of the key restaurant technologies to watch out for and how they’re going to change the industry.

If you deem it worthy of a link from arnoldit.com that would be a dream come true.

Either way, it’d be cool to discuss how we can collaborate in the future. Enjoy your Friday and speak soon!

Kind Regards,

Izaak

I had my team poke around and we learned that Mr. Crook (love that name, right?) works at a firm named AppInstitute. According the company’s Web site, the group develops “apps.” Why is an app development company wanting me to link to a story about restaurant fraud. Sure, DarkCyber covers cybercrime, but odd ball references just underline my point about SEO silliness and the belief among SEO experts that backlinks will get significant traction with the new, revenue hungry Google. (Sure, Google generates a great deal of money, but the company is smart enough to realize that the unregulated, anything world of the pre-Trump era is ending. Plus, Google costs are getting very difficult to control. Then Google has to consider the Amazon and Facebook advertising competitors. These companies are not Excite and Lycos.

The Language of the SEO World

In an email exchange with Mr. Crook (wonderful, evocative name, is it not?) he used this phrase:

Okay, Boomer.

I am a septuagenarian, 76 soon to be 77. I had to contact two members of my DarkCyber research team to get a read on the phrase “Okay, Boomer.” I was aware that a baby boomer described people born after World War II. From my team, I learned that it is:

  • An age-biased slur when used to indicate that a person of age is out of touch with someone who is a thumbtyper, TikToker, and Facebook champion
  • A derogatory term for a person who is older than a Gen X or Millennial
  • An indicator that the person called a “boomer” is stupid, out of touch, irrelevant, a nuiscance, etc.

The team told me that if I were called a Boomer in a public setting, I could contact one of my attorneys and pursue the hate speech angle. Hate speech. Directed at a person soon to be 77. Over an overly familiar email asking for something for free.

The AppInstitute email is representative of the SEO junk I receive on a daily basis. I did not like the tone of the email and I was not happy to learn that boomer was a slur.

First, the familiarity of the “Hi” and the use of two of my initials indicates a certain casual mindset, a thought process incapable of understanding how familiarity is interpreted by someone like me as either careless or stupid. Call me old fashioned, but “Mr. Arnold” is what I prefer in business email.

Second, the reference to a Beyond Search/DarkCyber story about restaurants is amusing. I don’t write about restaurants; I eat at restaurants. Anyone who has looked at any of the more than 13,000 articles in this blog can figure out that feeding people is not one of my primary, secondary, or tertiary interests. I am not going to “check out” a frothy, probably substandard report about the restaurant industry. Apparently Izaak has not seen Yelp’s report about the state of the restaurant business. Here’s a story called “Nearly 16,000 Restaurants Have Closed Permanently Due to the Pandemic, Yelp Data Shows.” Read it, Izaak Crook. Yelp’s information obviates the need for a “report”.

Third, note the word choice. Izaak had a thesaurus handy I would wager or his prestigious employer provided him with a spam script and ready-to-roll bot:

One syllable fancy word: deem

Two syllable fancy word: worthy

Four syllable jargony word: collaborate

Then there were colloquial phrases like:

checking out

watch out for

going to change

dream come true

cool.

Izaak adds this thoughtful postscript: “Don’t want emails from us anymore? Reply to this email with the word “UNSUBSCRIBE” in the subject line.”

The entire email screams spam, carelessness, failure to know to whom one is writing, and arrogance. Am I going to do something for an unknown entity named Izaak Crook without sending a bill? Answer: Not a chance.

My research team told me that the Izaak Crook entity is a person. He is the head of marketing and he is a T shaped marketer, a growth hacker, and an “SaaS fanatic.” He’s spent 14 months performing search engine optimization and conversion rate optimization for the first class outfit AppInstitute. He was a digital communications apprentice for a company called Champions UK plc. Before that he was a social media manager. I love the “apprentice” role as part of an SEO’s work history.

Now Mr. Crook (an evocative name, is it not?) markets the App Institute. A quick reveals that this top drawer outfit is an “AppBuilder for busy small business owners.” The CEO is Ian Naylor who is a serial entrepreneur. I have been told my one of my researchers that the company is small and seems to do many things, not just apps. SEO is one of those many things.

Stepping Back

I have written a number of blog posts, articles, and essays about the loss of relevance in ad-supported Web search systems. The erosion of relevance, to summarize, my conclusions is the result of three factors:

  1. A need to generate revenue in order to pay for indexing, updating, and serving answers to users’ queries.
  2. A desire on the part of marketers and webmasters to get coverage in search result pages without having to pay Google for traffic
  3. The more recent imperative of the ad-supported Web search engines to extend their control over flows of user behavior data.

In this environment, clicks, psychological tells via clicks, and surveillance technology mean that comprehensive data collection are essential. Traffic results from feedback loops and intentional presentation of certain content. Free visibility is not part of the game plan.

SEO marketing is going to fail. Some tactics may spoof Mother Google and deliver a short term boost. However, Mother Google wants SEO to fail because it forces the SEO wizard to herd those desperate for traffic into the advertising kill pen.

Who knows this simple game plan? Maybe the SEO expert who also moonlights as an ad sales rep for Google does? I surmise that Google continues to cultivate SEO professionals as part of the company’s ad sales strategy.

Why write me? Certainly Mr. Crook cares not a whit for my blog and content. He wants a link. He wants to make a sale. He wants to get the client to buy more and more SEO and then AppInstitute will probably sell that customer Google advertising and get a commission.

No thanks, Mr. Crook. I want no part of your SEO scam. I don’t want to help out AppInstitute. However, I do hope that the upcoming Congressional hearings lead to meaningful regulation of certain large high technology firms.

But we live in Rona times, and I must admit, the odds of ethical, responsible behavior are long.

And the links Mr. Crook (tasty, evocative name) wants? Here they are:

Izaak Crook: izaak@appinstitute.co

AppInstitute: https://appinstitute.com/

It seems to some of the DarkCyber team that “Boomer” is hate speech.

Slick marketing method indeed.

Stephen E Arnold aka “Boomer”, July 29, 2020

Oracle and Blockchain

July 28, 2020

Amidst the angst about US big technology companies, Rona, and Intel’s management floundering, Oracle blockchain is easy to overlook. “Oracle Updates Blockchain Platform Cloud Service.” The title alone invokes the image of Amazon’s blockchain platform and its associated moving parts.

The write up focuses on Oracle as if the Amazon and other options do not exist. But the parallels with Amazon’s blockchain services are clearly articulated. The article reports:

Blockchain Platform Cloud Service features stronger access controls for sharing confidential information, greater decentralization capabilities for blockchain consortiums, and stronger audibility when rich history database feature is used in conjunction with Oracle Database Blockchain Tables.

Even more Amazon envy seems to have influenced this “new” feature:

Oracle Cloud Infrastructure Availability Domains (and in the regions with a single Availability Domain, three Fault Domains) to provide stronger resilience and recoverability, with the SLA for the Enterprise SKUs of at least 99.95%.

The line up of services strikes me as having been developed after reading Amazon’s blockchain documentation; for example:

  • On demand storage
  • Spiffed up access controls
  • Workflow functions.

There is one difference, however. It appears that Oracle wants to tackle Amazon blockchain at a weak point: Price. Oracle is not likely to be significantly cheaper than AWS blockchain. Oracle wants to make its pricing more or less understandable to a prospect.

Will clarity allow Oracle to compete with Amazon blockchain?

After losing Amazon as a customer and watching the online book store pump out blockchain inventions for several years, Oracle hopes its approach will prevail or at least catch up with the Bezos bulldozer.

Stephen E Arnold, July 28, 2020

Alleged Business Practices of the Rich and Worshipped or Ethics R Us

July 28, 2020

DarkCyber spotted two separate stories which address a common theme. The write ups are “new age” news, so allegations, speculation, and political perspectives infuse the words used in each of these. Nevertheless, both write ups merit noting because two points are useful when a trend line may lurk in the slope between the dots.

The first article is “Google Spying on Users’ Data to Learn How Rival Apps Work: Report.” The article asserts:

Google is reportedly keeping tabs to how its users interact with rival Android apps, selectively monitoring how the users interact with non-Google apps via an internal program to make its own products better.

The article jumps to Google’s unique ability to see lots of data from its privileged position of being involved in each facet of certain markets: Channel, partner, vendor, developer, and customer. The operative word in the title is “spying,” but the issue is ethical and socially responsible behavior. Some science club members want access to the good stuff in the electronics supply door. Hey, cool.

The second write up is about everyone’s favorite online retailer, cloud vendor, and services firm. DarkCyber thinks the logo of Amazon should be the Bezos bulldozer. It landscapes the way it wants. “Amazon Reportedly Invested in Startups and Gained Proprietary Information before Launching Competitors, Often Crushing the Smaller Companies in the Process” is one of those stories whose title is the story. We noted this passage in the write up as additive:

Amazon met with or invested in their companies, only to later build its own products that directly competed with the smaller company.

Let’s assume that these write ups are mostly accurate. The behaviors are untoward because those duped, bilked, fooled, or swindled assumed that those across the table were playing with an unmarked deck and wanted an honest game.

DarkCyber sees the behavior as similar to a “land grab.” As long as there is minimal anti monopoly enforcement and essentially zero consequences in a legal process, the companies identified in these write ups can do what they want. DarkCyber thinks that the behaviors are institutionalizes; that is, even with changes in senior management and regulatory oversight, the organizations will, like a giant autonomous mine truck, just keep rolling forward. When the truck rolls over a worker, collateral damage. That’s how life works in the gee whiz world of high technology.

Stephen E Arnold, July 28, 2020

Google Shopping and Relevance. Ho, Ho, Ho

July 28, 2020

DarkCyber tested Google Shopping. The query was golf shirts for men –Amazon. Here is page 9 of the result:

image

Some observations. Four of the seven shirts were for products intended for females. One of the products was for a jacket. The other products were for bulk orders of golf shirts.

About that relevance algorithm? Ho, ho, ho.

Stephen E Arnold, July 28, 2020

« Previous PageNext Page »

  • Archives

  • Recent Posts

  • Meta