LinkedIn Phishing
February 22, 2021
One of the news items in an upcoming DarkCyber talks about LinkedIn phishing exploits. I want to mention this method of hijacking or intruding into a system for two reasons. First, Microsoft has been explaining and reframing the SolarWinds’ security misstep for a couple of months. The Redmond giant has used explanations of the breach to market its Windows and Azure security systems. LinkedIn is a Microsoft property, and it seems as if Microsoft would clamp down on phishing attacks after it lost some of the source code to Exchange and a couple of other Microsoft crown jewels. Second, LinkedIn, like Microsoft Teams, is going through a featuritis phase. The service is making publishing, rich media, in message links, and group functions more easily available. The goal is to increase the social network’s value and revenue, particularly among those seeking employment. There’s nothing like a malicious exploit that kills a job hunter’s computing to brighten one’s day.
The article “Phishers Tricking Users via Fake LinkedIn Private Shared Document” explains the exploit. The write up says:
The phishing message is delivered via LinkedIn’s internal messaging system and looks like it has been sent by one of the victim’s contacts. The message urges the recipient to follow a third-party link to view a document.
If you want more details, check out the full Help Net Security post.
In the wake of SolarWinds, I think that Microsoft needs to button up its security. Less marketing and more substantive action seems to be appropriate. Microsoft will be the plumbing for the JEDI program. What vulnerabilities exist within this system? Hopefully none, but recent events and this LinkedIn phishing information suggest reality is insecure.
Stephen E Arnold, February 22, 2021
The Semantic Web Identity Crisis? More Like Intellectual Cotton Candy?
February 22, 2021
“The Semantic Web identity Crisis: In Search of the Trivialities That Never Were” is a 5,700 word essay about confusion. The write up asserts that those engaged in Semantic Web research have an “ill defined sense of identity.” What I liked about the essay is that semantic progress has been made, but moving from 80 percent of the journey over the last 20 percent is going to be difficult. I would add that making the Semantic Web “work” may be impossible.
The write up explains:
In this article, we make the case for a return to our roots of “Web” and “semantics”, from which we as a Semantic Web community—what’s in a name—seem to have drifted in search for other pursuits that, however interesting, perhaps needlessly distract us from the quest we had tasked ourselves with. In covering this journey, we have no choice but to trace those meandering footsteps along the many detours of our community—yet this time around with a promise to come back home in the end.
Does the write up “come back home”?
In order to succeed, we will need to hold ourselves to a new, significantly higher standard. For too many years, we have expected engineers and software developers to take up the remaining 20%, as if they were the ones needing to catch up with us. Our fallacy has been our insistence that the remaining part of the road solely consisted of code to be written. We have been blind to the substantial research challenges we would surely face if we would only take our experiments out of our safe environments into the open Web. Turns out that the engineers and developers have moved on and are creating their own solutions, bypassing many of the lessons we already learned, because we stubbornly refused to acknowledge the amount of research needed to turn our theories into practice. As we were not ready for the Web, more pragmatic people started taking over.
From my point of view, it looks as if the Semantic Web thing is like a flashy yacht with its rudders and bow thrusters stuck in one position. The boat goes in circles. That would drive the passengers and crew bonkers.
Stephen E Arnold, February 22, 2021
Microsoft GitHub Goodie: Social Profile Finder
February 22, 2021
Do you want to locate the social media profile of a person? How about locating that social media profile across several hundred online services? Sounds good, doesn’t it? You can try this open source tool by navigating to Social Analyzer, downloading the code, and reading the documentation. Is this open source software as good as some of the tools available from specialized service providers? The answer is, “In some situations, it’s close enough to horseshoes.” The GitHub information says:
This project is “currently used by some law enforcement agencies in countries where resources are limited”.
Do some commercial specialized services providers charge their customers for access to this tool? Does Vladimir Putin have a daughter who is an expert dancer?
There are some interesting functions in this open source package; for example:
- Email detection
- Use of OCR to make sense of content in images
- String and entity name analysis.
Having a user name and password for each system may come in handy as well. Microsoft is a helpful outfit in some ways.
Stephen E Arnold, February 22, 2021
Palantir Fourth Quarter Results Surprises One Financial Pundit
February 22, 2021
I read “Palantir Stock Slides As It Posts a Surprise Loss in Fourth Quarter.” The pundit noted:
Palantir stock has been very volatile this year. It is among the stocks that were been pumped by the Reddit group WallStreetBets. Palantir stock had a 52-week high of $45 amid frenzied buying. However, as has been the case with other meme stocks, it is down sharply from its recent highs. Based on yesterday’s closing prices, Palantir stock has lost almost 30% from its 52-week highs. The drawdown is much lower than what we’ve seen in stocks like GameStop and AMC Theatres. But then, the rise in Palantir stock was also not comparable to the massive gains that we saw in these companies.
Yikes. Worse than GameStop? Quite a comparison.
The pundit pointed out:
Palantir has been diversifying itself away from government business that currently accounts for the bulk of its revenues. This year, it has signed many deals that would help it diversify its revenues. Earlier this month, Palantir announced that it has extended its partnership with energy giant BP for five more years.
Who knew that a company founded in 2003 would have difficulty meeting Wall Street expectation? Maybe that IBM deal and the new US president’s administration can help Palantir Technologies meet financial experts’ expectations?
Search and content processing companies have been worn down by long sales cycles, lower cost competitors, and the friction of customization, training, and fiddling with content intake.
Palantir might be an exception. Stakeholders are discomfited by shocks.
Stephen E Arnold, February 22, 2021
Alphabet Google: High School Science Club Management Breakthrough
February 20, 2021
The Google appears to support the concepts, decision making capabilities, and the savoir faire of my high school science club. I entered high school in 1958, and I was asked to join the Science Club. Like cool. Fat, thick glasses, and the sporty clothes my parents bought me at Robert Hall completed by look. And I fit right in. Arrogant, proud to explain that I missed the third and fourth grades because my tutor in Campinas died of snake bite. I did the passive resistance thing, and I refused to complete the 1950s version of distance learning via the Calvert Course, and socially unaware – yes, I fit right in. The Science Club of Woodruff High School! People sort of like me: Mid western in spirit, arrogant, and clueless. Were we immature? Does Mr. Putin have oligarchs as friends?
With my enthusiastic support, the Woodruff High School Science Club intercepted the principal’s morning announcements. We replaced mimeograph stencils with those we enhanced. We slipped calcium carbide into chemistry experiments involving sulfuric acid. When we we taken before the high school assistant principal Bull Durham, he would intone, “Grow up.”
We learned there were no consequences. We concluded that without the Science Club, it was hasta la vista to the math team, the quick recall team, the debate team, the trophies from the annual Science Fair, and the pride in the silly people who racked up top scores on standardized tests administered to everyone in the school.
The Science Club learned a life lesson. Apologize. Look at your shoes. Evidence meekness and humility. Forget asking for permission.
I thought about how the Science Club decided. That’s an overstatement. An idea caught our attention and we acted. I stepped into the nostalgia Jacuzzi when I read “Google Fires Another AI Ethics Leader.” A déjà vu moment. The Timnit Gibru incident flickers in the thumbtypers’ news feeds. Now a new name: Margaret Mitchell, the co-lead of Google’s Ethical AI team. Allegedly she was fired if the information in the “real” news story is accurate. The extra peachy keen Daily Mail alleged that the RIF was a result of Ms. Mitchell’s use of a script “to search for evidence of discrimination against fired black colleague.” Not exactly as nifty as my 1958 high school use of calcium carbide, but close enough for horseshoes.
Even the cast of characters in this humanoid unfriending is the same: Uber Googler Jeff Dean, who Sawzall and BigTable problems logically. The script is a recycling of a 1930’s radio drama. The management process unchanged: Conclude and act. Wham and bam.
The subject of ethics is slippery. Todd Pheifer, a doctor of education wrote Business Ethics: The Search for an Elusive Idea and required a couple of hundred pages to deal with a single branch of the definition of the concept. The book is a mere $900 on Amazon, but today (Saturday, February 20, 2021, it is not available.) Were the buyers Googlers?
Ethics is in the title of the Axios article “Google Fires Another AI Ethics Leader,” and ethics figures in many of the downstream retellings of this action. Are these instant AI ethicist zappings removals the Alphabet Google equivalent of the Luxe Half-Acre Mosquito Trap with Stand? Hum buzz zap!
In my high school science club, we often deferred to Don and Bernard or the Jackson Brothers. These high school wizards had published an article about moon phases in a peer-reviewed journal when Don was a freshman and Bernard was a sophomore. (I have a great anecdote about Don’s experience in astrophysics class at the University of Illinois. Ask me nicely, and I will recount it.)
The bright lads would mumble some idea about showing the administration how stupid it was, and we were off to the races. As I recall, we rarely considered the impact of our decisions. What about ethics, wisdom, social and political awareness? Who are you kidding? Snort, snort, snort. Life lesson: No consequences for those who revere good test takers.
As it turned out, most of us matured somewhat. Most got graduate degrees. Most of us avoided super life catastrophes. Bull Durham is long dead, but I would wager he would remember our brilliance if he were around today to reminisce about the Science Club in 1958.
I am grateful for the Googley, ethical AI related personnel actions actions. Ah, memories.
Several questions with answers in italic:
- How will Alphabet Google’s effort to recruit individuals who are not like the original Google “science club” in the wake of the Backrub burnout? Answer: Paying ever higher salaries, larger bonuses, maybe an office at home.
- Which “real” news outfit will label the ethical terminations as a failure of high school science club management methods? Answer: None.
- What does ethics means? Answer: Learn about phenomenological existentialism and then revisit this question.
I miss those Science Club meetings on Tuesday afternoon from 3 30 to 4 30 pm Central time even today. But “real” news stories about Google’s ethical actions related to artificial intelligence are like a whiff of Dollar General air freshener.
Stephen E Arnold, February 22, 2021
Facebook Decision Sparks Colorful Language
February 19, 2021
I noted this headline:
Facebook Gives Middle finger to Australia as Google Strikes Multi-Million Dollar Deals over News
Very colorful. Google decided to write checks, not do the crazy pull out a country play bandied about. Facebook, on the other hand, seems content to kiss the kangaroos good bye. Not shrimp on the barbie when Mr. Zuck entertains, I assume.
The write up with the middle finger headline includes this quote from a Googler:
In response to Australia’s proposed new Media Bargaining law, Facebook will restrict publishers and people in Australia from sharing or viewing Australian and international news content,” wrote William Easton, managing director of Facebook Australia & New Zealand in a blog post. “The proposed law fundamentally misunderstands the relationship between our platform and publishers who use it to share news content.
What happened to Melanie Silva the Managing Director,, Google Australia and New Zealand. She assumed her job in November 2020 or October 2018 depending on which source one examines. She was — at least to me — the hard line Googler.
But the article with the middle finger headline focuses on William Easton. He has VP attached to his title. What’s interesting is that he was at Facebook before becoming a Googler.
What I find interesting is that both Ms. Silva and Mr. Easton are finance types.
Remember the good old days of Google when senior executives were engineers?
Who at Google is calculating the cost of paying for news to publishers worldwide? How many ad sales will it take to offset the cost of news? The Google News page has lacked ads for many years. Perhaps that will change? If not, Google will have to trim more costs and find a way to hold down costs.
The Google is entering a new phase and high school science club management tactics won’t work. Writing checks does it seems.
Stephen E Arnold, February 19, 2021
Fixing the Innovation Economy?
February 19, 2021
I read “How to Fix What the Innovation Economy Broke about America.” I noted this sentence:
No initiative, no program, no development aid will, by itself, solve
the deepest problem of all: distrust of American institutions. Reagan
told Americans that government was not the solution, it was the
problem.
I asked myself, “Does MIT lack the institutional memory to recall that it accepted funds from Jeffrey Epstein?” The decision failure makes clear that the problems with the analysis in the article manifests itself in the actions of entities like MIT.
Social and intellectual failure cannot be attributed to a single factor. Its remediation begins with institutions and the individuals who comprise those entities. Innovation is one chemical in the exhaust generated by actions which are corrosive.
Pontification is okay. Bandying about words like “trust” is hand waving.
Stephen E Arnold, February 19, 2021
What Threats Does Cyber Security Software Thwart?
February 19, 2021
I asked myself this question, “What threats does cyber security software thwart?” The SolarWinds’ misstep went undetected for months, maybe a year or more. I read “France Agency ANSSI Links Russia’s Sandworm APT to Attacks on Hosting Providers.” Reuters ran a short news item as well. You can read the report via this link. I don’t want to wade through the cyber security jargon in this post. Instead I want to highlight one fact: The “intrusions” dated back to 2017. Okay, this is another time block in which cyber security systems operated and failed to detect the malicious behavior.
The vector of attack was software used by Centreon. What’s Centreon do?
What’s ANSSI?
The French National Agency for the Security of Information Systems or Agence nationale de la sécurité des systèmes d’information.
What’s Centreon? LinkedIn says:
Centreon is a global provider of business-aware IT monitoring for always-on operations and performance excellence. The company’s holistic, AIOps-ready platform is designed for today’s complex, distributed hybrid cloud infrastructures. Privately held, Centreon was founded in 2005 as an open source software framework. Today, Centreon is trusted by organizations of all sizes across a wide range of public and private sectors. Centreon is headquartered in Paris and Toronto, with sales offices in Geneva, Luxembourg and Toulouse.
What’s Hub One?
It is a subsidiary of Aéroports de Paris. Hub One provides high speed radio networks and services to outfits like Air France and the French government.
What’s an APT?
An advanced persistent threat. The idea is that malware is inside a system or software and is able to remain undetected while it follows instructions from a bad actor.
Now back to the 2017 date.
The point is that current cyber security systems may not be able to provide the defenses which marketers tout.
We’re talking years which strikes me as very SolarWinds-like. Then there is the persistent question: What’s up with the commercial cyber security systems?
Stephen E Arnold, February 19, 2021
Google in France: Are Wine and Cheese Included in the Deal?
February 19, 2021
Google News aggregates news content from various media outlets, but it does not pay the outlets for the content. Some content on Google News requires subscriptions to specific outlets, but overall the information is free. Media outlets are upset that Google does not pay them for their content, although Google could argue that they are driving traffic to their Web site and offer free exposure. Traffic and exposure are not enough for French publishers, says the Seattle PI in, “Google, French Publishers Sign Copyright News Payment Deal.”
Google France negotiated with the Alliance de la Presse d’Information Generale for months to agree upon a framework where Google would pay licensing fees to French publishers. Google needed this deal after France was the first country to adopt the European Union’s new copyright rules.
The new rules were made, because of money and lack of quality news:
“Under the framework agreement, payments will be based on criteria such as the amount published daily and monthly internet traffic. Google did not spell out how much money would be paid to the group’s members. News companies had pushed for the EU copyright reform amid worries that quality journalism is declining as ad revenue gets siphoned off by the digital giants.”
It makes sense, especially when big tech companies created the technology that enables misinformation bad actors to spread conspiracy theories. The technology itself is not bad, but can cause harm. Google is benefiting from journalists’ hard work, but also dumbing down the medium as well as stealing its’ power. Journalists, like other professionals, should be paid for their work, especially if they focus on telling quality stories.
Whitney Grace, February 19, 2021
Alphabet Google: Rambling, Scrambling, and Managing
February 18, 2021
The Google — actually Alphabet — has been beavering away in Silicon Valley. So much to do and so little time. First, the company caught the attention of gamers with its interesting Stadia crawfishing. Hey, that could be a video game similar to Angry Birds. The GOOG does not innovate; the Google imitates and duplicates. That’s definitely been a secret sauce in the instant messaging department.
Next, the company cut a deal with Australia. Isn’t that the stomping ground for Rupert Murdoch, the bright white light and clear blue flame thinker for news? Mr. Rupert has captured headlines with analyses by the laser intellect of a “real news” generator. You can read that remarkable analysis here.
And the cherry on top of the Googley banana split is reorganizing its artificial intelligence unit. The story “Google to Reorganize AI Teams in Wake of Researcher’s Departure” states:
Google has sought to diffuse employee rancor stemming from the acrimonious departure of a prominent Black researcher, Timnit Gebru. The responsible AI teams will roll up to Marian Croak, a Black Google executive who currently serves as a vice president of engineering focused on site-reliability matters. Croak will report to Jeff Dean, the senior vice president of Google AI.
Each of these is a potential top tier business school case study. That seems unlikely, however, in the aftermath of the Covid thing’s impact on some universities and advanced degrees programs. Consider these business implications of each of these examples of stellar management certitude:
- Stadia seems to have arrived and departed much like Dodgeball and Web Accelerator. Quick decisions are one hallmark of thoughtful, organized business actions.
- The “pay to play” model seems to provide incentive to large publishers to accept Google’s cash. Google’s reluctance to pay for news, its saber rattling, its posturing by the company’s Australian executives, vaporized with what I call a Rupert deal.
- The reorganization of Google AI has more to do with preserving the Google status quo than substantive change. Isn’t Dr. Jeff Dean still in charge? Wasn’t he the wizard who added an accelerant to the Gibiru affair.
Let’s step back. In the space of a week, Google — actually Alphabet — has abandoned the science club approach to reality. Google is killing products after praising the workers soon to be terminated. Google is buying cooperation from the inspiration behind today’s Wall Street Journal and Fox News. Plus Google is trying to deal with employee unrest with an old school management technique: Shuffling deck chairs. (Hey, I did not mention the Titanic. You thought that. Come on. Admit it.)
What have we learned? One can view Google’s actions as brilliant managerial execution. On the other hand, Google seems to be showboating. There is also a middle ground. The new Google just does not know what to do: Be forceful, spend money, reorganize, and demonstrate the values of managers who really miss the high school science club meetings from a past long dead but not forgotten.
Stephen E Arnold, February 18, 2021